Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/G3Hn8k5BsMeA7K3r_GwTP8IJKpk.roa
File: G3Hn8k5BsMeA7K3r_GwTP8IJKpk.roa (raw, json)
Hash identifier: IC+kDpozbPgLXxvC61f7Sy90YEcy9ZmYrJTJ18D6mJM=
Subject key identifier: 1B:71:E7:F2:4E:41:B0:C7:80:EC:AD:EB:FC:6C:13:3F:C2:09:2A:99
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0571
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/G3Hn8k5BsMeA7K3r_GwTP8IJKpk.roa
Signing time: Wed 14 May 2025 08:08:02 +0000
ROA not before: Wed 14 May 2025 08:08:02 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1393 (0x571)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 14 08:08:02 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=1B71E7F24E41B0C780ECADEBFC6C133FC2092A99
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fd:b6:2c:b1:5a:17:fa:df:7e:c9:90:da:c0:b2:
be:6c:fc:66:6d:25:cb:5c:6a:ab:39:47:6a:6f:5e:
7b:41:41:07:37:8c:a9:1e:60:3b:4f:ee:27:99:54:
58:ea:61:13:96:e5:4e:71:d0:df:6e:3a:bd:41:62:
4b:a4:bf:da:d3:73:26:a8:22:5f:86:2e:9b:6c:d2:
59:77:33:c8:6c:6b:cc:85:ea:5b:cd:f4:ff:cd:f5:
d4:7e:4f:9d:51:97:b6:50:64:e7:4b:3d:e6:6d:b9:
17:18:23:6f:72:b5:60:b9:09:c4:af:4a:48:d6:21:
af:9c:af:de:ed:95:a4:21:ea:6f:9b:ec:d0:d6:15:
63:33:d6:c2:d4:c4:8c:62:0c:d0:93:7d:e5:0b:d4:
d7:7a:40:ae:ec:46:93:1a:ee:f4:29:84:1b:d4:92:
d4:cd:b0:6d:90:ed:02:12:b5:8a:e4:05:83:b5:83:
9d:f1:6e:30:81:b4:b7:b0:38:67:5f:aa:94:61:41:
e9:50:6d:3a:ad:6e:2f:3c:b7:f0:16:b3:56:d5:99:
2f:b1:e6:8b:78:14:5f:c4:c1:01:42:b0:d8:50:4f:
0e:33:44:09:be:99:6c:99:eb:37:a2:d7:68:a9:af:
40:b9:bf:8d:69:14:f8:5b:84:37:6d:07:a1:f4:5d:
44:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:71:E7:F2:4E:41:B0:C7:80:EC:AD:EB:FC:6C:13:3F:C2:09:2A:99
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/G3Hn8k5BsMeA7K3r_GwTP8IJKpk.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
37:2c:72:a3:0c:28:f1:2e:5a:e7:cf:06:b0:f5:cf:7c:6f:14:
4b:07:74:5a:0f:dc:8d:fe:fb:fe:53:03:ad:39:0c:b5:eb:a0:
b0:64:44:03:70:23:d3:ed:01:86:30:c8:3d:14:ea:f6:85:c8:
83:63:e9:95:d8:58:06:df:a1:4a:57:c0:c1:3a:6a:43:7f:61:
d0:5a:c8:b0:15:ba:de:4e:7f:9c:4e:a3:ba:32:1c:cd:15:da:
e2:4a:a3:8a:c4:aa:e2:cf:06:d3:e4:de:50:60:a9:b3:e0:d8:
70:d7:b0:96:a7:b9:83:db:1a:15:48:da:22:4a:1a:34:83:cb:
a6:0e:f9:ad:c5:92:94:99:c2:e7:d6:2d:6c:41:e3:33:51:a9:
22:bf:4b:2c:ff:aa:25:5c:18:77:67:cd:f2:31:91:ec:be:95:
e8:60:e3:1c:a4:11:0a:c4:28:0f:7b:f5:2e:48:f3:0f:30:dd:
94:e4:e5:fa:86:e8:a3:ca:99:68:a5:8d:93:2a:dc:ac:dd:6f:
b8:c9:e4:89:89:24:4d:fd:3b:d2:11:c1:bd:99:42:71:8a:89:
cd:63:31:bb:48:a9:d2:ae:8f:29:b8:25:69:2d:9f:13:18:08:
07:fe:94:3c:d0:0f:cf:c5:63:57:2e:65:94:4f:6c:e6:5e:9d:
5d:92:43:9b
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICBXEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTQw
ODA4MDJaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDFCNzFFN0YyNEU0MUIw
Qzc4MEVDQURFQkZDNkMxMzNGQzIwOTJBOTkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQD9tiyxWhf6337JkNrAsr5s/GZtJctcaqs5R2pvXntBQQc3jKke
YDtP7ieZVFjqYROW5U5x0N9uOr1BYkukv9rTcyaoIl+GLpts0ll3M8hsa8yF6lvN
9P/N9dR+T51Rl7ZQZOdLPeZtuRcYI29ytWC5CcSvSkjWIa+cr97tlaQh6m+b7NDW
FWMz1sLUxIxiDNCTfeUL1Nd6QK7sRpMa7vQphBvUktTNsG2Q7QIStYrkBYO1g53x
bjCBtLewOGdfqpRhQelQbTqtbi88t/AWs1bVmS+x5ot4FF/EwQFCsNhQTw4zRAm+
mWyZ6zei12ipr0C5v41pFPhbhDdtB6H0XUSlAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUG3Hn8k5BsMeA7K3r/GwTP8IJKpkwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9HM0huOGs1QnNNZUE3SzNy
X0d3VFA4SUpLcGsucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBADcscqMMKPEuWufPBrD1z3xvFEsHdFoP3I3+
+/5TA605DLXroLBkRANwI9PtAYYwyD0U6vaFyINj6ZXYWAbfoUpXwME6akN/YdBa
yLAVut5Of5xOo7oyHM0V2uJKo4rEquLPBtPk3lBgqbPg2HDXsJanuYPbGhVI2iJK
GjSDy6YO+a3FkpSZwufWLWxB4zNRqSK/Syz/qiVcGHdnzfIxkey+lehg4xykEQrE
KA979S5I8w8w3ZTk5fqG6KPKmWiljZMq3Kzdb7jJ5ImJJE39O9IRwb2ZQnGKic1j
MbtIqdKujym4JWktnxMYCAf+lDzQD8/FY1cuZZRPbOZenV2SQ5s=
-----END CERTIFICATE-----
Generated at Sat May 17 21:21:42 2025 by rpki-client