Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/CRhJ4YLNtc5WPlwflTWZIBQtL94.roa
File: CRhJ4YLNtc5WPlwflTWZIBQtL94.roa (raw, json)
Hash identifier: 81BVSGyTV5qdmAvAkvDV169HoXkgtyb7fvEdUfu10PA=
Subject key identifier: 09:18:49:E1:82:CD:B5:CE:56:3E:5C:1F:95:35:99:20:14:2D:2F:DE
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0535
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/CRhJ4YLNtc5WPlwflTWZIBQtL94.roa
Signing time: Wed 14 May 2025 00:37:58 +0000
ROA not before: Wed 14 May 2025 00:37:58 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1333 (0x535)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 14 00:37:58 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=091849E182CDB5CE563E5C1F95359920142D2FDE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:cd:44:0e:1b:90:b5:44:5b:13:40:41:15:55:
0c:03:ca:93:9e:97:fc:99:ef:a8:32:ac:b0:31:53:
b9:71:d5:8a:49:e7:cd:03:e1:c3:7d:fa:e2:0f:4a:
39:95:92:db:f9:41:b8:cc:2a:8b:5f:01:87:d6:00:
ae:e5:99:c2:24:93:2d:18:97:74:d5:dd:ca:b0:03:
29:66:49:fb:1e:de:cd:24:3d:b8:8e:67:d1:13:f6:
f9:c0:9f:5f:da:cd:98:dc:2f:e5:8e:6b:bd:ad:7a:
ab:39:16:12:5e:1a:98:bc:36:3c:69:47:40:53:5e:
e5:65:8d:c3:36:69:ba:1c:63:68:f4:91:53:a1:70:
8b:c3:9b:4b:d3:9b:64:81:c2:30:cd:58:63:8c:0a:
a4:b8:ac:d9:a3:54:5b:b6:0d:79:af:4a:fb:8d:e0:
73:08:ec:68:bd:89:df:11:c4:5d:3a:75:43:2c:0b:
93:93:28:e4:13:2f:16:9f:84:63:af:37:d5:cc:20:
24:7b:c8:a0:2e:7c:7d:6e:3f:be:79:e0:c4:ec:12:
d5:5d:6a:eb:9e:a2:ca:9a:de:fa:f8:b1:78:15:d2:
d8:8a:49:52:16:dc:47:da:5e:d5:d1:68:d5:6b:db:
53:f5:e6:24:58:cf:af:e4:7c:40:4d:66:1a:29:38:
0e:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:18:49:E1:82:CD:B5:CE:56:3E:5C:1F:95:35:99:20:14:2D:2F:DE
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/CRhJ4YLNtc5WPlwflTWZIBQtL94.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
a3:96:6b:0b:28:e9:c9:b0:0f:f0:19:65:c9:4c:ab:8f:33:ef:
30:d2:22:af:64:13:2f:6a:97:39:79:e9:a9:ce:18:d9:a3:e2:
04:a0:93:b0:fa:4f:1b:05:6a:9e:fa:f5:96:19:f5:03:28:24:
c7:f4:c2:ec:dd:0c:79:ae:0f:ac:f3:64:8d:74:24:b0:e6:83:
dd:df:46:88:d4:d7:47:dc:3d:d1:00:f9:f8:84:5c:46:76:5b:
1e:8b:3a:31:4e:d0:ad:9d:e9:f1:cd:b2:6b:b7:a5:4d:a9:85:
b2:d2:de:a3:05:21:09:8c:fd:25:66:00:55:be:b1:ee:b0:dc:
91:60:93:28:fd:b0:b2:60:af:82:6a:d5:48:7c:0f:d9:d9:93:
af:10:5d:43:29:8a:4c:92:0e:fc:11:45:d7:83:f2:71:18:2a:
f2:eb:0c:c8:71:5f:ac:68:a7:eb:86:6d:9d:6e:82:50:18:7a:
db:0f:1f:16:ab:53:14:2d:a4:4b:4f:b8:96:7c:30:fc:05:12:
84:81:0a:59:62:96:70:ae:78:ce:35:4d:83:ad:11:ed:3e:b8:
ca:8a:37:23:ef:ee:42:c9:de:10:f2:f4:72:bd:15:ab:d9:9f:
0e:8b:5a:f0:c5:90:d6:3b:83:68:1e:f6:42:50:89:c1:7a:b4:
72:3b:91:50
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICBTUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTQw
MDM3NThaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDA5MTg0OUUxODJDREI1
Q0U1NjNFNUMxRjk1MzU5OTIwMTQyRDJGREUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDUzUQOG5C1RFsTQEEVVQwDypOel/yZ76gyrLAxU7lx1YpJ580D
4cN9+uIPSjmVktv5QbjMKotfAYfWAK7lmcIkky0Yl3TV3cqwAylmSfse3s0kPbiO
Z9ET9vnAn1/azZjcL+WOa72teqs5FhJeGpi8NjxpR0BTXuVljcM2abocY2j0kVOh
cIvDm0vTm2SBwjDNWGOMCqS4rNmjVFu2DXmvSvuN4HMI7Gi9id8RxF06dUMsC5OT
KOQTLxafhGOvN9XMICR7yKAufH1uP7554MTsEtVdauueosqa3vr4sXgV0tiKSVIW
3EfaXtXRaNVr21P15iRYz6/kfEBNZhopOA55AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUCRhJ4YLNtc5WPlwflTWZIBQtL94wHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9DUmhKNFlMTnRjNVdQbHdm
bFRXWklCUXRMOTQucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBAKOWawso6cmwD/AZZclMq48z7zDSIq9kEy9q
lzl56anOGNmj4gSgk7D6TxsFap769ZYZ9QMoJMf0wuzdDHmuD6zzZI10JLDmg93f
RojU10fcPdEA+fiEXEZ2Wx6LOjFO0K2d6fHNsmu3pU2phbLS3qMFIQmM/SVmAFW+
se6w3JFgkyj9sLJgr4Jq1Uh8D9nZk68QXUMpikySDvwRRdeD8nEYKvLrDMhxX6xo
p+uGbZ1uglAYetsPHxarUxQtpEtPuJZ8MPwFEoSBCllilnCueM41TYOtEe0+uMqK
NyPv7kLJ3hDy9HK9FavZnw6LWvDFkNY7g2ge9kJQicF6tHI7kVA=
-----END CERTIFICATE-----
Generated at Sat May 17 19:41:20 2025 by rpki-client