Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/Ar2KdQMfsJv2mtbnAMkVtcghvJc.roa
File: Ar2KdQMfsJv2mtbnAMkVtcghvJc.roa (raw, json)
Hash identifier: cMqFoVAfnSci8aMwd0ylN6xDPYxRgsiQuy1ibL1Yw+Y=
Subject key identifier: 02:BD:8A:75:03:1F:B0:9B:F6:9A:D6:E7:00:C9:15:B5:C8:21:BC:97
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 074D
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/Ar2KdQMfsJv2mtbnAMkVtcghvJc.roa
Signing time: Fri 16 May 2025 19:38:06 +0000
ROA not before: Fri 16 May 2025 19:38:06 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1869 (0x74d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 16 19:38:06 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=02BD8A75031FB09BF69AD6E700C915B5C821BC97
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:c1:80:31:79:6e:1d:ea:e3:f8:30:2c:86:35:
38:46:00:8e:41:9a:dc:06:c4:95:bc:73:4d:b0:89:
da:2e:91:71:df:23:97:b6:93:1f:76:4f:e8:34:20:
fc:19:4a:b3:69:f9:f5:ef:0d:7a:4e:82:b3:32:00:
cc:df:39:0b:4d:b4:90:ae:8e:17:af:5b:1b:47:0d:
6d:c5:80:68:10:ef:57:7d:43:e6:2c:cc:95:73:d4:
17:b9:33:a4:a5:73:40:64:53:07:29:8d:c3:48:72:
88:57:10:3f:23:c3:f1:47:b4:86:f0:7c:de:29:cd:
b5:b6:4a:d3:ac:ea:32:5a:3f:29:b3:14:b5:5c:47:
17:df:0a:26:cd:49:fc:5b:14:ba:e0:18:ac:04:68:
1c:33:33:9f:27:3c:a7:67:42:bb:86:54:6b:95:6c:
41:ed:5a:98:ad:9c:8d:b0:6e:2f:9f:34:3b:44:14:
ea:66:2b:10:51:a2:42:1d:54:90:7c:09:d7:a4:91:
b3:eb:35:80:44:ff:fb:d5:3c:77:ca:0d:1f:53:53:
f4:81:67:41:ff:9b:f0:29:10:e1:f8:f0:2c:c7:2f:
cf:ef:80:fb:79:a0:e8:db:3e:99:f6:b8:12:ff:ef:
14:f5:37:da:bd:a5:0a:9c:03:fc:8d:43:ec:a3:f9:
b8:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:BD:8A:75:03:1F:B0:9B:F6:9A:D6:E7:00:C9:15:B5:C8:21:BC:97
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/Ar2KdQMfsJv2mtbnAMkVtcghvJc.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
25:b5:32:7a:c7:32:db:3c:4c:4b:c9:2f:11:a5:b0:2e:3c:14:
f4:13:e9:4e:0e:61:6e:33:9a:5e:47:13:01:a1:db:b2:3e:aa:
ca:50:54:59:d7:5c:78:12:a4:ba:94:ff:2b:7b:65:8a:01:63:
b9:65:e0:7b:2f:c9:9c:5d:27:5e:3f:be:4e:09:d3:b6:f4:d3:
1d:fd:4b:93:f6:9c:db:b4:9b:ad:b6:40:8c:73:ca:8a:9e:b0:
4c:b8:4c:fb:c1:2d:05:54:7f:ac:90:cc:19:a4:90:fd:f6:2f:
6a:66:a1:66:f3:d8:89:fb:de:db:18:a5:27:01:2b:4a:25:65:
9c:0d:36:75:6a:b9:54:c1:8c:46:77:1c:ed:08:fa:15:a7:cd:
30:11:28:7b:f9:5f:52:46:b6:1e:5f:79:f0:d8:95:ef:56:e2:
cc:9f:92:df:ac:fe:4e:21:04:cb:7e:5d:5b:94:42:8e:20:c1:
04:61:17:16:45:26:15:01:85:9f:8b:8d:ce:89:13:b8:05:ff:
00:73:e1:a0:aa:5f:56:72:db:2f:a6:fa:68:9b:24:ed:01:44:
e9:ff:d8:1f:d7:a9:bd:39:e2:a5:20:98:b9:a6:f1:76:f6:df:
6e:ab:8f:9f:c8:41:b9:25:7f:f4:a0:38:a6:a7:b8:c2:52:f8:
21:ed:61:46
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICB00wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTYx
OTM4MDZaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDAyQkQ4QTc1MDMxRkIw
OUJGNjlBRDZFNzAwQzkxNUI1QzgyMUJDOTcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC2wYAxeW4d6uP4MCyGNThGAI5BmtwGxJW8c02widoukXHfI5e2
kx92T+g0IPwZSrNp+fXvDXpOgrMyAMzfOQtNtJCujhevWxtHDW3FgGgQ71d9Q+Ys
zJVz1Be5M6Slc0BkUwcpjcNIcohXED8jw/FHtIbwfN4pzbW2StOs6jJaPymzFLVc
RxffCibNSfxbFLrgGKwEaBwzM58nPKdnQruGVGuVbEHtWpitnI2wbi+fNDtEFOpm
KxBRokIdVJB8CdekkbPrNYBE//vVPHfKDR9TU/SBZ0H/m/ApEOH48CzHL8/vgPt5
oOjbPpn2uBL/7xT1N9q9pQqcA/yNQ+yj+biXAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUAr2KdQMfsJv2mtbnAMkVtcghvJcwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9BcjJLZFFNZnNKdjJtdGJu
QU1rVnRjZ2h2SmMucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBACW1MnrHMts8TEvJLxGlsC48FPQT6U4OYW4z
ml5HEwGh27I+qspQVFnXXHgSpLqU/yt7ZYoBY7ll4HsvyZxdJ14/vk4J07b00x39
S5P2nNu0m622QIxzyoqesEy4TPvBLQVUf6yQzBmkkP32L2pmoWbz2In73tsYpScB
K0olZZwNNnVquVTBjEZ3HO0I+hWnzTARKHv5X1JGth5fefDYle9W4syfkt+s/k4h
BMt+XVuUQo4gwQRhFxZFJhUBhZ+Ljc6JE7gF/wBz4aCqX1Zy2y+m+mibJO0BROn/
2B/Xqb054qUgmLmm8Xb2326rj5/IQbklf/SgOKanuMJS+CHtYUY=
-----END CERTIFICATE-----
Generated at Sat May 17 19:48:03 2025 by rpki-client