Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/83ExVukTkODtlZwtLVS5tL4-G8w.roa
File: 83ExVukTkODtlZwtLVS5tL4-G8w.roa (raw, json)
Hash identifier: 8CW9A09EVONcNbE5QCYYCdJyYQrWt3p+z1WAv7yGGco=
Subject key identifier: F3:71:31:56:E9:13:90:E0:ED:95:9C:2D:2D:54:B9:B4:BE:3E:1B:CC
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0725
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/83ExVukTkODtlZwtLVS5tL4-G8w.roa
Signing time: Fri 16 May 2025 14:38:12 +0000
ROA not before: Fri 16 May 2025 14:38:12 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1829 (0x725)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 16 14:38:12 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=F3713156E91390E0ED959C2D2D54B9B4BE3E1BCC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:36:c0:0d:e3:e7:37:f9:d2:51:ae:2f:93:c3:
47:f9:c8:fe:8f:62:1a:dc:4b:19:3b:8d:70:88:a5:
49:8d:4b:e7:02:26:0b:d2:d1:d8:a9:1b:f9:5e:b9:
2e:20:60:28:f4:95:89:ff:cf:c5:8f:0c:a3:e7:1a:
0e:db:9c:21:6c:a0:ec:7f:8a:03:e7:1f:c7:17:0d:
89:8e:f3:86:85:c6:5f:e6:45:d6:36:45:ff:8b:1f:
f0:79:41:3e:39:05:b9:f3:1d:d1:f3:cd:bc:7b:e1:
89:c6:ac:d5:00:9b:ab:39:2c:44:ae:78:e3:93:04:
26:98:0b:fb:dc:3c:73:f5:86:3a:76:0e:58:ae:f7:
0e:00:b0:b5:eb:bf:ad:33:0d:5c:40:8b:40:da:89:
f9:50:3f:87:59:49:5f:1b:5e:96:7a:74:77:4e:c9:
e1:12:ee:5d:59:c9:cb:f4:08:94:bb:54:93:4b:d0:
13:e2:5d:71:9a:c3:22:0f:cf:86:01:29:7c:14:9e:
88:a6:0b:06:1d:ea:54:2f:15:ea:ef:db:df:83:83:
e2:1e:06:c2:e9:6d:e0:68:76:bd:37:e4:f8:1a:5d:
49:d0:ac:17:4f:ae:2f:8b:ca:44:90:bd:4f:39:ed:
60:e0:86:b0:c2:13:fd:98:1f:95:65:55:86:0e:ac:
80:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:71:31:56:E9:13:90:E0:ED:95:9C:2D:2D:54:B9:B4:BE:3E:1B:CC
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/83ExVukTkODtlZwtLVS5tL4-G8w.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
0f:fa:9a:85:54:94:1c:83:84:cc:89:97:42:b1:0d:90:45:41:
10:a0:05:04:d2:45:a3:56:91:12:e3:c4:f3:2a:45:c9:5a:99:
4d:c2:a9:59:1c:9e:36:22:98:ca:78:f8:7b:bf:5d:06:1f:c1:
bb:28:8c:2f:3e:7a:81:ba:67:d7:cf:87:61:14:0d:08:2a:06:
6b:ae:1a:73:f8:ec:2f:e5:e0:49:4d:fc:97:e1:53:1d:9f:0e:
15:d2:36:53:fb:20:9e:11:d6:c0:f4:d2:6a:f4:03:5c:5a:a2:
53:37:5e:30:c3:c0:fe:26:d5:37:21:54:44:a3:38:87:5b:37:
5b:43:7c:8e:87:27:1b:31:40:5f:a4:e5:28:7e:aa:68:56:a0:
e5:1b:37:91:93:d3:7f:c0:43:de:7d:ed:bc:7b:6d:3e:1b:fb:
b8:e9:08:00:b3:7b:ab:70:f6:cc:c8:0b:ad:78:bb:cd:b6:1e:
3f:ad:21:bb:0d:13:ee:18:67:62:86:01:24:01:82:88:1e:64:
a7:5c:7f:62:70:58:da:a6:ee:6c:bf:73:72:93:11:f6:5b:02:
d0:fe:8f:30:8c:27:17:b8:c8:7e:d5:e4:f4:3a:74:34:62:e5:
3e:8e:43:63:a0:18:78:a4:26:ce:69:a7:f2:cd:7d:e9:cd:d1:
7a:f6:cd:ab
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICByUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTYx
NDM4MTJaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEYzNzEzMTU2RTkxMzkw
RTBFRDk1OUMyRDJENTRCOUI0QkUzRTFCQ0MwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDkNsAN4+c3+dJRri+Tw0f5yP6PYhrcSxk7jXCIpUmNS+cCJgvS
0dipG/leuS4gYCj0lYn/z8WPDKPnGg7bnCFsoOx/igPnH8cXDYmO84aFxl/mRdY2
Rf+LH/B5QT45BbnzHdHzzbx74YnGrNUAm6s5LESueOOTBCaYC/vcPHP1hjp2Dliu
9w4AsLXrv60zDVxAi0DaiflQP4dZSV8bXpZ6dHdOyeES7l1Zycv0CJS7VJNL0BPi
XXGawyIPz4YBKXwUnoimCwYd6lQvFerv29+Dg+IeBsLpbeBodr035PgaXUnQrBdP
ri+LykSQvU857WDghrDCE/2YH5VlVYYOrID9AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQU83ExVukTkODtlZwtLVS5tL4+G8wwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni84M0V4VnVrVGtPRHRsWnd0
TFZTNXRMNC1HOHcucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBAA/6moVUlByDhMyJl0KxDZBFQRCgBQTSRaNW
kRLjxPMqRclamU3CqVkcnjYimMp4+Hu/XQYfwbsojC8+eoG6Z9fPh2EUDQgqBmuu
GnP47C/l4ElN/JfhUx2fDhXSNlP7IJ4R1sD00mr0A1xaolM3XjDDwP4m1TchVESj
OIdbN1tDfI6HJxsxQF+k5Sh+qmhWoOUbN5GT03/AQ9597bx7bT4b+7jpCACze6tw
9szIC614u822Hj+tIbsNE+4YZ2KGASQBgogeZKdcf2JwWNqm7my/c3KTEfZbAtD+
jzCMJxe4yH7V5PQ6dDRi5T6OQ2OgGHikJs5pp/LNfenN0Xr2zas=
-----END CERTIFICATE-----
Generated at Sat May 17 19:54:43 2025 by rpki-client