Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/AxWu2_6Y43Wq_yQ_l-K0ub6frLE.roa
File: AxWu2_6Y43Wq_yQ_l-K0ub6frLE.roa (raw, json)
Hash identifier: ZLMCbB0fqkQgCVly+La0f7LgPQtBL+vp2n1nHzOVooE=
Subject key identifier: 03:15:AE:DB:FE:98:E3:75:AA:FF:24:3F:97:E2:B4:B9:BE:9F:AC:B1
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 07BD
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/AxWu2_6Y43Wq_yQ_l-K0ub6frLE.roa
Signing time: Sat 17 May 2025 09:38:07 +0000
ROA not before: Sat 17 May 2025 09:38:07 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1981 (0x7bd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 17 09:38:07 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=0315AEDBFE98E375AAFF243F97E2B4B9BE9FACB1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:84:59:16:f0:7f:12:55:ab:a0:80:d8:0b:5b:
be:d0:25:0b:8c:aa:0a:53:df:ec:a0:ce:94:92:33:
b6:7b:41:55:f7:d3:2e:02:ad:24:c1:d9:6a:29:77:
db:c2:c2:c0:c5:3c:b3:eb:06:16:55:1a:17:43:24:
87:a4:18:c4:80:19:84:83:4b:b7:24:dd:58:57:4d:
68:c3:f5:8e:7a:7e:89:a4:1e:32:8d:4a:aa:f4:43:
c3:78:30:18:49:a2:62:4a:bc:3f:3d:9f:27:52:6b:
43:be:e7:48:7a:5c:8a:12:4c:c0:ae:dc:37:34:bb:
de:c6:42:fd:fa:b9:11:86:7a:90:32:ad:53:00:e8:
4a:01:e8:8d:ff:71:a0:e9:a7:26:2b:28:7c:16:70:
bc:37:df:f9:08:93:5e:54:64:8f:2d:7c:bf:21:2f:
39:24:34:4a:c6:5f:05:26:fc:89:ca:b2:c1:8c:fc:
cc:97:ac:2a:5d:79:86:b5:76:6d:05:1e:cb:b2:2c:
29:10:b0:63:50:1d:53:f1:b1:c4:1f:0e:e1:0e:f2:
f4:1f:e6:5c:29:7b:44:ac:1d:a9:75:1c:93:fb:e7:
59:ef:3d:51:4f:64:89:33:87:ad:e5:da:af:12:3a:
78:c0:a4:42:e1:94:5a:95:76:fe:2f:ea:b3:2c:47:
78:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:15:AE:DB:FE:98:E3:75:AA:FF:24:3F:97:E2:B4:B9:BE:9F:AC:B1
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/AxWu2_6Y43Wq_yQ_l-K0ub6frLE.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
a0:67:9e:32:7d:37:cc:86:8f:88:7a:de:5c:e9:25:89:33:71:
76:9c:23:de:65:59:88:38:26:20:14:30:8b:de:e0:be:1b:9f:
b4:44:6c:42:f1:c4:4d:c4:51:ea:48:8f:0e:4b:6b:89:69:5a:
79:68:b8:c6:69:32:b0:d8:51:96:92:45:d2:7d:d6:04:d6:66:
fe:7a:bb:24:67:9e:61:fa:07:88:92:93:e1:bd:33:70:df:d1:
52:9c:cb:e7:d3:93:12:43:e2:a8:f7:c0:b2:1c:ec:21:11:9c:
03:bf:fb:6f:e4:8d:f2:b4:7a:90:78:20:81:f6:ea:49:97:a4:
e5:b9:c9:b5:51:c6:79:01:b1:c5:2a:06:86:7e:eb:56:83:84:
42:b6:55:49:04:e6:9e:83:96:a3:35:9a:1a:79:4b:1b:26:0e:
4e:e1:e8:e7:e0:30:3c:0c:17:f9:65:8e:67:13:a4:bf:92:4f:
12:35:ea:ab:56:cb:70:6a:1a:0c:e9:9f:d5:dd:ae:9e:56:5a:
a0:7e:fa:31:78:81:46:82:4c:ed:76:d1:fe:b1:16:9c:c0:6b:
55:8a:77:d7:3a:0c:0c:34:58:f2:1e:ca:3d:ee:c9:27:d7:83:
21:65:3e:de:a1:51:98:95:10:0c:2a:c6:9f:cf:7b:6e:96:56:
1a:dd:7b:40
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICB70wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTcw
OTM4MDdaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDAzMTVBRURCRkU5OEUz
NzVBQUZGMjQzRjk3RTJCNEI5QkU5RkFDQjEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCohFkW8H8SVauggNgLW77QJQuMqgpT3+ygzpSSM7Z7QVX30y4C
rSTB2Wopd9vCwsDFPLPrBhZVGhdDJIekGMSAGYSDS7ck3VhXTWjD9Y56fomkHjKN
Sqr0Q8N4MBhJomJKvD89nydSa0O+50h6XIoSTMCu3Dc0u97GQv36uRGGepAyrVMA
6EoB6I3/caDppyYrKHwWcLw33/kIk15UZI8tfL8hLzkkNErGXwUm/InKssGM/MyX
rCpdeYa1dm0FHsuyLCkQsGNQHVPxscQfDuEO8vQf5lwpe0SsHal1HJP751nvPVFP
ZIkzh63l2q8SOnjApELhlFqVdv4v6rMsR3hFAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUAxWu2/6Y43Wq/yQ/l+K0ub6frLEwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9BeFd1Ml82WTQzV3FfeVFf
bC1LMHViNmZyTEUucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBAKBnnjJ9N8yGj4h63lzpJYkzcXacI95lWYg4
JiAUMIve4L4bn7REbELxxE3EUepIjw5La4lpWnlouMZpMrDYUZaSRdJ91gTWZv56
uyRnnmH6B4iSk+G9M3Df0VKcy+fTkxJD4qj3wLIc7CERnAO/+2/kjfK0epB4IIH2
6kmXpOW5ybVRxnkBscUqBoZ+61aDhEK2VUkE5p6DlqM1mhp5SxsmDk7h6OfgMDwM
F/lljmcTpL+STxI16qtWy3BqGgzpn9Xdrp5WWqB++jF4gUaCTO120f6xFpzAa1WK
d9c6DAw0WPIeyj3uySfXgyFlPt6hUZiVEAwqxp/Pe26WVhrde0A=
-----END CERTIFICATE-----
Generated at Sun May 18 04:48:40 2025 by rpki-client