Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/B4IbKaRQTUe6LYs7EiXfHa-P2qs.roa
File: B4IbKaRQTUe6LYs7EiXfHa-P2qs.roa (raw, json)
Hash identifier: Xx5M8oI6EdPdVQwBBdBK+PToXJp1W/LwmSvhF+SnVSw=
Subject key identifier: 07:82:1B:29:A4:50:4D:47:BA:2D:8B:3B:12:25:DF:1D:AF:8F:DA:AB
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 058D
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/B4IbKaRQTUe6LYs7EiXfHa-P2qs.roa
Signing time: Wed 14 May 2025 11:38:02 +0000
ROA not before: Wed 14 May 2025 11:38:02 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1421 (0x58d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 14 11:38:02 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=07821B29A4504D47BA2D8B3B1225DF1DAF8FDAAB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:1b:d9:90:05:e7:77:11:04:9f:6a:aa:ad:83:
9f:de:d5:bc:a5:d2:e1:d4:6d:d5:27:19:ce:b7:ca:
81:fe:16:7d:fc:a8:e2:e6:4a:82:9a:92:4d:15:73:
fe:be:04:c3:6d:47:64:62:9e:41:17:9d:54:6b:92:
85:6d:87:ea:df:28:5e:cb:e2:42:5c:33:55:20:bc:
7a:7f:84:78:54:1c:59:72:8e:d4:7e:7c:0f:03:a1:
22:cd:7a:2f:94:57:3d:15:3c:4e:a7:bd:78:32:60:
68:74:d4:f0:b2:b9:52:f1:fb:63:6a:fe:93:3e:28:
a4:ac:3a:9e:f2:38:bf:33:85:42:71:57:65:aa:4a:
a6:1f:8a:ef:cb:53:17:a4:55:4a:12:c6:88:8c:c9:
7c:f6:04:eb:5e:10:c1:8d:3b:da:33:97:01:92:b1:
9f:29:f7:1c:61:dd:6a:76:9e:34:58:54:72:f4:11:
bc:42:18:b6:e6:4b:7c:37:24:92:e1:63:c1:0e:97:
b3:29:dc:3e:e6:bf:8e:6e:52:e9:94:47:3b:19:7c:
d8:6a:23:b1:c9:ab:af:6f:d9:d6:df:4a:c0:85:ad:
d7:2d:07:26:7d:93:d5:fa:3b:ba:0f:b2:9d:4e:9c:
58:a9:34:c2:2b:66:9e:7f:29:f7:7b:cf:a0:32:0d:
cd:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:82:1B:29:A4:50:4D:47:BA:2D:8B:3B:12:25:DF:1D:AF:8F:DA:AB
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/B4IbKaRQTUe6LYs7EiXfHa-P2qs.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
25:4e:8e:9f:ec:d8:9a:b3:e5:2c:bf:c4:9a:0e:a9:85:ad:76:
8f:2b:fe:f7:f1:30:09:bf:83:0b:71:42:7a:d5:70:af:90:13:
fa:c4:24:43:4c:25:b6:1e:86:b0:2c:3b:ea:94:35:02:7e:7f:
81:fd:c8:d9:a3:dd:80:a1:f0:ae:ca:cd:d8:ae:97:ad:b8:6b:
4c:bb:9c:5f:75:e1:e6:46:8a:87:a0:08:8e:75:cd:1a:7e:41:
9d:14:b4:bc:f3:ca:d8:00:b7:35:0e:3b:2c:4e:aa:81:7d:b5:
d4:5b:b7:64:25:02:75:cd:3b:7f:31:d1:a9:2d:6e:84:e8:6c:
db:75:30:ec:7d:2e:eb:d0:46:f0:8e:5f:25:5b:2c:12:5a:ca:
5f:8f:46:04:35:54:ba:47:c4:b4:bb:c9:ee:7f:c4:80:1e:b5:
dd:21:b4:d6:51:4c:f6:31:da:d2:47:b7:64:3d:3c:09:d9:27:
3e:a9:a9:00:2e:96:19:17:f6:af:e3:db:70:07:32:ec:e9:d7:
dc:36:df:73:ef:73:de:76:01:37:a1:67:b9:cf:ff:f4:bd:e2:
68:c7:1b:6f:fa:c8:45:9b:de:80:87:06:ea:b2:fb:64:f1:ab:
96:41:b0:8f:3a:3a:6a:eb:90:0d:e1:89:01:2c:c7:3b:1c:1a:
08:71:a0:ff
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICBY0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTQx
MTM4MDJaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDA3ODIxQjI5QTQ1MDRE
NDdCQTJEOEIzQjEyMjVERjFEQUY4RkRBQUIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCzG9mQBed3EQSfaqqtg5/e1byl0uHUbdUnGc63yoH+Fn38qOLm
SoKakk0Vc/6+BMNtR2RinkEXnVRrkoVth+rfKF7L4kJcM1UgvHp/hHhUHFlyjtR+
fA8DoSLNei+UVz0VPE6nvXgyYGh01PCyuVLx+2Nq/pM+KKSsOp7yOL8zhUJxV2Wq
SqYfiu/LUxekVUoSxoiMyXz2BOteEMGNO9ozlwGSsZ8p9xxh3Wp2njRYVHL0EbxC
GLbmS3w3JJLhY8EOl7Mp3D7mv45uUumURzsZfNhqI7HJq69v2dbfSsCFrdctByZ9
k9X6O7oPsp1OnFipNMIrZp5/Kfd7z6AyDc0BAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUB4IbKaRQTUe6LYs7EiXfHa+P2qswHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9CNEliS2FSUVRVZTZMWXM3
RWlYZkhhLVAycXMucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBACVOjp/s2Jqz5Sy/xJoOqYWtdo8r/vfxMAm/
gwtxQnrVcK+QE/rEJENMJbYehrAsO+qUNQJ+f4H9yNmj3YCh8K7Kzdiul624a0y7
nF914eZGioegCI51zRp+QZ0UtLzzytgAtzUOOyxOqoF9tdRbt2QlAnXNO38x0akt
boTobNt1MOx9LuvQRvCOXyVbLBJayl+PRgQ1VLpHxLS7ye5/xIAetd0htNZRTPYx
2tJHt2Q9PAnZJz6pqQAulhkX9q/j23AHMuzp19w233Pvc952ATehZ7nP//S94mjH
G2/6yEWb3oCHBuqy+2Txq5ZBsI86OmrrkA3hiQEsxzscGghxoP8=
-----END CERTIFICATE-----
Generated at Sun May 18 12:24:19 2025 by rpki-client