Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/QJyL7Y5IA5RGjwkJtradYfoJGqg.roa
File: QJyL7Y5IA5RGjwkJtradYfoJGqg.roa (raw, json)
Hash identifier: /5xOOJS1TGyA3nvUF0JXbJHWBP/iM4j0nnwJLyL4P7s=
Subject key identifier: 40:9C:8B:ED:8E:48:03:94:46:8F:09:09:B6:B6:9D:61:FA:09:1A:A8
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0521
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/QJyL7Y5IA5RGjwkJtradYfoJGqg.roa
Signing time: Tue 13 May 2025 22:07:59 +0000
ROA not before: Tue 13 May 2025 22:07:59 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1313 (0x521)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 13 22:07:59 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=409C8BED8E480394468F0909B6B69D61FA091AA8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:35:b8:e7:24:15:64:cf:67:06:3d:20:2a:2d:
9e:df:de:0a:b6:98:fd:f1:85:12:5b:3b:85:f2:07:
33:b5:d7:86:c8:de:8a:cb:52:cc:39:47:46:c3:bd:
2a:98:04:36:a4:79:0c:41:aa:5b:be:29:4c:91:d2:
64:ef:31:1b:91:df:fb:db:f1:32:2a:aa:91:e2:42:
5c:64:4d:f4:47:b9:76:86:ee:5a:3c:35:87:70:31:
ca:7d:b0:58:c9:f9:62:53:58:2f:46:dc:e1:05:05:
51:e0:b1:6f:21:7d:9d:29:51:3e:fc:0d:ca:25:15:
ac:36:59:5f:a3:ed:ea:58:3e:58:0c:5a:52:3e:55:
83:69:8c:21:f1:4f:c0:e0:9f:b3:e4:71:e4:5f:47:
c8:9d:19:9e:07:7b:73:93:f4:02:ea:bb:62:41:02:
5b:07:53:c9:1c:33:2f:fd:1b:5e:96:12:3e:59:31:
51:5d:b6:a7:e1:4c:61:70:70:ea:67:c4:b0:fd:57:
53:0e:cc:87:93:30:8c:da:38:f1:f1:74:dd:bd:c6:
2f:26:ea:4d:47:e7:8f:ce:86:cb:76:4e:ed:c8:1e:
5b:c3:e7:52:38:d2:c2:c0:b3:2f:41:ea:61:c6:e2:
cb:06:6a:b1:1d:dc:be:2c:c9:7b:e4:bc:98:7a:ca:
6e:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:9C:8B:ED:8E:48:03:94:46:8F:09:09:B6:B6:9D:61:FA:09:1A:A8
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/QJyL7Y5IA5RGjwkJtradYfoJGqg.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
15:4f:7b:a6:7b:e2:87:fc:3e:8e:3e:82:1b:45:cc:50:af:9c:
b8:c3:c5:a1:b5:50:98:28:69:82:f9:e0:c3:94:25:fe:1c:75:
02:44:04:90:f3:6b:01:ce:4d:4a:cc:f7:18:32:f0:2c:df:d4:
33:51:c8:c3:b7:b4:26:4b:aa:f3:ca:f4:5b:04:cc:18:1a:83:
c5:42:45:46:9e:d7:21:cb:bd:c9:74:76:57:2d:56:4d:38:ae:
01:9e:11:15:fc:3f:22:c8:4a:bd:3b:10:e7:8e:0c:78:89:53:
e2:cb:b4:6d:00:e0:15:ed:24:60:34:6a:0e:0b:1e:60:f9:d6:
c2:e6:9d:53:6e:05:df:3b:39:3b:05:5d:f5:71:a4:ee:70:78:
57:64:97:35:90:b5:04:0e:72:ad:8b:85:7f:ad:f7:60:db:1d:
4f:99:bc:25:5b:87:d0:c6:6c:03:c7:c2:b1:a9:09:f3:87:04:
ff:b2:c2:ea:9b:fe:2e:7f:74:82:82:fa:ad:a3:3c:6e:5b:c8:
50:64:4e:bb:0b:7c:a0:41:7b:a9:18:52:6b:52:ad:7b:49:e9:
01:3f:f3:af:aa:35:1b:be:a8:65:27:ec:2b:ab:2b:2d:d7:08:
14:c6:27:0a:10:b2:d9:a6:d7:87:5d:0e:47:53:b5:cb:31:93:
80:b0:62:b1
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICBSEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTMy
MjA3NTlaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDQwOUM4QkVEOEU0ODAz
OTQ0NjhGMDkwOUI2QjY5RDYxRkEwOTFBQTgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDnNbjnJBVkz2cGPSAqLZ7f3gq2mP3xhRJbO4XyBzO114bI3orL
Usw5R0bDvSqYBDakeQxBqlu+KUyR0mTvMRuR3/vb8TIqqpHiQlxkTfRHuXaG7lo8
NYdwMcp9sFjJ+WJTWC9G3OEFBVHgsW8hfZ0pUT78DcolFaw2WV+j7epYPlgMWlI+
VYNpjCHxT8Dgn7PkceRfR8idGZ4He3OT9ALqu2JBAlsHU8kcMy/9G16WEj5ZMVFd
tqfhTGFwcOpnxLD9V1MOzIeTMIzaOPHxdN29xi8m6k1H54/Ohst2Tu3IHlvD51I4
0sLAsy9B6mHG4ssGarEd3L4syXvkvJh6ym7TAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUQJyL7Y5IA5RGjwkJtradYfoJGqgwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9RSnlMN1k1SUE1Ukdqd2tK
dHJhZFlmb0pHcWcucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBABVPe6Z74of8Po4+ghtFzFCvnLjDxaG1UJgo
aYL54MOUJf4cdQJEBJDzawHOTUrM9xgy8Czf1DNRyMO3tCZLqvPK9FsEzBgag8VC
RUae1yHLvcl0dlctVk04rgGeERX8PyLISr07EOeODHiJU+LLtG0A4BXtJGA0ag4L
HmD51sLmnVNuBd87OTsFXfVxpO5weFdklzWQtQQOcq2LhX+t92DbHU+ZvCVbh9DG
bAPHwrGpCfOHBP+ywuqb/i5/dIKC+q2jPG5byFBkTrsLfKBBe6kYUmtSrXtJ6QE/
86+qNRu+qGUn7CurKy3XCBTGJwoQstmm14ddDkdTtcsxk4CwYrE=
-----END CERTIFICATE-----
Generated at Sun May 18 20:31:23 2025 by rpki-client