Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/IiH0AHHYZakqtpmCMCb9tmzGKSU.roa
File: IiH0AHHYZakqtpmCMCb9tmzGKSU.roa (raw, json)
Hash identifier: KGny/jh2NcShtYef5UUY+jNUdLwQ4KErlJ6mmpGVwzQ=
Subject key identifier: 22:21:F4:00:71:D8:65:A9:2A:B6:99:82:30:26:FD:B6:6C:C6:29:25
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 05D9
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/IiH0AHHYZakqtpmCMCb9tmzGKSU.roa
Signing time: Wed 14 May 2025 21:08:53 +0000
ROA not before: Wed 14 May 2025 21:08:53 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1497 (0x5d9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 14 21:08:53 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=2221F40071D865A92AB699823026FDB66CC62925
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:ae:08:3f:fe:41:56:fc:c6:fe:1f:f3:d9:40:
be:d0:ac:0d:64:08:70:9b:2b:97:13:d5:46:00:19:
df:9f:6f:49:ce:f6:32:c2:81:ca:6a:93:78:f6:eb:
62:7e:8f:dd:4f:40:51:3b:8d:a7:9a:78:91:aa:61:
73:ab:c6:f8:d1:a6:77:48:89:22:1b:e5:48:00:a2:
88:04:c9:30:72:d0:b4:7a:72:1c:37:6d:c7:05:77:
c4:1b:33:12:70:33:f5:55:b0:e9:43:46:93:c7:d1:
10:64:50:7a:29:69:28:a0:bc:35:0d:4d:09:21:f5:
0e:fc:34:53:a4:93:06:65:5d:be:eb:cc:47:75:99:
4f:47:f7:f1:f5:ba:8e:fb:73:cf:a6:1b:ff:ce:b7:
92:89:db:94:cd:63:dc:5e:fa:92:94:65:53:ca:f3:
b8:e7:df:7a:3c:cd:3f:d1:b7:86:8d:72:b7:ea:44:
38:fd:3e:13:4f:03:36:20:61:e2:33:03:f0:90:d8:
d9:e2:36:e7:25:ab:35:e5:96:69:eb:c4:f1:50:6f:
43:e6:c8:08:27:80:e1:4e:8c:98:1c:a3:c2:c3:5e:
77:08:b5:c1:59:3f:7d:56:fa:a8:44:9e:50:d5:df:
8e:30:4b:68:57:ec:ee:df:5e:2e:fe:ba:c2:34:9f:
96:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:21:F4:00:71:D8:65:A9:2A:B6:99:82:30:26:FD:B6:6C:C6:29:25
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/IiH0AHHYZakqtpmCMCb9tmzGKSU.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
34:a8:3b:d2:67:4a:50:64:61:86:52:31:28:0c:ac:a8:c9:09:
c0:cc:f4:93:73:8a:b7:4b:f6:46:ee:8d:e4:75:97:5e:b5:69:
7e:af:42:91:c9:bf:e9:ea:5d:cd:52:28:15:fe:4d:d4:3b:fb:
09:b2:9c:79:93:9a:40:11:5c:db:98:8b:53:25:41:cf:3a:55:
0e:35:fa:f8:5c:b4:ea:df:dc:c5:a0:07:4c:2e:67:83:d9:0a:
3a:29:25:e7:45:a8:34:6a:97:76:07:e4:63:41:db:2d:7b:aa:
9a:f7:b1:28:0c:8d:b6:63:15:15:48:73:ee:8b:0e:fd:bf:ab:
dd:c0:f3:d7:0a:9c:0c:0a:3d:64:91:d1:ec:eb:16:7c:61:1b:
01:3d:3e:fe:22:b4:69:4d:0c:0a:29:48:df:32:3f:d3:a9:3f:
48:85:4e:95:2c:82:be:b4:4b:65:c7:e2:ad:f4:8d:58:46:7d:
c1:a5:ce:48:4f:08:35:5e:56:30:59:b7:5b:0f:cf:93:c1:a0:
71:fa:a2:af:21:00:3d:9b:a3:86:27:52:12:d5:c8:ec:97:80:
58:67:a2:b3:8e:28:06:d6:1c:87:e5:54:55:55:62:20:08:79:
33:31:e4:54:67:3e:b2:a4:a0:33:7e:96:de:8c:0f:9a:6d:1f:
77:f1:d4:08
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICBdkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTQy
MTA4NTNaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDIyMjFGNDAwNzFEODY1
QTkyQUI2OTk4MjMwMjZGREI2NkNDNjI5MjUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC7rgg//kFW/Mb+H/PZQL7QrA1kCHCbK5cT1UYAGd+fb0nO9jLC
gcpqk3j262J+j91PQFE7jaeaeJGqYXOrxvjRpndIiSIb5UgAoogEyTBy0LR6chw3
bccFd8QbMxJwM/VVsOlDRpPH0RBkUHopaSigvDUNTQkh9Q78NFOkkwZlXb7rzEd1
mU9H9/H1uo77c8+mG//Ot5KJ25TNY9xe+pKUZVPK87jn33o8zT/Rt4aNcrfqRDj9
PhNPAzYgYeIzA/CQ2NniNuclqzXllmnrxPFQb0PmyAgngOFOjJgco8LDXncItcFZ
P31W+qhEnlDV344wS2hX7O7fXi7+usI0n5Y/AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUIiH0AHHYZakqtpmCMCb9tmzGKSUwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9JaUgwQUhIWVpha3F0cG1D
TUNiOXRtekdLU1Uucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBADSoO9JnSlBkYYZSMSgMrKjJCcDM9JNzirdL
9kbujeR1l161aX6vQpHJv+nqXc1SKBX+TdQ7+wmynHmTmkARXNuYi1MlQc86VQ41
+vhctOrf3MWgB0wuZ4PZCjopJedFqDRql3YH5GNB2y17qpr3sSgMjbZjFRVIc+6L
Dv2/q93A89cKnAwKPWSR0ezrFnxhGwE9Pv4itGlNDAopSN8yP9OpP0iFTpUsgr60
S2XH4q30jVhGfcGlzkhPCDVeVjBZt1sPz5PBoHH6oq8hAD2bo4YnUhLVyOyXgFhn
orOOKAbWHIflVFVVYiAIeTMx5FRnPrKkoDN+lt6MD5ptH3fx1Ag=
-----END CERTIFICATE-----
Generated at Sun May 18 09:13:30 2025 by rpki-client