Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/ICfrlUmlAZo1l49LocCqxHz82O4.roa
File: ICfrlUmlAZo1l49LocCqxHz82O4.roa (raw, json)
Hash identifier: BXMs9AU0DB8ZIE0GIWo2MkGF7s8TdQ6qwppPihnVVgg=
Subject key identifier: 20:27:EB:95:49:A5:01:9A:35:97:8F:4B:A1:C0:AA:C4:7C:FC:D8:EE
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 07ED
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/ICfrlUmlAZo1l49LocCqxHz82O4.roa
Signing time: Sat 17 May 2025 15:38:08 +0000
ROA not before: Sat 17 May 2025 15:38:08 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2029 (0x7ed)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 17 15:38:08 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=2027EB9549A5019A35978F4BA1C0AAC47CFCD8EE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:e4:d4:a7:74:ab:8f:dc:49:b2:69:9f:37:5d:
2d:29:13:59:8d:4b:86:8a:97:35:98:e0:86:35:64:
75:51:ee:f3:c3:64:21:ed:6e:6e:a0:93:8a:74:4b:
30:68:a1:c4:1d:54:ae:a7:ae:7d:09:2b:0c:f9:38:
cc:3e:0c:e1:b8:c4:f9:72:ba:64:d2:5d:04:db:7d:
8d:74:b5:a7:93:96:b0:af:71:92:3b:9e:ab:44:5a:
a4:65:2a:9f:a6:60:b3:b9:f6:7d:0b:21:2b:7b:78:
80:86:f1:90:94:05:7f:39:b4:fa:8f:d7:3b:86:36:
bf:e9:75:5e:ee:1d:40:09:8b:fc:46:ce:49:45:ce:
19:9d:d2:2b:f5:4d:d1:9b:65:8a:62:67:b1:23:01:
c6:55:6c:e8:b7:90:56:30:6a:8b:58:ec:59:3b:6a:
73:66:12:c0:5f:cf:18:62:26:04:a9:fe:84:08:52:
58:49:df:25:88:7f:92:86:2f:e6:d1:c8:7a:2d:42:
b9:12:5e:de:7b:f6:4a:1b:87:cf:8b:ed:30:4d:12:
e9:cc:20:43:8f:c0:a4:3e:17:84:8e:63:a2:cd:37:
af:de:58:79:be:f8:4f:7e:92:70:6b:ad:7b:6e:7e:
a6:93:df:e4:dd:33:33:10:38:57:ab:5e:e5:0d:46:
8a:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:27:EB:95:49:A5:01:9A:35:97:8F:4B:A1:C0:AA:C4:7C:FC:D8:EE
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/ICfrlUmlAZo1l49LocCqxHz82O4.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
20:cc:75:4f:62:ed:5e:c6:ba:8a:97:17:87:f5:d3:c3:d3:8f:
ca:60:84:8c:fa:6e:2f:35:4c:48:8a:4d:a4:72:26:a0:50:a8:
f3:23:08:ed:be:01:34:12:3a:f0:44:a5:c8:d9:88:d4:49:f3:
7e:bd:5c:87:43:98:09:e1:3e:9c:1b:69:5c:af:2f:92:0a:ad:
70:bf:03:f9:8a:7d:22:40:81:86:2c:f9:f0:1f:76:3b:36:6b:
de:db:67:54:02:1e:2e:05:7d:ba:7d:ed:d9:9e:a1:9f:7b:d5:
e0:27:39:82:fd:93:6c:a0:43:a5:8f:e9:bc:f0:50:cb:41:a5:
58:16:25:bc:31:00:88:0a:03:9f:53:4b:b3:c0:6b:d0:9c:4c:
32:64:d0:bc:9d:2b:95:36:cc:11:64:19:c2:fe:92:27:b1:11:
b5:28:a5:a0:84:47:cf:e3:c7:02:4a:c8:0c:cd:d2:45:b8:5b:
9a:a5:c9:c7:10:b5:f9:af:1e:a2:ff:9b:fa:5d:d5:7d:dc:6c:
dd:92:50:d3:e1:e8:4f:98:e2:7f:34:f0:57:d9:37:f0:2f:1b:
b7:05:c8:d1:51:93:8d:87:ed:bf:91:49:f9:44:aa:81:3f:65:
a1:e7:37:52:8b:70:44:60:e3:b9:c8:5f:05:5c:52:c6:fa:53:
84:7e:1c:05
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICB+0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTcx
NTM4MDhaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDIwMjdFQjk1NDlBNTAx
OUEzNTk3OEY0QkExQzBBQUM0N0NGQ0Q4RUUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCu5NSndKuP3EmyaZ83XS0pE1mNS4aKlzWY4IY1ZHVR7vPDZCHt
bm6gk4p0SzBoocQdVK6nrn0JKwz5OMw+DOG4xPlyumTSXQTbfY10taeTlrCvcZI7
nqtEWqRlKp+mYLO59n0LISt7eICG8ZCUBX85tPqP1zuGNr/pdV7uHUAJi/xGzklF
zhmd0iv1TdGbZYpiZ7EjAcZVbOi3kFYwaotY7Fk7anNmEsBfzxhiJgSp/oQIUlhJ
3yWIf5KGL+bRyHotQrkSXt579kobh8+L7TBNEunMIEOPwKQ+F4SOY6LNN6/eWHm+
+E9+knBrrXtufqaT3+TdMzMQOFerXuUNRooZAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUICfrlUmlAZo1l49LocCqxHz82O4wHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9JQ2ZybFVtbEFabzFsNDlM
b2NDcXhIejgyTzQucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBACDMdU9i7V7GuoqXF4f108PTj8pghIz6bi81
TEiKTaRyJqBQqPMjCO2+ATQSOvBEpcjZiNRJ8369XIdDmAnhPpwbaVyvL5IKrXC/
A/mKfSJAgYYs+fAfdjs2a97bZ1QCHi4Ffbp97dmeoZ971eAnOYL9k2ygQ6WP6bzw
UMtBpVgWJbwxAIgKA59TS7PAa9CcTDJk0LydK5U2zBFkGcL+kiexEbUopaCER8/j
xwJKyAzN0kW4W5qlyccQtfmvHqL/m/pd1X3cbN2SUNPh6E+Y4n808FfZN/AvG7cF
yNFRk42H7b+RSflEqoE/ZaHnN1KLcERg47nIXwVcUsb6U4R+HAU=
-----END CERTIFICATE-----
Generated at Sat May 17 21:24:53 2025 by rpki-client