Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/GWEXuBwNKg--XeYR2ehrzx38imM.roa
File: GWEXuBwNKg--XeYR2ehrzx38imM.roa (raw, json)
Hash identifier: HedGcvfJga/TMlgSotFGz3O9IQ+AS5FKJhvzFG9DTNo=
Subject key identifier: 19:61:17:B8:1C:0D:2A:0F:BE:5D:E6:11:D9:E8:6B:CF:1D:FC:8A:63
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0629
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/GWEXuBwNKg--XeYR2ehrzx38imM.roa
Signing time: Thu 15 May 2025 07:08:01 +0000
ROA not before: Thu 15 May 2025 07:08:01 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1577 (0x629)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 15 07:08:01 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=196117B81C0D2A0FBE5DE611D9E86BCF1DFC8A63
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:49:d8:ac:89:b9:0e:0e:de:f8:0a:fc:42:c6:
26:6a:aa:40:91:9e:1b:15:ca:6d:74:b8:8f:45:1e:
34:20:d2:db:88:e0:ef:ab:58:ee:18:2b:8a:bb:80:
3c:af:4b:c1:56:e3:0b:c7:c2:6c:75:09:9e:34:2e:
22:95:52:b8:c8:ee:b2:b1:7e:15:d1:6d:da:a1:5d:
e3:30:ef:f0:fd:59:df:ed:d5:74:64:6a:04:28:55:
69:a7:5e:72:73:57:09:f0:9c:93:bb:e4:2e:82:46:
08:fc:f1:b7:96:03:cb:e2:f5:e3:c3:20:b1:ea:c1:
86:6e:bd:a7:0c:7f:43:09:a8:64:6f:3c:18:11:69:
52:19:31:ae:f1:6c:4b:86:94:7c:4c:d7:c1:91:90:
f2:8d:bf:83:9c:d9:43:f0:82:e8:e1:b6:b0:95:5a:
23:5c:88:83:9b:69:ee:3c:53:74:1a:0f:e4:f0:90:
3e:0b:90:09:fe:70:a4:01:e8:9e:bf:6d:ba:c6:51:
45:e1:40:03:21:a1:21:66:5e:8d:2d:59:3b:28:1b:
24:51:75:5f:9a:e3:15:0f:f4:5d:f4:4a:15:b0:bb:
1e:91:79:50:b0:f0:65:ba:05:94:2e:13:29:0a:31:
ca:54:1d:af:f7:a9:a1:0b:53:de:86:c9:01:47:57:
40:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:61:17:B8:1C:0D:2A:0F:BE:5D:E6:11:D9:E8:6B:CF:1D:FC:8A:63
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/GWEXuBwNKg--XeYR2ehrzx38imM.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
39:39:0b:cb:84:2a:d2:88:6d:27:65:b0:b5:90:dd:31:9d:fe:
52:34:79:e0:89:9f:0f:6c:7f:a5:3d:df:e8:b0:40:11:3c:94:
89:d4:a5:d8:e8:49:64:72:86:85:57:53:73:58:76:93:6f:36:
9c:67:6f:6d:0a:1d:31:1a:cf:57:b0:ad:a8:5d:3d:96:f8:05:
0e:93:e6:c4:c9:45:8f:d0:32:4c:dc:28:f6:c1:e2:26:c9:82:
ad:3b:ac:ae:9d:d7:b5:df:b8:70:cc:4a:82:35:d6:01:29:9d:
85:39:87:f9:54:38:76:96:ba:11:b9:91:39:7a:e1:71:53:6f:
9b:4f:e1:37:34:35:49:8c:ee:35:dd:db:4b:8c:6c:6f:9b:ec:
1a:7a:06:0b:7c:2b:2f:e1:c6:6b:ff:70:5b:ad:4e:10:66:9f:
11:4d:17:81:75:9b:b6:07:cf:52:1e:ce:89:75:7b:ff:3d:6e:
ca:d7:c9:39:1d:30:bc:7a:0c:6b:5c:5f:b7:cf:97:40:47:35:
05:96:d4:bd:9c:2b:c4:e7:0c:47:de:ed:ef:96:b4:5d:f3:7b:
37:07:38:4e:75:1c:0e:a2:82:5d:49:75:4e:60:d4:41:46:e8:
6f:83:61:e2:1b:e3:30:c2:c1:84:b5:1c:b6:1c:6d:a5:9b:4d:
8d:a7:15:2c
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICBikwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTUw
NzA4MDFaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDE5NjExN0I4MUMwRDJB
MEZCRTVERTYxMUQ5RTg2QkNGMURGQzhBNjMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDgSdisibkODt74CvxCxiZqqkCRnhsVym10uI9FHjQg0tuI4O+r
WO4YK4q7gDyvS8FW4wvHwmx1CZ40LiKVUrjI7rKxfhXRbdqhXeMw7/D9Wd/t1XRk
agQoVWmnXnJzVwnwnJO75C6CRgj88beWA8vi9ePDILHqwYZuvacMf0MJqGRvPBgR
aVIZMa7xbEuGlHxM18GRkPKNv4Oc2UPwgujhtrCVWiNciIObae48U3QaD+TwkD4L
kAn+cKQB6J6/bbrGUUXhQAMhoSFmXo0tWTsoGyRRdV+a4xUP9F30ShWwux6ReVCw
8GW6BZQuEykKMcpUHa/3qaELU96GyQFHV0ANAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUGWEXuBwNKg++XeYR2ehrzx38imMwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9HV0VYdUJ3TktnLS1YZVlS
MmVocnp4MzhpbU0ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBADk5C8uEKtKIbSdlsLWQ3TGd/lI0eeCJnw9s
f6U93+iwQBE8lInUpdjoSWRyhoVXU3NYdpNvNpxnb20KHTEaz1ewrahdPZb4BQ6T
5sTJRY/QMkzcKPbB4ibJgq07rK6d17XfuHDMSoI11gEpnYU5h/lUOHaWuhG5kTl6
4XFTb5tP4Tc0NUmM7jXd20uMbG+b7Bp6Bgt8Ky/hxmv/cFutThBmnxFNF4F1m7YH
z1Iezol1e/89bsrXyTkdMLx6DGtcX7fPl0BHNQWW1L2cK8TnDEfe7e+WtF3zezcH
OE51HA6igl1JdU5g1EFG6G+DYeIb4zDCwYS1HLYcbaWbTY2nFSw=
-----END CERTIFICATE-----
Generated at Sun May 18 19:42:29 2025 by rpki-client