Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/AX_jECcOyYYnjapU53hkDXb8CYE.roa
File: AX_jECcOyYYnjapU53hkDXb8CYE.roa (raw, json)
Hash identifier: TGihnaNRB1uXsn4QJPOqmgNe041ioBz1EbBnu9pVkOA=
Subject key identifier: 01:7F:E3:10:27:0E:C9:86:27:8D:AA:54:E7:78:64:0D:76:FC:09:81
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: F5
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/AX_jECcOyYYnjapU53hkDXb8CYE.roa
Signing time: Thu 08 May 2025 08:37:42 +0000
ROA not before: Thu 08 May 2025 08:37:42 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 245 (0xf5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 8 08:37:42 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=017FE310270EC986278DAA54E778640D76FC0981
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:cb:05:8a:19:1c:73:a7:e9:74:5e:74:98:05:
f0:96:31:f8:e1:31:21:62:ce:03:ab:4e:9a:83:a2:
1e:05:f8:33:0f:06:40:d7:25:eb:fd:ea:9b:c8:b6:
50:d5:65:f9:2e:63:13:87:ac:f3:ab:c5:ec:3c:c5:
fd:ba:19:af:e1:9c:df:7a:a9:8f:c0:4a:70:d8:a8:
45:e5:1b:7b:cc:6a:a9:9c:66:b6:36:a1:3e:59:9d:
c1:d4:01:35:37:a4:17:53:1a:dc:91:64:19:f5:2d:
32:49:e5:c4:57:c8:78:11:40:1e:91:05:32:80:3a:
75:ef:00:b9:ff:85:d9:65:a1:f8:c3:ee:68:77:07:
a9:90:a5:85:ce:a1:a3:d8:c9:a1:39:a6:33:ec:37:
8b:05:1b:18:a5:6e:1b:f4:b1:b4:e5:09:d6:ab:1a:
12:b3:c0:07:30:c8:3e:36:5f:4a:67:96:ba:9a:e3:
51:ea:57:ba:93:87:39:d9:72:d8:d1:5f:62:cd:e3:
c6:71:e0:e9:3b:d8:dd:a3:ad:7b:d9:fa:87:a0:b9:
84:c6:4b:9e:c8:34:8b:ee:ab:d9:69:57:3e:40:59:
d2:83:0b:f7:d6:b7:10:59:06:2c:55:57:09:a1:61:
da:7b:a3:1d:a3:eb:eb:3b:35:dd:67:78:0d:b8:f5:
83:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:7F:E3:10:27:0E:C9:86:27:8D:AA:54:E7:78:64:0D:76:FC:09:81
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/AX_jECcOyYYnjapU53hkDXb8CYE.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
6b:86:1c:3f:9c:a6:a3:e3:4e:1b:de:dd:9b:55:1c:c0:3f:25:
a7:f7:61:62:70:b7:3b:86:b2:30:cd:c1:de:29:e5:9a:b8:a3:
67:b2:94:7a:15:72:c6:7e:a6:e2:56:57:e6:a1:30:5e:9d:08:
29:91:0d:f8:e5:21:ae:5c:b9:a3:f0:7f:e3:6d:5e:2c:7c:a3:
88:26:38:13:3f:62:94:8d:ca:ad:91:af:98:12:11:3a:74:4a:
f9:91:98:46:0f:8f:c0:99:bb:d0:ee:38:7b:a8:b1:8a:de:e9:
d3:dd:0a:57:c3:8a:57:cf:ec:5c:20:dc:87:e8:d8:09:3b:df:
ae:3e:7a:0c:b6:f5:2e:f4:12:58:9d:74:12:b3:61:fa:8d:25:
26:cd:2b:bb:0d:0b:0f:4e:db:aa:e1:14:ac:53:2b:ea:a2:26:
4f:0c:8e:f9:12:bc:53:7f:63:94:fa:0c:fb:61:26:20:36:18:
aa:48:21:99:be:6c:89:3e:c7:0f:10:fd:33:bd:a0:ca:d6:97:
fc:4b:1e:3f:66:14:cf:5c:8d:26:0c:5b:aa:84:06:23:55:40:
ae:6a:21:f2:00:de:80:b8:96:97:ea:dd:6e:bb:1f:5f:33:20:
6c:67:03:fd:ff:b2:84:0d:13:be:eb:63:10:f0:90:5f:91:70:
0d:0f:ef:a3
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICAPUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MDgw
ODM3NDJaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDAxN0ZFMzEwMjcwRUM5
ODYyNzhEQUE1NEU3Nzg2NDBENzZGQzA5ODEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC2ywWKGRxzp+l0XnSYBfCWMfjhMSFizgOrTpqDoh4F+DMPBkDX
Jev96pvItlDVZfkuYxOHrPOrxew8xf26Ga/hnN96qY/ASnDYqEXlG3vMaqmcZrY2
oT5ZncHUATU3pBdTGtyRZBn1LTJJ5cRXyHgRQB6RBTKAOnXvALn/hdllofjD7mh3
B6mQpYXOoaPYyaE5pjPsN4sFGxilbhv0sbTlCdarGhKzwAcwyD42X0pnlrqa41Hq
V7qThznZctjRX2LN48Zx4Ok72N2jrXvZ+oeguYTGS57INIvuq9lpVz5AWdKDC/fW
txBZBixVVwmhYdp7ox2j6+s7Nd1neA249YNJAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUAX/jECcOyYYnjapU53hkDXb8CYEwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9BWF9qRUNjT3lZWW5qYXBV
NTNoa0RYYjhDWUUucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBAGuGHD+cpqPjThve3ZtVHMA/Jaf3YWJwtzuG
sjDNwd4p5Zq4o2eylHoVcsZ+puJWV+ahMF6dCCmRDfjlIa5cuaPwf+NtXix8o4gm
OBM/YpSNyq2Rr5gSETp0SvmRmEYPj8CZu9DuOHuosYre6dPdClfDilfP7Fwg3Ifo
2Ak7364+egy29S70EliddBKzYfqNJSbNK7sNCw9O26rhFKxTK+qiJk8MjvkSvFN/
Y5T6DPthJiA2GKpIIZm+bIk+xw8Q/TO9oMrWl/xLHj9mFM9cjSYMW6qEBiNVQK5q
IfIA3oC4lpfq3W67H18zIGxnA/3/soQNE77rYxDwkF+RcA0P76M=
-----END CERTIFICATE-----
Generated at Sun May 18 04:48:44 2025 by rpki-client