Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/HLYT0CFoDqalZzEISZk5vRA3OOY.roa
File: HLYT0CFoDqalZzEISZk5vRA3OOY.roa (raw, json)
Hash identifier: KdF/lKBjh4L21ptjA/8iHMwc9axDaFoDdevvZSebDZE=
Subject key identifier: 1C:B6:13:D0:21:68:0E:A6:A5:67:31:08:49:99:39:BD:10:37:38:E6
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0231
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/HLYT0CFoDqalZzEISZk5vRA3OOY.roa
Signing time: Sat 10 May 2025 00:07:52 +0000
ROA not before: Sat 10 May 2025 00:07:52 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 561 (0x231)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 10 00:07:52 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=1CB613D021680EA6A5673108499939BD103738E6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:a1:86:da:bc:51:53:cc:66:57:88:bb:b7:7e:
2d:f5:8a:3c:4a:58:80:52:d0:cd:55:db:b9:3f:7b:
92:30:35:db:9a:22:82:32:ef:82:71:d6:cb:f9:19:
d7:d1:4b:e1:9a:eb:79:2f:5f:4a:f8:94:81:5f:ed:
16:a9:95:e7:ad:44:90:ef:d1:02:2b:e1:16:db:39:
50:d3:04:9d:fd:50:60:fc:20:74:aa:1e:87:5f:0d:
11:5b:f5:d8:f9:93:90:8d:7a:83:b9:7c:2f:57:cc:
d7:79:ee:7f:16:a5:ac:44:05:fe:ac:09:56:91:89:
a9:da:76:dc:4f:c2:dc:8b:07:96:a8:2c:db:ff:26:
84:23:f6:8c:45:48:fc:4f:83:54:5d:d9:df:bf:2d:
ab:f0:40:0c:89:86:73:4a:b8:75:c8:9b:1d:a2:d6:
8d:3d:19:2e:79:29:30:0d:5b:78:3d:b3:1f:b8:90:
cb:20:1f:88:96:92:c2:6e:6a:fc:57:b1:11:32:41:
03:a0:60:e4:8e:7d:0f:cf:3a:29:32:46:b2:71:08:
73:ce:cb:e7:a9:bc:bb:00:eb:8a:95:cc:f2:6d:31:
d9:63:b1:2c:44:43:dd:d2:1f:65:af:35:7f:22:07:
01:e2:91:0f:98:dc:2d:09:80:a7:30:32:e0:e4:9b:
78:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:B6:13:D0:21:68:0E:A6:A5:67:31:08:49:99:39:BD:10:37:38:E6
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/HLYT0CFoDqalZzEISZk5vRA3OOY.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
56:ad:6b:aa:51:af:1e:8e:c8:2a:3b:e2:77:cb:1d:25:98:3d:
73:67:0c:4d:68:a4:01:b2:a5:cc:c0:3a:6b:a5:df:da:f1:e9:
7b:e3:43:3d:50:86:55:59:f3:4e:a6:66:de:7d:67:dd:d9:a1:
23:06:68:7a:b3:21:1f:3f:9f:a9:48:05:5d:7b:86:e9:cc:4b:
6f:7f:d0:5b:51:20:3d:ac:8a:4c:8e:8b:07:00:29:4b:b4:76:
85:04:a9:fb:74:bb:b3:a7:ce:22:aa:34:33:2e:98:6c:d8:12:
65:6a:f8:c8:22:49:e6:1d:62:49:54:dd:eb:4f:60:75:fa:b9:
2b:68:49:07:a7:7f:35:50:64:79:db:1d:0b:5e:af:29:0c:c6:
2b:4e:60:2e:d6:1d:e1:82:ca:4d:e3:46:2c:60:2f:d2:e6:9e:
2b:8f:f3:20:6d:e6:81:55:d1:03:39:a3:ca:30:ce:7e:db:f0:
63:e0:48:0f:b4:01:9b:3c:d5:85:1d:04:14:71:53:ac:e9:65:
8f:32:a8:9e:36:97:7e:4d:ea:53:6e:f6:e5:da:1e:73:e7:81:
ef:75:5c:77:98:59:62:4a:e8:0d:54:a4:5d:a3:d0:9f:76:1f:
34:a6:bd:2e:39:67:71:ba:7f:f2:62:de:c7:09:9a:c2:d0:f4:
4b:c2:cc:d8
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICAjEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTAw
MDA3NTJaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDFDQjYxM0QwMjE2ODBF
QTZBNTY3MzEwODQ5OTkzOUJEMTAzNzM4RTYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCjoYbavFFTzGZXiLu3fi31ijxKWIBS0M1V27k/e5IwNduaIoIy
74Jx1sv5GdfRS+Ga63kvX0r4lIFf7RapleetRJDv0QIr4RbbOVDTBJ39UGD8IHSq
HodfDRFb9dj5k5CNeoO5fC9XzNd57n8WpaxEBf6sCVaRianadtxPwtyLB5aoLNv/
JoQj9oxFSPxPg1Rd2d+/LavwQAyJhnNKuHXImx2i1o09GS55KTANW3g9sx+4kMsg
H4iWksJuavxXsREyQQOgYOSOfQ/POikyRrJxCHPOy+epvLsA64qVzPJtMdljsSxE
Q93SH2WvNX8iBwHikQ+Y3C0JgKcwMuDkm3gvAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUHLYT0CFoDqalZzEISZk5vRA3OOYwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9ITFlUMENGb0RxYWxaekVJ
U1prNXZSQTNPT1kucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBAFata6pRrx6OyCo74nfLHSWYPXNnDE1opAGy
pczAOmul39rx6XvjQz1QhlVZ806mZt59Z93ZoSMGaHqzIR8/n6lIBV17hunMS29/
0FtRID2sikyOiwcAKUu0doUEqft0u7OnziKqNDMumGzYEmVq+MgiSeYdYklU3etP
YHX6uStoSQenfzVQZHnbHQterykMxitOYC7WHeGCyk3jRixgL9LmniuP8yBt5oFV
0QM5o8owzn7b8GPgSA+0AZs81YUdBBRxU6zpZY8yqJ42l35N6lNu9uXaHnPnge91
XHeYWWJK6A1UpF2j0J92HzSmvS45Z3G6f/Ji3scJmsLQ9EvCzNg=
-----END CERTIFICATE-----
Generated at Mon May 19 08:47:18 2025 by rpki-client