Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/EviAAttef3bv4FUXfxBMTU-1sxw.roa
File: EviAAttef3bv4FUXfxBMTU-1sxw.roa (raw, json)
Hash identifier: bF2hUjZVeYD6kiKjcRS6RYwGVOILTrmuItG1zP6KdlU=
Subject key identifier: 12:F8:80:02:DB:5E:7F:76:EF:E0:55:17:7F:10:4C:4D:4F:B5:B3:1C
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0701
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/EviAAttef3bv4FUXfxBMTU-1sxw.roa
Signing time: Fri 16 May 2025 10:08:29 +0000
ROA not before: Fri 16 May 2025 10:08:29 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1793 (0x701)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 16 10:08:29 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=12F88002DB5E7F76EFE055177F104C4D4FB5B31C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:c9:be:ab:e1:e9:c9:58:44:49:1c:7f:53:99:
57:80:9a:58:4c:79:1e:d5:67:bb:b3:e6:4b:b7:af:
0c:1f:a6:28:af:c4:b9:f1:04:23:28:04:0d:c4:67:
1a:e6:bc:5c:bb:0e:80:fb:ab:59:e2:d9:07:26:5f:
84:29:1b:d0:b3:96:8b:cb:9b:b4:9d:d6:60:70:8d:
da:da:e3:2b:ec:34:e7:0b:46:50:d3:5f:56:b7:ab:
29:ee:48:bd:cd:e5:2d:85:66:a5:5e:6c:3f:33:15:
84:2a:82:8e:35:a9:f0:69:9b:75:d0:97:27:51:3e:
37:ce:10:09:30:be:d6:06:b7:68:f1:80:62:d4:61:
91:9a:ab:ee:be:ee:62:5b:4e:90:e2:cc:c1:59:67:
8d:dd:b7:b0:78:72:33:37:27:9e:e6:48:14:af:22:
0b:af:ff:e5:e6:01:54:2a:43:dc:e2:b6:51:7d:92:
f8:88:e3:9b:b3:d9:55:d8:64:5e:e1:79:2e:3f:a3:
db:60:ac:58:10:7d:24:3a:ed:79:5b:48:cb:f2:f8:
78:c0:4e:3b:8c:1b:e9:1a:e2:3d:d5:c6:21:a9:6b:
3b:22:dd:1e:b9:4c:7e:57:b6:e4:44:36:86:6c:fc:
22:48:97:41:9d:de:c4:5f:e9:24:52:4c:b6:bb:23:
47:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:F8:80:02:DB:5E:7F:76:EF:E0:55:17:7F:10:4C:4D:4F:B5:B3:1C
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/EviAAttef3bv4FUXfxBMTU-1sxw.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
7c:c5:b8:d9:ab:92:71:f3:0c:1f:55:10:fa:6d:ad:95:6b:41:
69:cc:30:54:9f:22:74:72:cb:fe:a2:3d:bf:92:d1:97:8c:d3:
73:a7:61:4d:f9:86:d7:ab:6b:0b:bd:1f:e0:07:8f:71:bd:ba:
3f:c2:1e:23:4f:64:d4:72:14:20:ca:ed:0a:a0:93:9c:ff:a7:
52:31:50:a4:fb:1e:21:91:2a:9d:9f:09:8f:57:3d:6a:ac:14:
80:83:92:08:e7:fe:0e:82:e1:fc:ea:df:a7:db:3a:9a:91:2f:
5d:2b:85:bc:36:61:8d:91:a4:38:1f:7a:90:3b:36:f0:6c:79:
8d:db:d4:cb:62:fe:85:24:eb:9e:a4:ac:c1:e4:d1:b9:47:b4:
91:55:70:97:32:b5:c2:e9:63:a3:a9:0b:80:4e:67:a1:90:60:
1c:81:12:f1:80:bd:42:c1:cd:b9:97:51:d0:c0:d6:c4:54:48:
c4:86:64:fc:e0:92:65:0b:1f:68:41:a1:4c:43:60:a4:89:4d:
61:8e:8e:ca:db:a0:75:90:fd:b2:91:cf:7d:cd:22:ee:0e:11:
5a:84:cc:34:1e:48:a5:ec:4b:cf:08:65:cb:f7:23:29:c7:41:
e4:f0:6c:9e:ec:a6:3c:9c:73:15:ff:cc:22:18:40:02:43:0c:
27:91:01:fb
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICBwEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTYx
MDA4MjlaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDEyRjg4MDAyREI1RTdG
NzZFRkUwNTUxNzdGMTA0QzRENEZCNUIzMUMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC9yb6r4enJWERJHH9TmVeAmlhMeR7VZ7uz5ku3rwwfpiivxLnx
BCMoBA3EZxrmvFy7DoD7q1ni2QcmX4QpG9CzlovLm7Sd1mBwjdra4yvsNOcLRlDT
X1a3qynuSL3N5S2FZqVebD8zFYQqgo41qfBpm3XQlydRPjfOEAkwvtYGt2jxgGLU
YZGaq+6+7mJbTpDizMFZZ43dt7B4cjM3J57mSBSvIguv/+XmAVQqQ9zitlF9kviI
45uz2VXYZF7heS4/o9tgrFgQfSQ67XlbSMvy+HjATjuMG+ka4j3VxiGpazsi3R65
TH5XtuRENoZs/CJIl0Gd3sRf6SRSTLa7I0epAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUEviAAttef3bv4FUXfxBMTU+1sxwwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9FdmlBQXR0ZWYzYnY0RlVY
ZnhCTVRVLTFzeHcucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBAHzFuNmrknHzDB9VEPptrZVrQWnMMFSfInRy
y/6iPb+S0ZeM03OnYU35hterawu9H+AHj3G9uj/CHiNPZNRyFCDK7Qqgk5z/p1Ix
UKT7HiGRKp2fCY9XPWqsFICDkgjn/g6C4fzq36fbOpqRL10rhbw2YY2RpDgfepA7
NvBseY3b1Mti/oUk656krMHk0blHtJFVcJcytcLpY6OpC4BOZ6GQYByBEvGAvULB
zbmXUdDA1sRUSMSGZPzgkmULH2hBoUxDYKSJTWGOjsrboHWQ/bKRz33NIu4OEVqE
zDQeSKXsS88IZcv3IynHQeTwbJ7spjyccxX/zCIYQAJDDCeRAfs=
-----END CERTIFICATE-----
Generated at Sat May 17 22:51:06 2025 by rpki-client