Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/G8LD7RQDbyG1cDRoWhExeA10jRs.roa
File: G8LD7RQDbyG1cDRoWhExeA10jRs.roa (raw, json)
Hash identifier: vBLKdbXqV69SMKfl6Fh6WTSFImq4AN7s1grxAYJ6s+0=
Subject key identifier: 1B:C2:C3:ED:14:03:6F:21:B5:70:34:68:5A:11:31:78:0D:74:8D:1B
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0165
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/G8LD7RQDbyG1cDRoWhExeA10jRs.roa
Signing time: Thu 08 May 2025 22:37:44 +0000
ROA not before: Thu 08 May 2025 22:37:44 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 357 (0x165)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 8 22:37:44 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=1BC2C3ED14036F21B57034685A1131780D748D1B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:d6:52:ab:59:39:26:9f:7d:04:a0:fb:53:32:
80:ec:a8:6d:6c:39:40:93:8b:94:51:ec:b0:d4:e0:
5f:98:cf:8b:08:68:86:64:17:58:ab:c7:7a:93:39:
2f:1b:15:3c:dd:86:49:99:38:37:c4:4e:5a:6e:42:
f7:fe:2b:93:b7:42:67:36:fa:9b:07:0b:9b:e7:3b:
17:94:bf:9d:25:ef:dc:91:2c:06:f8:91:e1:a7:ef:
18:d7:f7:08:ca:4d:79:62:f1:f2:c7:77:66:b6:53:
86:ce:6f:19:c7:51:5c:ee:00:10:b0:80:21:bd:2e:
df:87:93:7a:5c:59:60:df:2f:ac:ff:2a:63:b9:68:
d6:b6:5d:65:95:ae:74:94:4f:e9:e9:4a:86:4f:60:
d7:cc:24:be:c8:23:4d:cc:f7:8f:7e:fa:f6:af:13:
9e:e6:83:47:ad:71:21:c4:d0:81:bf:a5:53:de:d3:
b4:8b:eb:af:f0:1e:aa:e5:5f:f9:b8:09:77:69:de:
9d:1f:43:3e:90:17:31:f5:34:4b:7a:44:24:68:e8:
66:60:18:fd:cb:fc:fe:1d:23:03:1a:b3:39:69:d9:
98:08:bd:d0:c3:8e:18:9f:a5:ee:e4:68:b6:ab:79:
85:b6:1f:f5:08:f0:4e:8c:55:ec:f3:36:1b:ce:ab:
4e:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:C2:C3:ED:14:03:6F:21:B5:70:34:68:5A:11:31:78:0D:74:8D:1B
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/G8LD7RQDbyG1cDRoWhExeA10jRs.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
63:6d:1f:b7:92:d1:33:e3:8d:b6:eb:23:83:44:96:9c:dd:29:
aa:b9:64:f2:5b:50:06:91:ef:5d:d9:6f:71:f9:c1:7a:a3:40:
4d:36:c7:ca:88:08:d5:4a:21:c9:5b:e5:88:d0:2c:34:42:62:
fc:98:93:ba:a4:a2:83:64:49:c0:16:bc:45:dd:e3:db:02:c4:
3a:fb:ab:27:83:54:2b:0c:17:41:fc:9c:ef:ae:d1:50:a6:18:
ad:b7:a1:20:4a:62:80:d8:4c:2b:da:71:a8:70:98:4c:5d:9a:
fc:70:4b:1e:f9:ef:a4:57:78:c1:73:e9:23:f0:02:fa:b1:00:
60:90:d9:ba:a1:ff:ce:a5:56:63:f8:dc:0d:6b:a6:98:32:f1:
e1:67:03:e2:cc:22:76:75:57:a7:5b:2d:0c:b5:40:2b:48:c8:
cc:d5:71:ce:1a:57:ab:9e:31:a2:30:28:db:86:1c:56:41:6c:
d7:c0:4c:48:5f:73:af:37:94:fa:66:21:2c:2b:23:fa:47:47:
7f:3f:d1:0f:65:72:78:d3:30:84:18:5a:a4:f9:ed:e2:0f:fc:
e1:3d:a5:61:39:8e:00:98:02:b6:90:99:88:50:51:46:e0:cb:
ff:ad:09:89:e8:b5:8d:8e:62:e5:78:a6:ec:53:33:b0:bf:83:
93:93:b9:1f
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICAWUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MDgy
MjM3NDRaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDFCQzJDM0VEMTQwMzZG
MjFCNTcwMzQ2ODVBMTEzMTc4MEQ3NDhEMUIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCh1lKrWTkmn30EoPtTMoDsqG1sOUCTi5RR7LDU4F+Yz4sIaIZk
F1irx3qTOS8bFTzdhkmZODfETlpuQvf+K5O3Qmc2+psHC5vnOxeUv50l79yRLAb4
keGn7xjX9wjKTXli8fLHd2a2U4bObxnHUVzuABCwgCG9Lt+Hk3pcWWDfL6z/KmO5
aNa2XWWVrnSUT+npSoZPYNfMJL7II03M949++vavE57mg0etcSHE0IG/pVPe07SL
66/wHqrlX/m4CXdp3p0fQz6QFzH1NEt6RCRo6GZgGP3L/P4dIwMaszlp2ZgIvdDD
jhifpe7kaLareYW2H/UI8E6MVezzNhvOq07FAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUG8LD7RQDbyG1cDRoWhExeA10jRswHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9HOExEN1JRRGJ5RzFjRFJv
V2hFeGVBMTBqUnMucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBAGNtH7eS0TPjjbbrI4NElpzdKaq5ZPJbUAaR
713Zb3H5wXqjQE02x8qICNVKIclb5YjQLDRCYvyYk7qkooNkScAWvEXd49sCxDr7
qyeDVCsMF0H8nO+u0VCmGK23oSBKYoDYTCvacahwmExdmvxwSx7576RXeMFz6SPw
AvqxAGCQ2bqh/86lVmP43A1rppgy8eFnA+LMInZ1V6dbLQy1QCtIyMzVcc4aV6ue
MaIwKNuGHFZBbNfATEhfc683lPpmISwrI/pHR38/0Q9lcnjTMIQYWqT57eIP/OE9
pWE5jgCYAraQmYhQUUbgy/+tCYnotY2OYuV4puxTM7C/g5OTuR8=
-----END CERTIFICATE-----
Generated at Sat May 17 19:56:30 2025 by rpki-client