Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/FlTJpf3lorBcCb7Du0cNzaMLpsY.roa
File: FlTJpf3lorBcCb7Du0cNzaMLpsY.roa (raw, json)
Hash identifier: 4kF5dV0F3e8I8Y0OT7F6nFa/cWa/i0rERDn8QPjeLbY=
Subject key identifier: 16:54:C9:A5:FD:E5:A2:B0:5C:09:BE:C3:BB:47:0D:CD:A3:0B:A6:C6
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 04A1
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/FlTJpf3lorBcCb7Du0cNzaMLpsY.roa
Signing time: Tue 13 May 2025 06:08:03 +0000
ROA not before: Tue 13 May 2025 06:08:03 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1185 (0x4a1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 13 06:08:03 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=1654C9A5FDE5A2B05C09BEC3BB470DCDA30BA6C6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:88:dc:82:05:83:58:73:09:9f:87:ab:e9:35:
59:c6:5b:a2:c5:dc:d8:08:b4:29:d9:19:56:35:7e:
6b:9a:81:49:34:bc:c1:76:0a:d5:df:31:6d:db:2e:
33:90:92:17:19:e9:7e:e7:2a:40:e1:05:41:13:01:
87:dc:86:3e:eb:bf:6e:32:54:8a:b2:99:f1:98:a7:
c5:8d:96:05:7f:8e:6f:56:3e:32:3f:0a:70:06:e0:
af:40:54:f7:9d:6b:cb:fc:b1:c9:7c:18:36:cc:7a:
b6:a0:3c:7e:3f:43:64:80:76:dd:41:52:12:ec:8e:
b7:21:bd:fa:a1:39:24:d1:a3:cc:7a:46:aa:68:0c:
35:32:0b:66:f9:d3:c2:69:5a:5c:60:44:17:f6:bc:
dd:36:73:27:93:cb:16:42:bf:a5:7c:8a:f6:a1:98:
e7:3f:5c:f4:9a:ad:88:d3:ee:b7:bd:8f:ee:20:fd:
2c:e3:6d:8f:21:f8:46:38:48:8a:86:b8:f0:9c:b8:
5b:d3:cf:1d:50:67:52:a9:8e:f1:7d:62:08:79:6e:
27:ed:1c:e0:65:15:97:4f:e7:3c:12:87:9b:6c:b7:
30:5f:fe:84:19:e3:aa:6e:3a:39:60:8b:81:02:36:
07:40:90:b3:2d:53:62:d4:6d:ed:15:da:c7:d4:6c:
3a:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:54:C9:A5:FD:E5:A2:B0:5C:09:BE:C3:BB:47:0D:CD:A3:0B:A6:C6
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/FlTJpf3lorBcCb7Du0cNzaMLpsY.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
ae:15:3f:84:17:f5:37:4a:16:f2:e2:02:b6:bb:40:e7:86:78:
2a:84:60:d2:e4:68:36:78:b4:d7:9e:48:fb:c7:8e:85:f9:e0:
a6:27:88:c2:83:41:8a:b2:11:a6:4d:aa:ba:80:c1:f3:87:21:
63:74:7e:a6:9e:96:68:6b:b2:74:e7:82:95:3f:56:c3:46:ba:
a9:87:19:4a:92:e1:44:4a:64:47:70:e6:b0:ba:97:29:a0:24:
3d:25:d3:09:65:71:06:b0:c4:53:11:c5:7f:1a:8e:a8:2d:33:
c4:c3:0f:2a:8d:64:73:78:b3:1f:8e:f8:2f:ae:7c:09:e3:7d:
07:69:87:85:37:19:56:4a:6b:3c:4a:d4:88:80:63:c0:26:1e:
a9:62:c7:32:e0:82:6a:e5:c0:f3:4a:f6:db:2f:e7:0e:b8:9c:
39:8f:74:d5:7e:e7:20:12:da:36:62:bd:28:56:09:34:1f:f5:
34:d3:cd:1c:9f:ef:a1:89:20:c0:5b:68:a3:65:ec:3e:cd:3d:
69:63:97:95:45:b9:b3:1d:85:3b:0e:ac:46:d7:7c:ca:fc:df:
16:3c:b1:cd:e3:15:dd:22:0d:34:68:03:b0:ee:af:78:ef:82:
64:e8:d3:fd:6e:b9:7b:e7:b6:f8:23:6d:a7:94:53:37:12:33:
d2:8c:77:0b
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICBKEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTMw
NjA4MDNaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDE2NTRDOUE1RkRFNUEy
QjA1QzA5QkVDM0JCNDcwRENEQTMwQkE2QzYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC7iNyCBYNYcwmfh6vpNVnGW6LF3NgItCnZGVY1fmuagUk0vMF2
CtXfMW3bLjOQkhcZ6X7nKkDhBUETAYfchj7rv24yVIqymfGYp8WNlgV/jm9WPjI/
CnAG4K9AVPeda8v8scl8GDbMeragPH4/Q2SAdt1BUhLsjrchvfqhOSTRo8x6Rqpo
DDUyC2b508JpWlxgRBf2vN02cyeTyxZCv6V8ivahmOc/XPSarYjT7re9j+4g/Szj
bY8h+EY4SIqGuPCcuFvTzx1QZ1KpjvF9Ygh5biftHOBlFZdP5zwSh5tstzBf/oQZ
46puOjlgi4ECNgdAkLMtU2LUbe0V2sfUbDqbAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUFlTJpf3lorBcCb7Du0cNzaMLpsYwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9GbFRKcGYzbG9yQmNDYjdE
dTBjTnphTUxwc1kucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBAK4VP4QX9TdKFvLiAra7QOeGeCqEYNLkaDZ4
tNeeSPvHjoX54KYniMKDQYqyEaZNqrqAwfOHIWN0fqaelmhrsnTngpU/VsNGuqmH
GUqS4URKZEdw5rC6lymgJD0l0wllcQawxFMRxX8ajqgtM8TDDyqNZHN4sx+O+C+u
fAnjfQdph4U3GVZKazxK1IiAY8AmHqlixzLggmrlwPNK9tsv5w64nDmPdNV+5yAS
2jZivShWCTQf9TTTzRyf76GJIMBbaKNl7D7NPWljl5VFubMdhTsOrEbXfMr83xY8
sc3jFd0iDTRoA7Dur3jvgmTo0/1uuXvntvgjbaeUUzcSM9KMdws=
-----END CERTIFICATE-----
Generated at Sat May 17 19:46:27 2025 by rpki-client