Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/CvY60iw0i1woKc4TrLTfuttBsw0.roa
File: CvY60iw0i1woKc4TrLTfuttBsw0.roa (raw, json)
Hash identifier: IYINoaBeULFk19s7WP7iLE22jNrD5aE7WR2Ogw5ELbE=
Subject key identifier: 0A:F6:3A:D2:2C:34:8B:5C:28:29:CE:13:AC:B4:DF:BA:DB:41:B3:0D
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 01F1
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/CvY60iw0i1woKc4TrLTfuttBsw0.roa
Signing time: Fri 09 May 2025 16:07:45 +0000
ROA not before: Fri 09 May 2025 16:07:45 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 497 (0x1f1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 9 16:07:45 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=0AF63AD22C348B5C2829CE13ACB4DFBADB41B30D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:95:8b:0b:e9:52:37:12:20:96:cb:26:6d:fd:
4a:40:4f:c3:47:be:32:1f:d3:1a:33:ad:8d:16:6d:
55:61:a7:9b:01:8e:b6:0d:b9:df:da:6b:75:38:b8:
01:98:94:04:a9:6d:91:64:13:f3:ca:47:c7:86:ee:
c8:e0:3c:8c:72:c7:09:fe:96:4e:69:bd:a0:55:f5:
b0:6f:e0:00:f6:1e:6f:78:21:22:5a:9d:7a:a0:eb:
96:89:2a:cf:27:e9:9d:12:96:15:39:71:2d:f6:05:
35:87:d3:86:46:24:1f:86:69:68:1f:94:42:34:55:
f6:17:b6:f9:60:86:5a:31:34:8f:c6:c3:92:2e:2c:
b9:d1:0c:6c:31:14:7a:e5:51:84:5e:81:d4:3b:ad:
7d:c8:fe:3b:f9:b9:41:91:7f:29:47:82:b6:aa:94:
bb:2e:69:2b:f1:6b:23:8a:e3:b3:51:1d:0e:c6:00:
d1:e7:82:3f:da:c4:96:9d:24:38:64:70:25:18:8e:
c6:c5:39:a5:89:ef:74:f3:1b:ad:38:32:fd:f0:f1:
ae:cd:91:56:8e:01:3a:fa:9e:06:a1:82:98:22:5f:
a9:bb:ff:b9:1e:2a:d2:f4:c6:37:22:7c:41:e1:bb:
dd:eb:2f:25:ef:78:fe:67:21:17:d8:64:d0:8c:25:
9b:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:F6:3A:D2:2C:34:8B:5C:28:29:CE:13:AC:B4:DF:BA:DB:41:B3:0D
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/CvY60iw0i1woKc4TrLTfuttBsw0.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
a9:30:2d:1d:c1:e2:5e:2b:7a:10:21:d9:10:39:52:ce:74:f9:
ad:31:ad:4a:f0:0d:d1:4d:f1:19:34:01:6d:a1:4a:9f:67:95:
af:73:53:37:47:bc:87:66:23:7e:6f:40:57:cc:bf:a0:ce:1b:
9b:92:45:9d:8f:64:6f:fb:a8:b4:95:a4:ba:43:4f:31:00:c3:
e5:1a:07:c1:59:9c:f8:f0:d6:da:a7:ad:16:82:96:8d:c0:98:
b3:a4:4d:5d:c3:19:69:94:d4:b3:92:b9:fa:94:f9:e1:c6:3b:
38:82:ec:2f:5b:ff:68:26:ed:ab:a0:6e:aa:13:d8:48:a0:ce:
1e:36:ae:70:25:54:57:ed:49:9e:14:c1:3c:9f:ea:4b:a0:d6:
32:eb:d3:61:d7:2e:e7:3d:b1:1d:e4:27:8a:8d:0c:8c:9a:68:
31:7c:d3:8c:cf:2d:9d:59:64:91:9f:f5:ed:0d:87:cb:cf:fc:
cd:91:a1:ed:f3:a4:d1:07:bd:b1:55:db:56:65:75:c9:84:12:
83:72:fd:ab:64:cb:fe:94:65:45:6d:0c:eb:3a:9c:43:3f:fe:
42:e3:74:38:b7:ad:24:39:de:c5:21:01:94:66:ed:64:8b:91:
25:4d:0b:55:9f:7f:4b:1b:da:e1:79:ba:e4:62:11:48:83:2a:
c0:f3:cc:6c
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICAfEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MDkx
NjA3NDVaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDBBRjYzQUQyMkMzNDhC
NUMyODI5Q0UxM0FDQjRERkJBREI0MUIzMEQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCdlYsL6VI3EiCWyyZt/UpAT8NHvjIf0xozrY0WbVVhp5sBjrYN
ud/aa3U4uAGYlASpbZFkE/PKR8eG7sjgPIxyxwn+lk5pvaBV9bBv4AD2Hm94ISJa
nXqg65aJKs8n6Z0SlhU5cS32BTWH04ZGJB+GaWgflEI0VfYXtvlghloxNI/Gw5Iu
LLnRDGwxFHrlUYRegdQ7rX3I/jv5uUGRfylHgraqlLsuaSvxayOK47NRHQ7GANHn
gj/axJadJDhkcCUYjsbFOaWJ73TzG604Mv3w8a7NkVaOATr6ngahgpgiX6m7/7ke
KtL0xjcifEHhu93rLyXveP5nIRfYZNCMJZu7AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUCvY60iw0i1woKc4TrLTfuttBsw0wHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9Ddlk2MGl3MGkxd29LYzRU
ckxUZnV0dEJzdzAucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBAKkwLR3B4l4rehAh2RA5Us50+a0xrUrwDdFN
8Rk0AW2hSp9nla9zUzdHvIdmI35vQFfMv6DOG5uSRZ2PZG/7qLSVpLpDTzEAw+Ua
B8FZnPjw1tqnrRaClo3AmLOkTV3DGWmU1LOSufqU+eHGOziC7C9b/2gm7augbqoT
2Eigzh42rnAlVFftSZ4UwTyf6kug1jLr02HXLuc9sR3kJ4qNDIyaaDF804zPLZ1Z
ZJGf9e0Nh8vP/M2Roe3zpNEHvbFV21ZldcmEEoNy/atky/6UZUVtDOs6nEM//kLj
dDi3rSQ53sUhAZRm7WSLkSVNC1Wff0sb2uF5uuRiEUiDKsDzzGw=
-----END CERTIFICATE-----
Generated at Sat May 17 22:43:44 2025 by rpki-client