Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/K1fJpY4GMRUTiRCv1Ng-WbM_AfE.roa
File: K1fJpY4GMRUTiRCv1Ng-WbM_AfE.roa (raw, json)
Hash identifier: u3u0ZX7oFsDCngY3XppwD2yG3S55vii1UKirT6vwDWY=
Subject key identifier: 2B:57:C9:A5:8E:06:31:15:13:89:10:AF:D4:D8:3E:59:B3:3F:01:F1
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0681
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/K1fJpY4GMRUTiRCv1Ng-WbM_AfE.roa
Signing time: Thu 15 May 2025 18:08:04 +0000
ROA not before: Thu 15 May 2025 18:08:04 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1665 (0x681)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 15 18:08:04 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=2B57C9A58E063115138910AFD4D83E59B33F01F1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:49:ef:ee:0f:30:c5:3d:81:31:22:47:40:ad:
00:bb:b0:66:28:54:8f:c7:f6:ca:89:8f:b4:ec:b7:
57:27:f2:a1:86:c5:d3:53:d1:58:9c:ac:ef:50:56:
28:71:6d:9b:18:ee:ba:86:fb:b0:36:c3:1e:e1:51:
32:a8:61:c9:b3:03:55:97:79:c4:04:4e:a9:f3:7b:
1f:32:2c:54:7d:a0:22:08:21:cd:e8:d1:2f:07:7e:
8f:28:d9:f6:ea:86:0f:1e:3c:be:ce:7a:91:d2:ac:
fc:78:03:42:2f:a4:fa:a2:6b:66:ee:f7:5f:62:1f:
43:4b:8a:86:26:85:f7:c1:11:19:5a:0d:55:22:f6:
e5:5c:9d:0a:34:b1:86:d8:b5:d3:1f:fd:93:33:65:
fd:a2:9e:b6:6a:df:e5:dd:2a:01:2e:2a:4c:3b:95:
69:43:98:1e:92:c5:f4:e5:ad:4b:29:97:b4:4a:17:
aa:40:15:ed:39:62:74:ee:e3:bd:89:da:83:1c:ec:
d9:97:ab:e3:a1:10:e4:03:6b:fd:b5:b4:22:94:fe:
3f:b3:74:fc:5b:43:fe:b3:fb:ff:e4:ae:5a:f0:19:
5b:c8:01:73:b7:31:27:09:09:bf:d9:fa:f9:7d:67:
5c:d5:5c:9c:87:04:0c:64:ca:0e:73:99:90:4b:99:
77:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:57:C9:A5:8E:06:31:15:13:89:10:AF:D4:D8:3E:59:B3:3F:01:F1
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/K1fJpY4GMRUTiRCv1Ng-WbM_AfE.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
24:75:c0:3d:96:63:fe:df:25:f2:37:92:41:b7:7a:a6:1e:0f:
20:82:34:2d:54:cc:5d:14:88:03:79:5d:ae:68:28:a9:1c:1d:
49:1c:fd:9a:e9:70:f8:ad:03:3a:fe:3f:f6:c8:51:f6:21:0f:
0c:fb:f6:b6:19:cf:a0:72:33:75:18:58:0b:2f:36:e9:ec:d6:
cf:a9:1d:d2:8f:43:bc:72:b3:1d:98:c3:74:af:3f:ab:3c:d6:
0d:ae:a9:f0:1a:d9:35:66:f8:d5:1a:30:de:2c:cc:84:0c:05:
fc:26:5d:03:0e:df:93:83:73:21:e6:87:d5:a6:93:07:f5:a4:
50:94:c2:f6:f8:b5:de:18:4f:d7:98:cf:69:57:e2:ff:21:55:
3c:c9:ba:4a:15:67:1a:7c:44:39:5c:85:d3:68:46:30:8c:80:
d5:b9:bd:32:c9:8a:93:ea:c7:38:a5:cd:4a:60:e7:ce:67:70:
5b:85:48:67:48:f7:80:56:56:81:3d:85:1c:25:a9:9f:a9:97:
66:40:da:83:26:e0:b7:d5:fe:3b:d3:a4:dd:78:c5:6f:97:88:
45:7b:4d:42:23:4e:15:d7:ac:b8:60:58:b1:11:78:6f:e3:60:
83:82:06:9d:b2:e5:d2:6c:7a:6e:3f:0c:78:1f:5d:64:98:97:
3f:98:fb:e6
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICBoEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTUx
ODA4MDRaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDJCNTdDOUE1OEUwNjMx
MTUxMzg5MTBBRkQ0RDgzRTU5QjMzRjAxRjEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCvSe/uDzDFPYExIkdArQC7sGYoVI/H9sqJj7Tst1cn8qGGxdNT
0VicrO9QVihxbZsY7rqG+7A2wx7hUTKoYcmzA1WXecQETqnzex8yLFR9oCIIIc3o
0S8Hfo8o2fbqhg8ePL7OepHSrPx4A0IvpPqia2bu919iH0NLioYmhffBERlaDVUi
9uVcnQo0sYbYtdMf/ZMzZf2inrZq3+XdKgEuKkw7lWlDmB6SxfTlrUspl7RKF6pA
Fe05YnTu472J2oMc7NmXq+OhEOQDa/21tCKU/j+zdPxbQ/6z+//krlrwGVvIAXO3
MScJCb/Z+vl9Z1zVXJyHBAxkyg5zmZBLmXe/AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUK1fJpY4GMRUTiRCv1Ng+WbM/AfEwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9LMWZKcFk0R01SVVRpUkN2
MU5nLVdiTV9BZkUucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBACR1wD2WY/7fJfI3kkG3eqYeDyCCNC1UzF0U
iAN5Xa5oKKkcHUkc/ZrpcPitAzr+P/bIUfYhDwz79rYZz6ByM3UYWAsvNuns1s+p
HdKPQ7xysx2Yw3SvP6s81g2uqfAa2TVm+NUaMN4szIQMBfwmXQMO35ODcyHmh9Wm
kwf1pFCUwvb4td4YT9eYz2lX4v8hVTzJukoVZxp8RDlchdNoRjCMgNW5vTLJipPq
xzilzUpg585ncFuFSGdI94BWVoE9hRwlqZ+pl2ZA2oMm4LfV/jvTpN14xW+XiEV7
TUIjThXXrLhgWLEReG/jYIOCBp2y5dJsem4/DHgfXWSYlz+Y++Y=
-----END CERTIFICATE-----
Generated at Sat May 17 21:19:40 2025 by rpki-client