Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/JsspiAn0W-W2vT9dWnYZbe3Ef1Q.roa
File: JsspiAn0W-W2vT9dWnYZbe3Ef1Q.roa (raw, json)
Hash identifier: gXw8S69S/JgSAXTuItQpj3sVv0blGGyQ5IPMDsTURu0=
Subject key identifier: 26:CB:29:88:09:F4:5B:E5:B6:BD:3F:5D:5A:76:19:6D:ED:C4:7F:54
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 02B1
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/JsspiAn0W-W2vT9dWnYZbe3Ef1Q.roa
Signing time: Sat 10 May 2025 16:07:52 +0000
ROA not before: Sat 10 May 2025 16:07:52 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 689 (0x2b1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 10 16:07:52 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=26CB298809F45BE5B6BD3F5D5A76196DEDC47F54
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:f1:f4:40:b0:12:dc:88:06:25:45:48:89:65:
57:d6:cc:d2:5c:a1:30:4b:12:3f:29:3d:a3:bd:52:
0b:52:43:94:f0:bf:bb:cc:59:01:44:1a:09:c6:12:
7e:c6:41:73:6a:7f:0e:5d:7d:a3:87:b6:93:ba:47:
1c:63:14:a3:a0:86:12:2f:08:aa:78:08:c4:b5:99:
9a:9f:20:bb:dd:ed:0a:04:92:af:b9:0e:7a:a0:bb:
86:06:38:af:c2:bd:5b:df:2b:60:4c:93:39:7c:99:
16:23:e0:39:33:d2:76:a5:c9:3f:c4:10:55:23:18:
dc:d0:2a:4a:14:24:9c:58:75:91:5d:bf:e2:0d:c2:
f1:68:4a:d1:40:28:16:ca:cf:6d:e8:ff:81:a2:ce:
59:6e:bb:ca:5d:81:86:66:2f:e0:22:a7:62:93:b6:
c4:d4:97:66:5b:98:0b:10:08:6b:ce:c8:33:18:dd:
04:10:28:86:06:de:a3:d3:64:cd:f5:66:52:c2:8c:
df:a9:10:4f:39:40:9d:b9:6a:2f:b5:41:a6:38:4b:
59:8d:e2:1e:f8:5f:96:39:d3:a9:52:92:87:ce:34:
13:6b:1c:01:89:e2:29:3a:60:33:41:85:bc:7c:a4:
d3:4f:3e:83:28:62:b5:91:24:66:1b:fa:db:b8:28:
48:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:CB:29:88:09:F4:5B:E5:B6:BD:3F:5D:5A:76:19:6D:ED:C4:7F:54
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/JsspiAn0W-W2vT9dWnYZbe3Ef1Q.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
04:c7:a8:59:96:79:7d:70:b9:4e:8f:48:d4:45:c0:a5:f9:7a:
7c:4c:74:3c:d2:3b:90:be:78:e2:cb:06:57:7c:99:e7:3b:4d:
4d:8e:34:68:6a:07:f4:63:21:1a:63:9f:49:10:2d:9a:89:1b:
e4:46:2a:16:eb:60:dd:3e:fe:d7:7c:e1:73:79:10:01:a1:43:
c6:16:f8:53:b6:d0:14:6c:d5:59:3a:18:ac:d6:b3:56:20:f3:
fd:62:af:ee:7b:26:c9:43:e6:54:b5:f8:91:b8:3a:95:07:e6:
bd:b4:fe:18:aa:b6:e1:fe:71:61:af:ff:1c:f2:48:21:f4:11:
32:34:03:fd:84:50:a6:ec:92:fa:09:1e:f5:bc:2d:10:8a:e7:
e7:93:e9:01:d4:28:42:0f:9e:5e:09:92:45:fd:e3:66:63:3b:
2e:b8:08:e3:12:13:73:60:35:25:b0:45:40:2a:a9:ba:f1:5f:
53:eb:40:d1:39:5a:8d:d3:cf:0c:f8:16:d4:ee:9f:b7:43:75:
ab:15:fe:68:63:71:1e:33:9e:73:7e:c2:55:46:89:40:96:f1:
f5:72:cc:36:28:76:22:90:44:f1:f7:5f:a3:d4:a2:f4:cc:e2:
80:9d:84:78:61:60:05:6c:5d:4a:b5:e2:f7:00:e0:94:28:cc:
db:46:9c:63
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICArEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTAx
NjA3NTJaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDI2Q0IyOTg4MDlGNDVC
RTVCNkJEM0Y1RDVBNzYxOTZERURDNDdGNTQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDP8fRAsBLciAYlRUiJZVfWzNJcoTBLEj8pPaO9UgtSQ5Twv7vM
WQFEGgnGEn7GQXNqfw5dfaOHtpO6RxxjFKOghhIvCKp4CMS1mZqfILvd7QoEkq+5
Dnqgu4YGOK/CvVvfK2BMkzl8mRYj4Dkz0nalyT/EEFUjGNzQKkoUJJxYdZFdv+IN
wvFoStFAKBbKz23o/4Gizlluu8pdgYZmL+Aip2KTtsTUl2ZbmAsQCGvOyDMY3QQQ
KIYG3qPTZM31ZlLCjN+pEE85QJ25ai+1QaY4S1mN4h74X5Y506lSkofONBNrHAGJ
4ik6YDNBhbx8pNNPPoMoYrWRJGYb+tu4KEgtAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUJsspiAn0W+W2vT9dWnYZbe3Ef1QwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9Kc3NwaUFuMFctVzJ2VDlk
V25ZWmJlM0VmMVEucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBAATHqFmWeX1wuU6PSNRFwKX5enxMdDzSO5C+
eOLLBld8mec7TU2ONGhqB/RjIRpjn0kQLZqJG+RGKhbrYN0+/td84XN5EAGhQ8YW
+FO20BRs1Vk6GKzWs1Yg8/1ir+57JslD5lS1+JG4OpUH5r20/hiqtuH+cWGv/xzy
SCH0ETI0A/2EUKbskvoJHvW8LRCK5+eT6QHUKEIPnl4JkkX942ZjOy64COMSE3Ng
NSWwRUAqqbrxX1PrQNE5Wo3Tzwz4FtTun7dDdasV/mhjcR4znnN+wlVGiUCW8fVy
zDYodiKQRPH3X6PUovTM4oCdhHhhYAVsXUq14vcA4JQozNtGnGM=
-----END CERTIFICATE-----
Generated at Sun May 18 02:01:53 2025 by rpki-client