Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/QEyf_ddUelbET90DwqPEGllQFII.roa
File: QEyf_ddUelbET90DwqPEGllQFII.roa (raw, json)
Hash identifier: KsRJ1C23UKAqJumALieq8BBVVH5ydwG6uJgXFDIp4rM=
Subject key identifier: 40:4C:9F:FD:D7:54:7A:56:C4:4F:DD:03:C2:A3:C4:1A:59:50:14:82
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 03E9
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/QEyf_ddUelbET90DwqPEGllQFII.roa
Signing time: Mon 12 May 2025 07:07:58 +0000
ROA not before: Mon 12 May 2025 07:07:58 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1001 (0x3e9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 12 07:07:58 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=404C9FFDD7547A56C44FDD03C2A3C41A59501482
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:29:5c:68:21:37:a7:40:c1:92:dd:67:a3:e6:
f7:65:db:e4:be:ec:90:f2:36:73:bf:6d:86:3f:b5:
e9:d5:92:96:9c:0e:ce:47:50:e7:5f:95:f1:58:8d:
98:e7:01:21:54:5c:18:56:25:fe:34:20:51:21:be:
e9:e6:7b:ca:b0:b6:d7:3e:dd:d0:a1:eb:f9:19:c4:
10:df:3d:48:37:eb:e0:6e:5e:f4:9e:78:e2:cb:78:
8b:03:a2:fd:d2:53:da:b9:c5:5b:9b:75:61:7b:2e:
15:21:78:27:73:d2:77:d7:16:f1:b2:3c:38:49:62:
e0:90:1e:04:49:23:59:ad:c5:e8:9a:59:a0:a2:d2:
26:02:58:19:0d:eb:dd:a3:5d:b7:cc:9c:f0:bd:6a:
ea:4a:5d:c5:67:bc:6e:92:55:01:c1:63:82:4f:a0:
f1:28:88:ca:11:1e:24:49:3c:d1:3c:8b:44:14:3a:
39:27:50:e9:5e:63:65:64:f0:c1:ba:24:f2:40:bc:
af:cd:0e:71:3e:fa:9f:8c:d6:31:f8:a5:90:5c:4a:
5a:79:3d:f3:d2:1a:38:ea:a2:99:e0:b0:06:3a:f6:
8a:5e:9c:c9:d3:2b:44:1a:89:cb:35:2f:bc:fd:05:
40:7d:d2:70:80:19:c4:f4:1b:c7:6e:2e:d3:fd:94:
9d:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:4C:9F:FD:D7:54:7A:56:C4:4F:DD:03:C2:A3:C4:1A:59:50:14:82
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/QEyf_ddUelbET90DwqPEGllQFII.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
3f:15:45:61:33:4f:ed:9e:f9:87:49:8f:75:43:8a:93:c5:cb:
ab:ef:71:58:9d:de:74:3e:24:f2:51:3c:26:93:37:81:60:16:
52:7f:52:33:f9:92:6e:53:88:6d:77:8d:22:b1:3d:b2:87:6d:
d6:89:3f:f2:10:97:9c:c7:0d:f0:7c:0a:27:12:9a:ba:f2:53:
84:bf:54:73:ac:80:37:72:f6:92:8e:8f:98:dc:21:0b:10:a9:
87:85:ae:fb:d3:ed:34:ac:d3:0b:8b:1f:c5:ac:40:44:a1:3b:
41:8f:16:58:96:fe:06:3e:81:21:92:0b:ee:aa:37:0d:f8:81:
c3:b3:52:82:c1:53:a7:78:59:75:e2:c3:08:7c:75:1d:83:46:
5a:77:29:aa:21:91:c9:8a:a7:ec:44:45:6a:92:ae:4f:11:fb:
95:f2:3c:a7:be:0e:f0:97:5d:fb:1f:b4:51:ad:b9:f7:24:81:
e6:a5:39:31:6b:88:5d:d5:91:40:4e:62:3a:e2:4f:dd:b2:49:
97:63:ed:d2:1a:26:ea:d8:6e:f5:52:80:eb:af:41:1b:2f:04:
56:ee:03:9a:79:11:43:78:5a:9d:2c:37:06:b7:5a:fa:f8:4b:
13:f3:2e:69:be:70:b4:fc:4b:63:90:f7:78:45:5a:eb:83:75:
a2:60:22:96
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICA+kwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTIw
NzA3NThaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDQwNEM5RkZERDc1NDdB
NTZDNDRGREQwM0MyQTNDNDFBNTk1MDE0ODIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCZKVxoITenQMGS3Wej5vdl2+S+7JDyNnO/bYY/tenVkpacDs5H
UOdflfFYjZjnASFUXBhWJf40IFEhvunme8qwttc+3dCh6/kZxBDfPUg36+BuXvSe
eOLLeIsDov3SU9q5xVubdWF7LhUheCdz0nfXFvGyPDhJYuCQHgRJI1mtxeiaWaCi
0iYCWBkN692jXbfMnPC9aupKXcVnvG6SVQHBY4JPoPEoiMoRHiRJPNE8i0QUOjkn
UOleY2Vk8MG6JPJAvK/NDnE++p+M1jH4pZBcSlp5PfPSGjjqopngsAY69openMnT
K0Qaics1L7z9BUB90nCAGcT0G8duLtP9lJ3NAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUQEyf/ddUelbET90DwqPEGllQFIIwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9RRXlmX2RkVWVsYkVUOTBE
d3FQRUdsbFFGSUkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBAD8VRWEzT+2e+YdJj3VDipPFy6vvcVid3nQ+
JPJRPCaTN4FgFlJ/UjP5km5TiG13jSKxPbKHbdaJP/IQl5zHDfB8CicSmrryU4S/
VHOsgDdy9pKOj5jcIQsQqYeFrvvT7TSs0wuLH8WsQEShO0GPFliW/gY+gSGSC+6q
Nw34gcOzUoLBU6d4WXXiwwh8dR2DRlp3KaohkcmKp+xERWqSrk8R+5XyPKe+DvCX
XfsftFGtufckgealOTFriF3VkUBOYjriT92ySZdj7dIaJurYbvVSgOuvQRsvBFbu
A5p5EUN4Wp0sNwa3Wvr4SxPzLmm+cLT8S2OQ93hFWuuDdaJgIpY=
-----END CERTIFICATE-----
Generated at Sat May 17 19:38:50 2025 by rpki-client