Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/2YXmUgiDIgBeDBYYz3cY3YuyNeQ.roa
File: 2YXmUgiDIgBeDBYYz3cY3YuyNeQ.roa (raw, json)
Hash identifier: FEA+2FklVtpVsiQIUAas0YCcN6BJ9jInvIs1tXQmSTM=
Subject key identifier: D9:85:E6:52:08:83:22:00:5E:0C:16:18:CF:77:18:DD:8B:B2:35:E4
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0569
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/2YXmUgiDIgBeDBYYz3cY3YuyNeQ.roa
Signing time: Wed 14 May 2025 07:08:02 +0000
ROA not before: Wed 14 May 2025 07:08:02 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1385 (0x569)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 14 07:08:02 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=D985E652088322005E0C1618CF7718DD8BB235E4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:62:7a:77:21:09:21:15:7e:ec:93:8d:fd:8a:
a8:07:b7:34:a7:a5:67:65:9b:68:e6:e6:9f:95:54:
7c:12:bf:a8:ed:50:51:06:17:9e:62:03:e4:7e:28:
55:72:d4:57:86:50:45:ad:ec:0b:32:a3:04:e1:17:
7d:fe:a5:90:00:ad:99:8b:81:f4:8c:b2:e1:9e:9b:
02:f4:d4:1a:f3:49:1a:e2:66:ef:f7:ed:a0:39:eb:
4a:28:e8:b4:62:cc:42:a2:a2:de:7c:ec:ab:39:1f:
41:4b:98:39:05:42:22:ac:06:4f:ed:c3:e0:c1:10:
d9:79:2e:8e:e2:90:04:9a:47:bd:98:d6:46:f9:14:
a1:44:36:83:ab:f4:4b:f6:df:8d:de:d9:92:bd:35:
1c:46:7f:3b:f5:9f:aa:88:be:38:d7:d0:06:2b:1c:
95:24:9a:cd:ac:74:da:f8:60:cd:f0:00:a6:f9:fd:
2e:e5:fa:b7:e9:03:cc:13:7b:bb:f9:fa:21:6e:8c:
4b:19:ff:03:c9:f9:e1:3d:8a:30:3b:21:fd:e7:0e:
8b:93:45:89:85:ce:d1:5e:6a:13:f7:cb:42:d7:8d:
1b:e0:a2:b2:1e:7d:fc:08:50:6f:05:52:09:5c:31:
81:ac:e1:b0:77:8d:00:fd:9e:4a:26:29:97:cd:c5:
95:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:85:E6:52:08:83:22:00:5E:0C:16:18:CF:77:18:DD:8B:B2:35:E4
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/2YXmUgiDIgBeDBYYz3cY3YuyNeQ.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
74:c1:b7:95:67:a0:7b:45:15:85:97:a5:12:0f:24:40:7d:f7:
08:eb:7a:f5:71:86:e7:48:cb:c0:a0:93:7a:c0:f9:9a:2e:4b:
7c:87:38:d7:7c:2c:81:89:86:78:37:5f:f1:7e:ac:00:4f:22:
ba:9b:30:ec:15:b7:76:51:3a:7c:fe:42:2d:00:18:6b:84:22:
e7:c7:5e:0e:58:5f:a2:66:c9:5d:b0:4e:34:36:6f:3d:d1:9a:
b3:b1:54:27:34:bc:0a:7d:33:c6:8d:4c:9f:12:da:4d:91:6e:
5a:f8:a5:2d:14:e1:ab:b2:85:8c:8a:8f:d1:a4:89:02:65:78:
6c:e3:eb:9a:d7:e8:4f:62:50:8c:fa:88:70:0f:77:0b:29:42:
86:e3:ba:3d:3b:f6:2f:a9:85:26:f3:52:a7:6b:ca:c4:84:b8:
c0:57:bb:71:32:b6:33:b0:59:d9:f3:11:7c:be:89:fc:c1:9f:
01:67:fe:8a:ec:1d:2a:7e:d7:0b:47:48:ec:36:a5:3b:3e:62:
14:7a:35:27:46:1a:17:ea:a5:ca:1c:9a:ad:0d:86:d7:60:67:
04:f6:00:eb:57:cd:d3:63:88:2c:99:33:95:68:60:9e:a5:bb:
c8:0e:b2:e0:e8:e0:d1:d3:d8:70:72:20:dd:b8:26:6d:38:73:
20:cc:88:65
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICBWkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTQw
NzA4MDJaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEQ5ODVFNjUyMDg4MzIy
MDA1RTBDMTYxOENGNzcxOEREOEJCMjM1RTQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCuYnp3IQkhFX7sk439iqgHtzSnpWdlm2jm5p+VVHwSv6jtUFEG
F55iA+R+KFVy1FeGUEWt7AsyowThF33+pZAArZmLgfSMsuGemwL01BrzSRriZu/3
7aA560oo6LRizEKiot587Ks5H0FLmDkFQiKsBk/tw+DBENl5Lo7ikASaR72Y1kb5
FKFENoOr9Ev2343e2ZK9NRxGfzv1n6qIvjjX0AYrHJUkms2sdNr4YM3wAKb5/S7l
+rfpA8wTe7v5+iFujEsZ/wPJ+eE9ijA7If3nDouTRYmFztFeahP3y0LXjRvgorIe
ffwIUG8FUglcMYGs4bB3jQD9nkomKZfNxZXPAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQU2YXmUgiDIgBeDBYYz3cY3YuyNeQwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni8yWVhtVWdpRElnQmVEQllZ
ejNjWTNZdXlOZVEucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBAHTBt5VnoHtFFYWXpRIPJEB99wjrevVxhudI
y8Cgk3rA+ZouS3yHONd8LIGJhng3X/F+rABPIrqbMOwVt3ZROnz+Qi0AGGuEIufH
Xg5YX6JmyV2wTjQ2bz3RmrOxVCc0vAp9M8aNTJ8S2k2Rblr4pS0U4auyhYyKj9Gk
iQJleGzj65rX6E9iUIz6iHAPdwspQobjuj079i+phSbzUqdrysSEuMBXu3EytjOw
WdnzEXy+ifzBnwFn/orsHSp+1wtHSOw2pTs+YhR6NSdGGhfqpcocmq0NhtdgZwT2
AOtXzdNjiCyZM5VoYJ6lu8gOsuDo4NHT2HByIN24Jm04cyDMiGU=
-----END CERTIFICATE-----
Generated at Sat May 17 19:58:58 2025 by rpki-client