Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/zObpyH79KChoSlGti4AGaBgdLv0.roa
File: zObpyH79KChoSlGti4AGaBgdLv0.roa (raw, json)
Hash identifier: EPtqhNtxn7Dq5hGKOuwbYLITPMecc5Ql1imyfAiYR80=
Subject key identifier: CC:E6:E9:C8:7E:FD:28:28:68:4A:51:AD:8B:80:06:68:18:1D:2E:FD
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 051D
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/zObpyH79KChoSlGti4AGaBgdLv0.roa
Signing time: Tue 13 May 2025 21:38:02 +0000
ROA not before: Tue 13 May 2025 21:38:02 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1309 (0x51d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 13 21:38:02 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=CCE6E9C87EFD2828684A51AD8B800668181D2EFD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:68:b7:24:31:bc:58:1a:a8:d4:dd:65:c3:07:
4f:34:db:5c:d9:56:91:d3:fd:56:26:af:43:04:b9:
c6:21:4c:72:a1:7c:4a:de:53:a3:0b:b2:d3:16:58:
f2:1e:91:ca:ab:c3:20:dc:f9:77:26:62:2a:d2:05:
66:69:a1:c1:81:7d:64:4b:dd:b9:05:6b:79:83:24:
82:77:f4:a7:7c:a9:77:8a:ff:53:b8:37:13:f4:5f:
d3:10:7a:15:7e:09:01:c6:af:e5:66:11:b1:40:2c:
5c:0f:3d:ad:32:51:3d:2e:93:12:7a:80:de:52:aa:
52:ef:67:19:eb:b2:36:90:4d:9e:a1:c1:d3:43:5d:
80:17:44:6c:0d:d1:4f:df:41:5a:4d:d7:b9:82:c2:
57:59:33:63:9e:03:72:cd:50:ea:e5:5d:72:dc:c3:
f8:6b:1d:c2:93:bd:48:ec:e3:37:d8:ef:8d:e0:ed:
77:c3:07:ed:08:e2:ee:84:8a:4b:da:00:60:d8:43:
5e:dd:ff:bb:0f:27:ed:f6:ae:7c:11:2f:2a:79:b5:
18:ba:95:ba:21:ad:b3:20:d2:4a:70:6f:9e:0c:ae:
47:9f:03:6b:41:e8:d2:4e:62:ad:1f:c0:87:26:78:
19:14:0a:ea:63:3c:a4:1d:d2:c1:1d:b7:5d:f7:f0:
93:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:E6:E9:C8:7E:FD:28:28:68:4A:51:AD:8B:80:06:68:18:1D:2E:FD
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/zObpyH79KChoSlGti4AGaBgdLv0.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
1f:57:91:02:a4:1d:23:52:90:81:93:e6:69:ad:02:99:4b:7a:
71:d7:9d:9c:9f:84:41:cc:69:b0:ae:83:cf:12:0c:92:63:b7:
f2:fd:26:d1:7f:2c:88:d1:f1:96:e3:68:73:41:b7:3c:0a:44:
23:a9:3e:ab:f4:87:9f:7a:1e:46:c1:3c:36:92:a3:e2:4d:19:
68:3c:84:ab:c5:29:d5:68:58:ea:6c:66:dc:a4:a7:6f:94:91:
3e:62:00:28:60:4b:12:8d:69:3c:a8:f0:34:55:fd:d6:17:88:
30:d5:d2:93:4b:f1:54:58:b9:c0:6d:f6:7a:b8:f6:49:f9:71:
2f:d7:54:32:08:e3:24:76:7d:9b:88:6b:fa:88:57:c1:31:2f:
1b:b4:07:f7:f9:19:e0:23:05:34:78:67:8a:7a:f7:23:b4:55:
21:4a:03:e9:d6:40:1c:fd:13:7a:08:ab:36:f7:66:46:44:54:
b3:b2:c5:17:74:15:43:68:b2:16:25:ae:42:85:cd:47:ff:64:
a6:e0:bd:ac:90:c5:84:cb:88:c0:30:76:d1:89:8e:a4:36:94:
48:30:12:4a:58:40:79:54:d5:0d:15:a1:e5:9f:5c:cb:fd:f9:
b2:57:cf:13:a2:8e:a5:4a:aa:97:13:ca:8f:41:02:94:4c:a1:
e4:9a:e6:52
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICBR0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTMy
MTM4MDJaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKENDRTZFOUM4N0VGRDI4
Mjg2ODRBNTFBRDhCODAwNjY4MTgxRDJFRkQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC9aLckMbxYGqjU3WXDB08021zZVpHT/VYmr0MEucYhTHKhfEre
U6MLstMWWPIekcqrwyDc+XcmYirSBWZpocGBfWRL3bkFa3mDJIJ39Kd8qXeK/1O4
NxP0X9MQehV+CQHGr+VmEbFALFwPPa0yUT0ukxJ6gN5SqlLvZxnrsjaQTZ6hwdND
XYAXRGwN0U/fQVpN17mCwldZM2OeA3LNUOrlXXLcw/hrHcKTvUjs4zfY743g7XfD
B+0I4u6EikvaAGDYQ17d/7sPJ+32rnwRLyp5tRi6lbohrbMg0kpwb54MrkefA2tB
6NJOYq0fwIcmeBkUCupjPKQd0sEdt1338JM7AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUzObpyH79KChoSlGti4AGaBgdLv0wHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni96T2JweUg3OUtDaG9TbEd0
aTRBR2FCZ2RMdjAucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBAB9XkQKkHSNSkIGT5mmtAplLenHXnZyfhEHM
abCug88SDJJjt/L9JtF/LIjR8ZbjaHNBtzwKRCOpPqv0h596HkbBPDaSo+JNGWg8
hKvFKdVoWOpsZtykp2+UkT5iAChgSxKNaTyo8DRV/dYXiDDV0pNL8VRYucBt9nq4
9kn5cS/XVDII4yR2fZuIa/qIV8ExLxu0B/f5GeAjBTR4Z4p69yO0VSFKA+nWQBz9
E3oIqzb3ZkZEVLOyxRd0FUNoshYlrkKFzUf/ZKbgvayQxYTLiMAwdtGJjqQ2lEgw
EkpYQHlU1Q0VoeWfXMv9+bJXzxOijqVKqpcTyo9BApRMoeSa5lI=
-----END CERTIFICATE-----
Generated at Wed Jun 4 01:02:17 2025 by rpki-client