Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/zcDEbTJEsbVnb4ALiCUTI7fmYOY.roa
File: zcDEbTJEsbVnb4ALiCUTI7fmYOY.roa (raw, json)
Hash identifier: ip0xghPBIVm2ydkOQI7KBZ2b7JRRz7Clr1iwY0hfZaI=
Subject key identifier: CD:C0:C4:6D:32:44:B1:B5:67:6F:80:0B:88:25:13:23:B7:E6:60:E6
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0549
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/zcDEbTJEsbVnb4ALiCUTI7fmYOY.roa
Signing time: Wed 14 May 2025 03:08:01 +0000
ROA not before: Wed 14 May 2025 03:08:01 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1353 (0x549)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 14 03:08:01 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=CDC0C46D3244B1B5676F800B88251323B7E660E6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:90:a5:41:f5:a5:e4:67:0a:6e:77:94:17:20:
c4:11:ee:85:82:61:c0:34:56:fc:12:33:c0:28:40:
d3:53:96:e4:de:6b:31:54:cd:67:68:48:51:77:e8:
ee:74:b2:31:cf:a1:38:fd:ed:c6:76:74:d7:04:f3:
2e:00:18:a3:d0:34:8d:97:c8:fc:5a:6d:c8:dc:ec:
21:48:f8:2b:cb:41:8b:39:75:de:8d:3c:73:09:8a:
2a:d8:47:56:5e:ed:1c:bb:6e:42:59:e8:b7:0a:98:
62:e4:16:bd:90:85:fe:ea:eb:ee:05:5b:f8:fc:38:
92:fa:c4:cd:45:84:04:6c:32:9f:87:e6:f1:2e:62:
32:c9:e5:9c:fd:13:5c:22:87:9d:f4:fd:a6:e7:4d:
5a:7a:de:48:11:fe:b5:38:c7:3a:c3:f4:c6:16:c1:
b6:b1:ab:57:2a:6d:74:98:e7:b2:82:6f:56:84:96:
10:b9:3e:84:4f:0c:c4:ec:b7:d3:f1:e8:9d:e7:47:
5f:92:4c:d4:e9:c9:6b:0d:86:28:65:7b:77:46:56:
fc:f9:5e:2d:50:02:3b:68:b3:96:ad:f0:3b:21:10:
db:4f:52:7d:e5:72:c7:77:12:3b:97:09:e0:80:3e:
05:2d:4e:7b:a6:05:06:96:28:d7:ba:8b:0d:43:95:
20:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:C0:C4:6D:32:44:B1:B5:67:6F:80:0B:88:25:13:23:B7:E6:60:E6
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/zcDEbTJEsbVnb4ALiCUTI7fmYOY.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
53:38:2e:0f:ef:2d:6e:3a:54:84:07:d3:9a:25:62:a0:8e:7f:
cd:0d:db:53:66:24:96:11:6c:2c:e5:98:dc:8e:51:e3:0a:a1:
5d:54:c1:2d:e9:15:23:d1:20:45:1b:34:6c:51:7e:a8:1e:b9:
11:53:60:2c:8b:ff:f5:46:18:0e:dd:1e:68:97:eb:15:25:30:
9d:5f:e5:c0:90:37:b5:ee:4d:f6:4b:80:28:ba:f6:cb:e8:0e:
01:69:23:40:42:dc:c5:57:ea:53:15:19:e8:6e:c0:73:45:59:
1d:05:98:e8:c8:e4:c4:ae:2e:9b:95:c3:d2:64:5b:a8:99:d0:
5b:6d:42:cb:d1:76:cf:6a:97:e6:61:26:4c:79:9c:6b:e6:f6:
63:33:5b:14:55:53:d3:a7:ca:51:9a:38:0e:b0:d6:7c:3b:d9:
61:ea:3d:14:b8:70:0b:bc:8e:ba:f9:fb:62:d1:b4:22:d1:95:
b3:46:4d:ac:75:09:6d:b6:0d:31:57:b7:3e:05:47:ad:81:e4:
a5:66:d6:83:0b:93:87:0b:58:d6:67:fa:83:16:b7:35:14:54:
22:95:f2:b4:b8:be:dd:5c:64:41:af:66:58:4c:93:0a:84:e9:
6a:d7:ba:6f:0e:5d:ad:a0:6a:43:7b:fc:59:aa:79:df:0a:03:
f6:83:85:95
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICBUkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTQw
MzA4MDFaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKENEQzBDNDZEMzI0NEIx
QjU2NzZGODAwQjg4MjUxMzIzQjdFNjYwRTYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC5kKVB9aXkZwpud5QXIMQR7oWCYcA0VvwSM8AoQNNTluTeazFU
zWdoSFF36O50sjHPoTj97cZ2dNcE8y4AGKPQNI2XyPxabcjc7CFI+CvLQYs5dd6N
PHMJiirYR1Ze7Ry7bkJZ6LcKmGLkFr2Qhf7q6+4FW/j8OJL6xM1FhARsMp+H5vEu
YjLJ5Zz9E1wih530/abnTVp63kgR/rU4xzrD9MYWwbaxq1cqbXSY57KCb1aElhC5
PoRPDMTst9Px6J3nR1+STNTpyWsNhihle3dGVvz5Xi1QAjtos5at8DshENtPUn3l
csd3EjuXCeCAPgUtTnumBQaWKNe6iw1DlSBrAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUzcDEbTJEsbVnb4ALiCUTI7fmYOYwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni96Y0RFYlRKRXNiVm5iNEFM
aUNVVEk3Zm1ZT1kucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBAFM4Lg/vLW46VIQH05olYqCOf80N21NmJJYR
bCzlmNyOUeMKoV1UwS3pFSPRIEUbNGxRfqgeuRFTYCyL//VGGA7dHmiX6xUlMJ1f
5cCQN7XuTfZLgCi69svoDgFpI0BC3MVX6lMVGehuwHNFWR0FmOjI5MSuLpuVw9Jk
W6iZ0FttQsvRds9ql+ZhJkx5nGvm9mMzWxRVU9OnylGaOA6w1nw72WHqPRS4cAu8
jrr5+2LRtCLRlbNGTax1CW22DTFXtz4FR62B5KVm1oMLk4cLWNZn+oMWtzUUVCKV
8rS4vt1cZEGvZlhMkwqE6WrXum8OXa2gakN7/Fmqed8KA/aDhZU=
-----END CERTIFICATE-----
Generated at Wed Jun 4 01:14:22 2025 by rpki-client