Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/KgVeW0Im8KR67BolYOcvE7vNP6A.roa
File: KgVeW0Im8KR67BolYOcvE7vNP6A.roa (raw, json)
Hash identifier: +ASX0igyEXSDXwjgUPwSo8d1FBaicDAgDsIij9NwKAU=
Subject key identifier: 2A:05:5E:5B:42:26:F0:A4:7A:EC:1A:25:60:E7:2F:13:BB:CD:3F:A0
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0485
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/KgVeW0Im8KR67BolYOcvE7vNP6A.roa
Signing time: Tue 13 May 2025 02:37:57 +0000
ROA not before: Tue 13 May 2025 02:37:57 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1157 (0x485)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 13 02:37:57 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=2A055E5B4226F0A47AEC1A2560E72F13BBCD3FA0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:d1:e4:1b:db:70:ad:ad:7f:12:0c:e8:35:85:
bc:f3:3c:d7:0e:9e:21:45:4e:65:99:81:9b:96:9f:
91:f2:45:e7:ba:8b:46:34:15:12:07:14:b0:f1:f1:
51:cc:26:f2:1e:89:8c:33:9c:a2:68:52:fd:56:28:
59:a4:6b:11:4c:ab:1f:92:3c:ca:e7:d6:5b:41:82:
1e:c5:0d:72:1d:68:9b:b1:08:a5:40:64:5e:94:5b:
15:c8:ec:7a:48:66:be:77:a3:54:86:d8:48:d7:e3:
fe:12:cc:f8:58:10:5b:ad:35:b0:6c:73:a3:d5:57:
07:dd:f7:bf:b5:78:71:dd:27:b0:74:2d:cb:8b:32:
64:86:12:e7:61:41:d9:dc:ea:98:d0:5b:88:84:7c:
8a:45:31:df:08:77:1b:6a:95:30:4d:28:7e:56:84:
e8:d3:82:83:d5:59:4b:f1:5e:6e:76:84:7d:3a:2b:
f9:81:47:a2:c7:22:1d:99:0a:70:a3:92:ba:a8:b2:
b2:1b:33:86:33:bd:81:79:59:64:c3:c5:4b:d3:62:
57:82:e2:97:10:03:b3:82:4c:3b:74:da:d9:6f:98:
3c:16:8f:2d:12:96:a4:fc:aa:06:bf:5d:98:af:4e:
65:db:c4:75:fc:22:f8:a1:02:ae:de:3c:bb:f4:fa:
c0:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:05:5E:5B:42:26:F0:A4:7A:EC:1A:25:60:E7:2F:13:BB:CD:3F:A0
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/KgVeW0Im8KR67BolYOcvE7vNP6A.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
46:2b:79:3f:e8:94:79:35:7f:72:17:9e:6a:54:61:0a:e6:11:
d0:89:46:84:20:6a:be:1c:2b:0d:54:fe:bd:df:2b:ca:d7:90:
3d:f8:34:1b:cb:7b:b8:bc:6c:c1:18:86:e7:ac:a0:8f:b1:52:
ff:2c:ca:ab:71:01:86:cb:bc:1b:2b:53:71:c9:34:e5:39:66:
ac:34:3e:34:0a:8b:b1:fd:12:46:ee:de:fe:b8:da:68:93:65:
73:f7:41:8d:6a:96:b5:cd:09:26:b1:43:c8:c9:2a:fc:b2:2a:
28:51:58:af:2d:36:f1:89:66:63:06:10:5a:61:55:68:04:df:
33:ac:fd:28:99:4d:ae:52:f1:04:8f:c5:82:a5:8a:80:18:ec:
7c:fd:f0:01:ac:55:91:7b:37:15:1a:92:4a:90:5a:3f:98:d0:
8a:1f:f7:07:54:3e:36:69:dd:31:f1:69:56:99:11:33:e3:73:
bb:6d:d1:e2:f0:7b:9f:42:c6:d5:cf:b6:d9:c6:c2:e1:55:38:
20:c0:7a:c0:51:91:b8:ba:29:de:ee:45:5d:96:0a:19:bc:16:
92:48:6a:16:5b:f3:4a:5e:3f:ec:3e:25:3c:c7:15:24:78:56:
5c:c0:a3:2c:1b:6f:3e:ea:ac:aa:bc:36:4c:41:09:38:2b:a2:
88:53:7d:e4
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICBIUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTMw
MjM3NTdaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDJBMDU1RTVCNDIyNkYw
QTQ3QUVDMUEyNTYwRTcyRjEzQkJDRDNGQTAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDM0eQb23CtrX8SDOg1hbzzPNcOniFFTmWZgZuWn5HyRee6i0Y0
FRIHFLDx8VHMJvIeiYwznKJoUv1WKFmkaxFMqx+SPMrn1ltBgh7FDXIdaJuxCKVA
ZF6UWxXI7HpIZr53o1SG2EjX4/4SzPhYEFutNbBsc6PVVwfd97+1eHHdJ7B0LcuL
MmSGEudhQdnc6pjQW4iEfIpFMd8IdxtqlTBNKH5WhOjTgoPVWUvxXm52hH06K/mB
R6LHIh2ZCnCjkrqosrIbM4YzvYF5WWTDxUvTYleC4pcQA7OCTDt02tlvmDwWjy0S
lqT8qga/XZivTmXbxHX8IvihAq7ePLv0+sCHAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUKgVeW0Im8KR67BolYOcvE7vNP6AwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9LZ1ZlVzBJbThLUjY3Qm9s
WU9jdkU3dk5QNkEucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBAEYreT/olHk1f3IXnmpUYQrmEdCJRoQgar4c
Kw1U/r3fK8rXkD34NBvLe7i8bMEYhuesoI+xUv8syqtxAYbLvBsrU3HJNOU5Zqw0
PjQKi7H9Ekbu3v642miTZXP3QY1qlrXNCSaxQ8jJKvyyKihRWK8tNvGJZmMGEFph
VWgE3zOs/SiZTa5S8QSPxYKlioAY7Hz98AGsVZF7NxUakkqQWj+Y0Iof9wdUPjZp
3THxaVaZETPjc7tt0eLwe59CxtXPttnGwuFVOCDAesBRkbi6Kd7uRV2WChm8FpJI
ahZb80peP+w+JTzHFSR4VlzAoywbbz7qrKq8NkxBCTgroohTfeQ=
-----END CERTIFICATE-----
Generated at Sun May 18 09:59:21 2025 by rpki-client