Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/Hj_WgGjsJ7z2k7TgNOQzPwEPMc8.roa
File: Hj_WgGjsJ7z2k7TgNOQzPwEPMc8.roa (raw, json)
Hash identifier: Q2ghY7C7mVAtBGKqDYoPZXMjX/QPD7bapu7HJ7gbY7M=
Subject key identifier: 1E:3F:D6:80:68:EC:27:BC:F6:93:B4:E0:34:E4:33:3F:01:0F:31:CF
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0545
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/Hj_WgGjsJ7z2k7TgNOQzPwEPMc8.roa
Signing time: Wed 14 May 2025 02:38:03 +0000
ROA not before: Wed 14 May 2025 02:38:03 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1349 (0x545)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 14 02:38:03 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=1E3FD68068EC27BCF693B4E034E4333F010F31CF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:67:aa:6b:e1:86:7f:34:88:b4:b7:56:8f:ba:
17:c9:7c:ab:39:2f:08:38:63:8d:8e:e9:71:4b:a6:
50:3e:52:a6:75:b4:90:5b:36:c4:78:67:f9:70:e8:
bf:22:5c:36:ae:ed:9f:f1:4d:3b:4b:d0:43:a1:49:
b7:11:d0:ae:31:78:9f:ad:3c:db:d8:f3:10:3f:5c:
51:8a:44:7e:bc:ec:81:ff:2d:da:e2:97:b4:96:63:
6c:21:08:f4:a8:a5:45:c4:e7:0a:3c:8e:8d:5e:1d:
b5:b5:dc:cd:c2:c5:23:17:9e:e3:b1:6f:1b:05:fd:
f7:b7:bc:7f:58:b1:f9:79:6b:e8:7f:d3:ee:88:69:
f3:71:af:0c:24:00:78:5e:d6:80:5d:36:30:23:39:
50:4a:99:32:3a:2f:f4:81:5d:ca:df:23:48:4c:98:
d0:ec:dc:a0:8d:19:e0:54:87:62:1e:c0:a5:9a:45:
f6:ba:54:1e:66:ab:95:97:17:d1:ca:8b:af:e0:27:
83:5b:60:fa:89:34:f1:56:e5:ce:25:27:bd:a3:7b:
cd:1d:6b:7a:66:2c:0f:6e:a3:a3:5c:3b:40:1f:88:
2a:93:e2:83:85:b6:72:5d:f3:75:28:6b:e1:07:3b:
83:be:63:2b:fe:49:a3:2a:92:79:ad:d9:fd:1e:bc:
47:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:3F:D6:80:68:EC:27:BC:F6:93:B4:E0:34:E4:33:3F:01:0F:31:CF
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/Hj_WgGjsJ7z2k7TgNOQzPwEPMc8.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
04:ed:e2:4c:08:73:10:66:e3:e4:d3:aa:9a:7d:de:82:ae:00:
17:f2:69:64:ed:fd:b5:b2:43:5d:0e:00:c0:24:6c:6e:83:0d:
73:d3:c2:5c:9a:56:41:2f:50:ab:d3:b1:90:78:f3:e8:f5:1e:
df:23:b4:99:4d:5b:d9:66:69:47:c6:2c:37:91:ca:31:33:58:
27:20:6c:4f:90:1b:84:07:94:d0:70:7f:5d:62:a4:95:f7:40:
8b:92:cd:7b:9e:61:45:b6:1e:18:f9:5b:51:4c:26:76:9f:02:
b9:35:22:42:b6:6a:a7:40:fc:5d:ff:42:17:87:38:01:ca:86:
ee:07:5a:47:47:fd:f5:57:02:de:e2:e1:0e:4b:6b:e6:65:c7:
8a:d0:03:da:1a:ab:8f:f4:9e:c7:e5:c1:ea:36:72:4d:fb:e3:
9a:2f:99:ec:75:93:91:1d:c4:0e:17:7a:2d:82:60:99:0e:62:
07:ea:55:68:b5:2e:13:c7:d8:85:ef:9e:ec:88:e7:65:03:73:
41:7c:a2:d6:4a:90:1a:11:bf:c8:1c:fa:9b:86:2a:93:72:a5:
2b:97:b6:90:b9:63:ed:31:7c:ac:ac:6e:45:d4:e1:73:2c:09:
79:68:97:dd:57:f1:5e:bc:e0:7d:bf:87:78:53:d4:fe:94:be:
96:ec:79:d4
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICBUUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTQw
MjM4MDNaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDFFM0ZENjgwNjhFQzI3
QkNGNjkzQjRFMDM0RTQzMzNGMDEwRjMxQ0YwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCwZ6pr4YZ/NIi0t1aPuhfJfKs5Lwg4Y42O6XFLplA+UqZ1tJBb
NsR4Z/lw6L8iXDau7Z/xTTtL0EOhSbcR0K4xeJ+tPNvY8xA/XFGKRH687IH/Ldri
l7SWY2whCPSopUXE5wo8jo1eHbW13M3CxSMXnuOxbxsF/fe3vH9Ysfl5a+h/0+6I
afNxrwwkAHhe1oBdNjAjOVBKmTI6L/SBXcrfI0hMmNDs3KCNGeBUh2IewKWaRfa6
VB5mq5WXF9HKi6/gJ4NbYPqJNPFW5c4lJ72je80da3pmLA9uo6NcO0AfiCqT4oOF
tnJd83Uoa+EHO4O+Yyv+SaMqknmt2f0evEf/AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUHj/WgGjsJ7z2k7TgNOQzPwEPMc8wHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9Ial9XZ0dqc0o3ejJrN1Rn
Tk9RelB3RVBNYzgucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBAATt4kwIcxBm4+TTqpp93oKuABfyaWTt/bWy
Q10OAMAkbG6DDXPTwlyaVkEvUKvTsZB48+j1Ht8jtJlNW9lmaUfGLDeRyjEzWCcg
bE+QG4QHlNBwf11ipJX3QIuSzXueYUW2Hhj5W1FMJnafArk1IkK2aqdA/F3/QheH
OAHKhu4HWkdH/fVXAt7i4Q5La+Zlx4rQA9oaq4/0nsflweo2ck3745ovmex1k5Ed
xA4Xei2CYJkOYgfqVWi1LhPH2IXvnuyI52UDc0F8otZKkBoRv8gc+puGKpNypSuX
tpC5Y+0xfKysbkXU4XMsCXlol91X8V684H2/h3hT1P6UvpbsedQ=
-----END CERTIFICATE-----
Generated at Sun May 18 02:16:26 2025 by rpki-client