Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/2AD04Csrhqtec9v5gfC-TMkc4sk.roa
File: 2AD04Csrhqtec9v5gfC-TMkc4sk.roa (raw, json)
Hash identifier: uAh/y4U4K6BiXJfhmBYafdhvQSe8HTlVBEZAhUeO4Tk=
Subject key identifier: D8:00:F4:E0:2B:2B:86:AB:5E:73:DB:F9:81:F0:BE:4C:C9:1C:E2:C9
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0599
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/2AD04Csrhqtec9v5gfC-TMkc4sk.roa
Signing time: Wed 14 May 2025 13:08:04 +0000
ROA not before: Wed 14 May 2025 13:08:04 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1433 (0x599)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 14 13:08:04 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=D800F4E02B2B86AB5E73DBF981F0BE4CC91CE2C9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:c0:6d:2c:05:9f:32:2f:38:fd:3a:99:f6:2a:
83:5b:7e:dc:67:5e:5c:3b:ab:b2:17:a5:71:d8:c7:
33:cd:97:0e:a7:15:22:ef:1d:3d:ed:99:51:e5:dd:
05:95:35:e0:63:e4:87:4d:64:9f:51:b6:8c:cd:a3:
08:b2:23:8e:ab:af:32:fc:c0:ba:fc:16:f3:c7:76:
2f:61:7f:6a:4c:58:9d:ec:e6:c3:7a:98:f4:08:c4:
90:ba:61:b9:c6:bf:88:ee:11:62:34:bf:58:af:b2:
c3:3a:8a:5e:59:9e:1c:bd:95:47:1b:ef:e4:01:55:
13:90:ce:c8:ee:41:a5:6f:eb:54:e7:56:d1:60:b7:
3e:88:4e:da:35:db:23:f3:32:40:72:73:5b:81:62:
1f:84:75:f8:b8:d4:2c:92:3e:1c:49:38:9a:1b:32:
74:a2:2f:22:0a:d1:a1:0e:68:66:1d:60:e2:4e:f1:
39:50:1d:c4:19:7e:a8:57:b8:f3:f6:8f:ca:0d:d2:
0d:e9:df:53:98:e2:5e:11:5f:4a:ea:5b:0b:20:ad:
fb:70:3c:e3:e1:0f:8c:e6:a2:ab:31:22:39:95:42:
b9:4a:eb:0a:0d:fb:0b:f8:fc:21:f1:cf:e6:14:bf:
6f:58:ad:64:48:b5:e0:87:f8:90:f4:db:48:b8:d2:
ec:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:00:F4:E0:2B:2B:86:AB:5E:73:DB:F9:81:F0:BE:4C:C9:1C:E2:C9
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/2AD04Csrhqtec9v5gfC-TMkc4sk.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
5a:59:2c:4c:a1:4b:85:4f:03:87:15:5c:1b:2b:16:66:80:72:
a4:27:c8:3b:b7:b2:b6:23:d2:27:a3:a2:d6:96:aa:ef:63:b5:
94:65:5e:7e:09:93:a1:6d:6e:8b:51:15:8b:32:33:4f:42:7f:
4b:f8:69:c0:c5:dc:32:2e:32:85:a5:b6:0c:82:46:84:77:96:
f8:1e:20:3a:a1:f3:39:20:c9:09:01:09:d5:54:67:a9:80:d2:
bf:27:16:54:e9:72:79:b0:65:13:9f:d4:53:b6:2c:5e:6c:81:
e7:db:33:1b:86:b9:42:7a:95:ee:67:88:2b:5f:8d:e7:48:86:
1e:1b:db:9d:05:9e:30:cc:01:f1:e6:ff:95:d6:83:8f:b3:a7:
b3:9c:09:9a:cc:31:12:43:98:0a:c6:a1:24:26:3e:bf:4b:7d:
c3:a8:15:a6:75:e8:83:1d:a7:2a:85:b6:33:d8:8e:7b:5b:40:
d4:05:ff:b8:6c:c9:1f:44:7c:76:57:26:de:1a:ca:36:a1:04:
08:75:a4:ec:f1:70:47:1f:7b:a0:b5:47:1f:b1:75:7f:d4:f9:
0c:dd:3b:2a:7c:cd:3b:12:b8:c7:d2:c3:45:40:0f:74:ba:64:
95:9e:44:35:f6:cf:d6:fc:67:e0:0b:8f:a9:b5:9c:29:11:f5:
f4:74:f0:ce
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICBZkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTQx
MzA4MDRaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEQ4MDBGNEUwMkIyQjg2
QUI1RTczREJGOTgxRjBCRTRDQzkxQ0UyQzkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC2wG0sBZ8yLzj9Opn2KoNbftxnXlw7q7IXpXHYxzPNlw6nFSLv
HT3tmVHl3QWVNeBj5IdNZJ9RtozNowiyI46rrzL8wLr8FvPHdi9hf2pMWJ3s5sN6
mPQIxJC6YbnGv4juEWI0v1ivssM6il5Znhy9lUcb7+QBVROQzsjuQaVv61TnVtFg
tz6ITto12yPzMkByc1uBYh+Edfi41CySPhxJOJobMnSiLyIK0aEOaGYdYOJO8TlQ
HcQZfqhXuPP2j8oN0g3p31OY4l4RX0rqWwsgrftwPOPhD4zmoqsxIjmVQrlK6woN
+wv4/CHxz+YUv29YrWRIteCH+JD020i40uzlAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQU2AD04Csrhqtec9v5gfC+TMkc4skwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni8yQUQwNENzcmhxdGVjOXY1
Z2ZDLVRNa2M0c2sucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBAFpZLEyhS4VPA4cVXBsrFmaAcqQnyDu3srYj
0iejotaWqu9jtZRlXn4Jk6FtbotRFYsyM09Cf0v4acDF3DIuMoWltgyCRoR3lvge
IDqh8zkgyQkBCdVUZ6mA0r8nFlTpcnmwZROf1FO2LF5sgefbMxuGuUJ6le5niCtf
jedIhh4b250FnjDMAfHm/5XWg4+zp7OcCZrMMRJDmArGoSQmPr9LfcOoFaZ16IMd
pyqFtjPYjntbQNQF/7hsyR9EfHZXJt4ayjahBAh1pOzxcEcfe6C1Rx+xdX/U+Qzd
Oyp8zTsSuMfSw0VAD3S6ZJWeRDX2z9b8Z+ALj6m1nCkR9fR08M4=
-----END CERTIFICATE-----
Generated at Sat May 17 19:44:36 2025 by rpki-client