Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/-NHqdSCsP1D6YCfQgy2B5cNJaZM.roa
File: -NHqdSCsP1D6YCfQgy2B5cNJaZM.roa (raw, json)
Hash identifier: k8mLUKWomiO4SW2fzFNBb9GEWkSN+FdxKGTEd9BnauA=
Subject key identifier: F8:D1:EA:75:20:AC:3F:50:FA:60:27:D0:83:2D:81:E5:C3:49:69:93
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: C5
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/-NHqdSCsP1D6YCfQgy2B5cNJaZM.roa
Signing time: Thu 08 May 2025 02:45:20 +0000
ROA not before: Thu 08 May 2025 02:45:20 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 197 (0xc5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 8 02:45:20 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=F8D1EA7520AC3F50FA6027D0832D81E5C3496993
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:f1:89:84:f6:a5:55:58:0d:27:13:f1:d4:17:
a8:74:ac:1c:14:40:53:ac:56:35:71:e9:27:90:a3:
71:c4:8c:64:ab:3e:fb:68:b7:ef:69:f8:ec:5b:14:
bf:96:73:5d:70:3f:fc:e7:f7:52:c2:64:b4:2e:35:
09:21:0d:d5:93:d3:8e:ef:f5:1e:69:70:06:73:29:
64:80:7c:55:c3:60:8e:16:18:19:65:16:f1:68:1f:
6d:6e:ce:09:f4:fa:97:7f:42:e0:d5:9e:b5:60:68:
c4:47:fb:db:e7:89:19:9b:dd:e0:8f:c3:4e:17:25:
7d:63:e7:d0:72:90:8b:23:3e:e8:e8:7f:5e:0c:9c:
37:67:3c:60:bf:3c:71:91:68:a8:e3:a3:4d:fc:26:
d8:d1:fe:5b:4e:17:6f:2c:5d:b9:10:a6:90:58:a1:
4e:6d:16:bd:c5:b8:6f:b8:ae:08:38:62:4c:e0:3b:
68:e9:bb:5c:ea:c7:28:cb:ac:56:54:5e:f6:36:2b:
13:9f:ae:c2:9b:4b:0f:c2:56:66:49:55:bc:95:4e:
92:d9:5c:80:92:df:4f:e0:93:37:c4:58:e2:63:e1:
e2:96:4a:ba:ff:55:a3:0d:ae:fd:a3:26:3c:54:95:
01:5b:c5:6b:c6:de:3f:a3:4b:37:77:10:b6:7a:11:
7c:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:D1:EA:75:20:AC:3F:50:FA:60:27:D0:83:2D:81:E5:C3:49:69:93
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/-NHqdSCsP1D6YCfQgy2B5cNJaZM.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
4c:23:be:4b:bc:2d:f5:11:57:88:61:91:c2:85:72:d8:fc:5b:
5f:b1:97:5a:1a:2b:78:e2:f9:f2:59:67:6c:09:ec:9c:49:d2:
f1:04:fc:9d:31:01:64:0e:56:e4:6d:62:8a:77:88:c4:a6:3c:
34:84:29:bd:56:65:cd:fe:66:cc:16:35:c6:95:71:30:62:20:
8e:61:da:54:a5:fb:7a:e0:d6:bb:7e:b3:86:45:e4:5e:21:db:
8b:ad:f6:64:f7:99:cc:70:82:5d:38:0e:47:fa:6c:97:ef:38:
fd:22:9b:05:5b:42:9e:5a:f9:ce:4f:0d:6e:d3:aa:96:bd:f0:
d5:6c:d9:dd:b8:7f:8b:4a:db:1d:6b:a6:53:3b:d6:fc:2e:19:
69:56:fe:a8:c9:2d:60:89:5d:d4:a8:c4:0e:a6:44:67:6d:f1:
10:43:3d:e5:ad:fb:7d:27:a0:c5:ed:b8:2c:8b:3e:ed:77:5d:
ef:f8:82:c2:57:66:cf:c7:8a:0f:83:94:8c:cf:c1:93:2f:00:
e7:b5:49:30:a0:f9:e3:bd:c6:a8:ad:ac:e1:02:9b:0e:1c:f0:
9e:b6:fc:64:59:45:c0:79:94:c8:ec:73:37:78:ea:59:48:55:
94:fe:52:6f:a3:8e:e4:e5:94:e2:63:8c:99:6c:d8:bb:bc:da:
a4:1b:be:ab
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICAMUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MDgw
MjQ1MjBaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEY4RDFFQTc1MjBBQzNG
NTBGQTYwMjdEMDgzMkQ4MUU1QzM0OTY5OTMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDI8YmE9qVVWA0nE/HUF6h0rBwUQFOsVjVx6SeQo3HEjGSrPvto
t+9p+OxbFL+Wc11wP/zn91LCZLQuNQkhDdWT047v9R5pcAZzKWSAfFXDYI4WGBll
FvFoH21uzgn0+pd/QuDVnrVgaMRH+9vniRmb3eCPw04XJX1j59BykIsjPujof14M
nDdnPGC/PHGRaKjjo038JtjR/ltOF28sXbkQppBYoU5tFr3FuG+4rgg4YkzgO2jp
u1zqxyjLrFZUXvY2KxOfrsKbSw/CVmZJVbyVTpLZXICS30/gkzfEWOJj4eKWSrr/
VaMNrv2jJjxUlQFbxWvG3j+jSzd3ELZ6EXyJAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQU+NHqdSCsP1D6YCfQgy2B5cNJaZMwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni8tTkhxZFNDc1AxRDZZQ2ZR
Z3kyQjVjTkphWk0ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBAEwjvku8LfURV4hhkcKFctj8W1+xl1oaK3ji
+fJZZ2wJ7JxJ0vEE/J0xAWQOVuRtYop3iMSmPDSEKb1WZc3+ZswWNcaVcTBiII5h
2lSl+3rg1rt+s4ZF5F4h24ut9mT3mcxwgl04Dkf6bJfvOP0imwVbQp5a+c5PDW7T
qpa98NVs2d24f4tK2x1rplM71vwuGWlW/qjJLWCJXdSoxA6mRGdt8RBDPeWt+30n
oMXtuCyLPu13Xe/4gsJXZs/Hig+DlIzPwZMvAOe1STCg+eO9xqitrOECmw4c8J62
/GRZRcB5lMjsczd46llIVZT+Um+jjuTllOJjjJls2Lu82qQbvqs=
-----END CERTIFICATE-----
Generated at Sat May 17 20:00:44 2025 by rpki-client