Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/Cu8oUnQPYq11mx25KlZid7-Ae3k.roa
File: Cu8oUnQPYq11mx25KlZid7-Ae3k.roa (raw, json)
Hash identifier: 5NQYzYcgW7z9fQzqRKEvwqLQt4L3U2wkdxr4UPuAdeU=
Subject key identifier: 0A:EF:28:52:74:0F:62:AD:75:9B:1D:B9:2A:56:62:77:BF:80:7B:79
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 072D
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/Cu8oUnQPYq11mx25KlZid7-Ae3k.roa
Signing time: Fri 16 May 2025 15:38:04 +0000
ROA not before: Fri 16 May 2025 15:38:04 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1837 (0x72d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 16 15:38:04 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=0AEF2852740F62AD759B1DB92A566277BF807B79
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:75:3c:2f:98:28:1f:3e:50:8a:92:15:6b:eb:
07:84:01:af:a0:2b:9d:39:f8:96:e9:2b:53:42:13:
70:6c:88:df:fa:86:95:b0:37:7b:d7:c4:fe:02:13:
d6:e0:a5:65:8f:69:24:83:58:38:b7:7c:0a:90:6d:
65:c8:de:f5:4d:17:f9:8a:19:3a:fd:8b:64:4b:a0:
f6:e4:b8:6d:59:c2:63:1d:5c:21:59:78:ec:2f:d1:
d5:53:35:04:9c:00:ca:4b:88:ea:58:e9:e9:39:a5:
dd:c5:ef:7b:0b:5c:53:b6:46:9b:eb:e3:b1:3b:93:
3e:39:21:e5:e6:1c:90:e9:72:26:21:45:93:82:b4:
81:6a:7f:fd:37:8c:3c:7f:1e:60:7d:2b:25:10:dc:
2e:2d:57:2b:cf:36:1e:16:1e:3e:86:0c:9a:62:0e:
8f:7c:c2:24:21:29:55:9c:ae:03:b7:d2:5c:b2:40:
ee:38:6c:32:0c:ae:9a:4e:0f:99:ed:0b:76:cd:84:
5c:bd:8a:ac:6a:a0:28:29:33:89:42:67:b1:e9:ad:
e8:9a:fc:b6:a0:48:d5:ee:04:f8:ce:55:0e:12:80:
ed:87:eb:35:e9:63:60:ee:af:8d:fa:c7:6b:a9:a4:
6e:8d:c0:c4:74:fc:60:27:ac:f7:d2:db:28:c8:17:
6a:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:EF:28:52:74:0F:62:AD:75:9B:1D:B9:2A:56:62:77:BF:80:7B:79
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/Cu8oUnQPYq11mx25KlZid7-Ae3k.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
79:ba:00:0d:b1:a2:9d:10:5e:25:cc:f7:3d:e4:a7:c5:cf:a0:
68:3f:94:6d:ef:97:45:90:33:9c:10:09:56:4b:1f:0e:56:55:
bc:57:4f:59:30:4e:0d:8d:5b:bf:de:75:8f:a8:1e:ba:96:7e:
e1:a0:b8:c2:cf:cf:8a:1c:03:c7:2a:11:14:16:76:78:fe:43:
2b:64:4d:63:1e:7b:05:1e:bc:1e:5d:90:e3:ec:24:1c:60:63:
a8:ed:42:7c:27:5f:49:46:f9:14:66:1d:64:79:68:50:08:be:
9e:5b:e9:3c:61:fe:25:a2:07:e1:d3:e2:2a:d6:cd:9a:31:36:
6e:65:03:a0:28:8a:d4:58:fa:2b:e1:8d:2f:95:e3:76:5f:91:
56:83:0c:86:ba:af:c7:eb:2c:e7:51:8e:fc:1e:98:6a:60:1e:
3e:43:89:03:23:7c:c8:a1:3b:48:2d:98:62:68:eb:27:5f:cf:
b8:79:b2:2b:7d:5f:f2:ca:01:1a:15:61:0f:b2:d0:41:cc:43:
9b:fd:4a:ba:2a:cf:18:ff:94:12:38:a9:31:bb:d2:a6:bf:ec:
cb:13:68:be:47:7d:40:13:1a:9d:94:a8:93:47:95:9b:c1:0c:
18:b7:d2:4e:44:3b:a5:a3:d5:b4:54:c9:5d:37:47:0f:d2:2c:
33:94:1c:b6
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICBy0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTYx
NTM4MDRaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDBBRUYyODUyNzQwRjYy
QUQ3NTlCMURCOTJBNTY2Mjc3QkY4MDdCNzkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDYdTwvmCgfPlCKkhVr6weEAa+gK505+JbpK1NCE3BsiN/6hpWw
N3vXxP4CE9bgpWWPaSSDWDi3fAqQbWXI3vVNF/mKGTr9i2RLoPbkuG1ZwmMdXCFZ
eOwv0dVTNQScAMpLiOpY6ek5pd3F73sLXFO2Rpvr47E7kz45IeXmHJDpciYhRZOC
tIFqf/03jDx/HmB9KyUQ3C4tVyvPNh4WHj6GDJpiDo98wiQhKVWcrgO30lyyQO44
bDIMrppOD5ntC3bNhFy9iqxqoCgpM4lCZ7Hpreia/LagSNXuBPjOVQ4SgO2H6zXp
Y2Dur436x2uppG6NwMR0/GAnrPfS2yjIF2pjAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUCu8oUnQPYq11mx25KlZid7+Ae3kwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9DdThvVW5RUFlxMTFteDI1
S2xaaWQ3LUFlM2sucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBAHm6AA2xop0QXiXM9z3kp8XPoGg/lG3vl0WQ
M5wQCVZLHw5WVbxXT1kwTg2NW7/edY+oHrqWfuGguMLPz4ocA8cqERQWdnj+Qytk
TWMeewUevB5dkOPsJBxgY6jtQnwnX0lG+RRmHWR5aFAIvp5b6Txh/iWiB+HT4irW
zZoxNm5lA6AoitRY+ivhjS+V43ZfkVaDDIa6r8frLOdRjvwemGpgHj5DiQMjfMih
O0gtmGJo6ydfz7h5sit9X/LKARoVYQ+y0EHMQ5v9Sroqzxj/lBI4qTG70qa/7MsT
aL5HfUATGp2UqJNHlZvBDBi30k5EO6Wj1bRUyV03Rw/SLDOUHLY=
-----END CERTIFICATE-----
Generated at Sun May 18 04:53:58 2025 by rpki-client