Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/8DbkUAw1BOKN65ZACG_oBGO4xgM.roa
File: 8DbkUAw1BOKN65ZACG_oBGO4xgM.roa (raw, json)
Hash identifier: LYeNOxljmaRlIg9lem0hYrkyAwnNxClcAtprDoFM20Q=
Subject key identifier: F0:36:E4:50:0C:35:04:E2:8D:EB:96:40:08:6F:E8:04:63:B8:C6:03
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 01E1
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/8DbkUAw1BOKN65ZACG_oBGO4xgM.roa
Signing time: Fri 09 May 2025 14:07:46 +0000
ROA not before: Fri 09 May 2025 14:07:46 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 481 (0x1e1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 9 14:07:46 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=F036E4500C3504E28DEB9640086FE80463B8C603
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:33:dd:e7:b1:69:e0:06:b3:a5:1e:41:2d:67:
18:7d:56:05:4a:45:6e:d2:16:50:77:5c:31:97:5e:
85:cf:a2:9a:37:e5:a2:52:5f:60:ae:c0:30:52:81:
98:c7:ec:fb:ba:d0:44:6b:c1:26:a3:dd:d2:a9:0b:
b8:91:0d:a5:dc:8e:ef:c9:d9:4a:30:88:fb:41:e1:
8e:a6:fc:92:12:14:fe:68:43:7f:f3:54:5a:83:bf:
4e:d2:87:07:b6:15:c1:ed:71:4c:15:dc:c9:8d:23:
c0:28:5c:47:4d:5a:f2:3c:69:dd:33:d1:49:30:70:
19:b6:36:a7:05:95:6c:8d:4f:82:cb:6d:c2:39:5d:
e5:5f:9c:10:27:85:41:b6:2b:91:a3:77:00:60:ca:
9f:fd:b7:92:9f:73:dc:1b:a8:d5:4b:50:04:05:d2:
e0:7c:d4:4f:5a:05:df:83:eb:f1:b7:b9:f5:3f:6b:
a3:a0:25:e1:83:56:71:2e:d0:12:a0:4e:aa:80:42:
07:3d:1d:2c:de:95:91:49:e6:ab:5f:3c:3d:d7:e3:
9b:23:61:6c:4e:b2:22:d5:2f:9d:1b:f7:77:41:ea:
44:6f:b7:0b:ed:66:3b:ed:db:da:b6:e6:89:24:6f:
fe:10:93:2d:25:60:97:46:38:b2:38:e4:1e:06:dd:
c9:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:36:E4:50:0C:35:04:E2:8D:EB:96:40:08:6F:E8:04:63:B8:C6:03
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/8DbkUAw1BOKN65ZACG_oBGO4xgM.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
94:44:76:39:e7:06:ae:93:59:32:f0:ba:6b:c0:ab:4f:58:6c:
86:bd:86:03:9e:d8:3d:a6:e2:4e:1a:c2:5d:aa:64:e4:fb:8c:
87:1e:99:ff:10:60:67:0f:2a:cf:45:83:75:a6:cb:9e:d1:da:
aa:b2:43:b5:61:14:c5:a3:05:43:51:61:d5:01:f5:86:7f:a9:
24:c3:29:7d:ba:dd:a0:ab:f4:c2:15:ef:7a:f6:66:96:31:00:
00:d1:c4:f4:60:8b:86:e7:17:c7:d7:1a:af:f2:ee:b4:62:7a:
c1:8c:c2:d8:11:2a:91:11:c8:f1:7f:d2:a0:9b:8b:6b:65:6f:
67:36:c2:7f:23:19:21:b5:fe:3d:4b:78:84:bf:0a:ef:cd:41:
6a:35:55:2b:6d:c4:46:f8:50:78:23:e2:e3:3d:4c:39:64:3c:
dd:6c:ae:59:fb:bd:3f:c3:1f:c9:e5:f6:c1:e5:31:77:21:c3:
32:49:7c:51:dc:fa:4f:d1:d1:03:95:77:bd:50:94:99:d6:3e:
f5:35:34:ba:33:cf:c5:6e:09:4c:ee:5a:e3:16:33:ca:ca:e0:
fd:10:93:c8:6b:c0:78:42:4e:fb:d1:b1:54:a9:2e:65:d6:cb:
cf:81:35:70:ed:36:f0:68:f6:2a:d2:8b:e0:c8:85:44:fd:e1:
69:29:59:38
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICAeEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MDkx
NDA3NDZaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEYwMzZFNDUwMEMzNTA0
RTI4REVCOTY0MDA4NkZFODA0NjNCOEM2MDMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDOM93nsWngBrOlHkEtZxh9VgVKRW7SFlB3XDGXXoXPopo35aJS
X2CuwDBSgZjH7Pu60ERrwSaj3dKpC7iRDaXcju/J2UowiPtB4Y6m/JISFP5oQ3/z
VFqDv07Shwe2FcHtcUwV3MmNI8AoXEdNWvI8ad0z0UkwcBm2NqcFlWyNT4LLbcI5
XeVfnBAnhUG2K5GjdwBgyp/9t5Kfc9wbqNVLUAQF0uB81E9aBd+D6/G3ufU/a6Og
JeGDVnEu0BKgTqqAQgc9HSzelZFJ5qtfPD3X45sjYWxOsiLVL50b93dB6kRvtwvt
Zjvt29q25okkb/4Qky0lYJdGOLI45B4G3clpAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQU8DbkUAw1BOKN65ZACG/oBGO4xgMwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni84RGJrVUF3MUJPS042NVpB
Q0dfb0JHTzR4Z00ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBAJREdjnnBq6TWTLwumvAq09YbIa9hgOe2D2m
4k4awl2qZOT7jIcemf8QYGcPKs9Fg3Wmy57R2qqyQ7VhFMWjBUNRYdUB9YZ/qSTD
KX263aCr9MIV73r2ZpYxAADRxPRgi4bnF8fXGq/y7rRiesGMwtgRKpERyPF/0qCb
i2tlb2c2wn8jGSG1/j1LeIS/Cu/NQWo1VSttxEb4UHgj4uM9TDlkPN1srln7vT/D
H8nl9sHlMXchwzJJfFHc+k/R0QOVd71QlJnWPvU1NLozz8VuCUzuWuMWM8rK4P0Q
k8hrwHhCTvvRsVSpLmXWy8+BNXDtNvBo9irSi+DIhUT94WkpWTg=
-----END CERTIFICATE-----
Generated at Sat May 17 22:37:09 2025 by rpki-client