Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/HGfQ5OoJ6bfXxzd-Xkzo9UNSltE.roa
File: HGfQ5OoJ6bfXxzd-Xkzo9UNSltE.roa (raw, json)
Hash identifier: 9mBLSuBLOTkBcMd0X67FvjE507Rtk/fXi4YgDW19nYk=
Subject key identifier: 1C:67:D0:E4:EA:09:E9:B7:D7:C7:37:7E:5E:4C:E8:F5:43:52:96:D1
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 02C9
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/HGfQ5OoJ6bfXxzd-Xkzo9UNSltE.roa
Signing time: Sat 10 May 2025 19:07:51 +0000
ROA not before: Sat 10 May 2025 19:07:51 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 713 (0x2c9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 10 19:07:51 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=1C67D0E4EA09E9B7D7C7377E5E4CE8F5435296D1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:25:7f:61:bc:43:b1:7a:60:19:a1:56:ee:02:
48:cf:fa:3b:45:be:ad:12:91:03:e4:7a:0b:87:5a:
df:7f:78:20:22:e9:b0:3f:f9:40:d0:0b:7f:7e:b5:
11:a9:c2:5f:4f:00:14:a2:c3:34:93:9d:c1:c2:87:
02:ea:a2:e9:d6:09:4c:da:7f:63:e4:08:07:59:5d:
85:c1:61:38:58:ab:b4:3d:83:53:39:69:42:a7:ac:
51:bf:31:08:c6:13:d1:a8:d8:d5:07:67:de:d5:c9:
bb:2f:58:31:0d:f4:d0:5c:85:e4:8f:7c:3f:55:30:
25:84:75:3a:5d:20:36:d3:a0:b0:ed:c4:ce:89:97:
25:00:a9:bb:2d:c6:0c:5b:cc:40:5f:b2:3d:c9:f1:
0f:23:d7:af:53:38:7d:36:18:1e:3c:68:2c:6c:80:
e2:1d:f9:af:76:5c:52:58:7e:e8:dc:94:dd:01:55:
f5:87:10:76:e6:94:ea:8c:2b:bb:96:49:d7:a9:9c:
93:f0:89:96:36:75:0e:c1:1b:d4:e8:b6:5d:77:fd:
84:28:5f:bc:7c:ad:0a:ff:4a:6c:fb:6a:ba:b3:08:
de:11:79:de:c7:25:b7:14:61:7e:d9:d7:47:fc:f5:
3f:fb:51:0b:ba:b3:e3:8a:c3:d6:ee:a8:f2:ca:d9:
ff:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:67:D0:E4:EA:09:E9:B7:D7:C7:37:7E:5E:4C:E8:F5:43:52:96:D1
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/HGfQ5OoJ6bfXxzd-Xkzo9UNSltE.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
09:f0:a0:08:35:ad:21:19:9f:51:97:4a:48:23:fb:d9:b9:7d:
54:ab:65:51:9b:fd:49:1b:1b:e2:06:2c:2b:fc:da:19:60:45:
3d:2b:bf:e9:e4:f5:9a:29:2f:f0:0e:75:8e:28:16:b0:4e:bf:
09:d7:ac:55:da:30:bc:b3:e8:6c:a5:42:50:01:1f:7c:9d:50:
c7:3d:37:ef:46:dd:62:24:8b:50:fb:7b:52:d4:c1:8e:0b:6c:
ee:17:4d:a5:b7:51:49:2b:82:04:02:ec:3d:fb:14:d7:e1:f8:
51:11:f9:f2:bc:d4:69:c9:24:cc:df:16:10:5b:06:13:87:6b:
b9:77:38:62:54:8b:0e:4d:3c:5d:f1:0a:48:8e:84:d8:a7:8f:
e6:aa:4e:2c:e5:c7:b2:8f:78:18:91:34:d3:05:45:89:9f:b2:
3a:06:3f:b3:c4:0d:db:98:1a:10:9f:cd:d1:32:3a:3e:ca:8b:
42:65:c9:a4:3d:74:3a:8e:d1:13:84:a1:e6:36:e6:be:c4:21:
e6:95:66:c4:b3:5e:d3:91:21:86:e9:10:c7:75:fb:9a:01:65:
50:5a:e7:50:ec:45:fc:fc:b4:14:0e:6a:ca:f7:b2:41:95:30:
84:bb:51:ef:39:67:3d:84:4e:db:74:ca:77:ff:79:45:7b:c6:
e9:28:fe:06
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICAskwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTAx
OTA3NTFaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDFDNjdEMEU0RUEwOUU5
QjdEN0M3Mzc3RTVFNENFOEY1NDM1Mjk2RDEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCfJX9hvEOxemAZoVbuAkjP+jtFvq0SkQPkeguHWt9/eCAi6bA/
+UDQC39+tRGpwl9PABSiwzSTncHChwLqounWCUzaf2PkCAdZXYXBYThYq7Q9g1M5
aUKnrFG/MQjGE9Go2NUHZ97VybsvWDEN9NBcheSPfD9VMCWEdTpdIDbToLDtxM6J
lyUAqbstxgxbzEBfsj3J8Q8j169TOH02GB48aCxsgOId+a92XFJYfujclN0BVfWH
EHbmlOqMK7uWSdepnJPwiZY2dQ7BG9Totl13/YQoX7x8rQr/Smz7arqzCN4Red7H
JbcUYX7Z10f89T/7UQu6s+OKw9buqPLK2f9xAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUHGfQ5OoJ6bfXxzd+Xkzo9UNSltEwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9IR2ZRNU9vSjZiZlh4emQt
WGt6bzlVTlNsdEUucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBAAnwoAg1rSEZn1GXSkgj+9m5fVSrZVGb/Ukb
G+IGLCv82hlgRT0rv+nk9ZopL/AOdY4oFrBOvwnXrFXaMLyz6GylQlABH3ydUMc9
N+9G3WIki1D7e1LUwY4LbO4XTaW3UUkrggQC7D37FNfh+FER+fK81GnJJMzfFhBb
BhOHa7l3OGJUiw5NPF3xCkiOhNinj+aqTizlx7KPeBiRNNMFRYmfsjoGP7PEDduY
GhCfzdEyOj7Ki0JlyaQ9dDqO0ROEoeY25r7EIeaVZsSzXtORIYbpEMd1+5oBZVBa
51DsRfz8tBQOasr3skGVMIS7Ue85Zz2ETtt0ynf/eUV7xuko/gY=
-----END CERTIFICATE-----
Generated at Sun May 18 02:01:55 2025 by rpki-client