Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/QcrKyjAqGhLonlPZLvi9RjfsAHc.roa
File: QcrKyjAqGhLonlPZLvi9RjfsAHc.roa (raw, json)
Hash identifier: bIjsNj9Gk52CocsCdt+ZZaZM5YsGjPO4eeOqerYo7sM=
Subject key identifier: 41:CA:CA:CA:30:2A:1A:12:E8:9E:53:D9:2E:F8:BD:46:37:EC:00:77
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0771
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/QcrKyjAqGhLonlPZLvi9RjfsAHc.roa
Signing time: Sat 17 May 2025 00:08:17 +0000
ROA not before: Sat 17 May 2025 00:08:17 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1905 (0x771)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 17 00:08:17 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=41CACACA302A1A12E89E53D92EF8BD4637EC0077
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f5:f9:a3:5c:fa:81:09:12:cb:61:85:7c:03:1a:
27:14:b3:6d:86:48:c9:14:a0:32:a5:98:b2:f1:44:
39:1d:37:90:84:15:0e:73:82:67:22:f8:1c:52:a9:
a8:d7:e2:3b:0a:5c:5c:64:6f:5f:d4:ac:1b:17:0f:
87:03:eb:aa:b3:9c:5a:cd:7b:8c:f4:bb:0e:0b:07:
57:73:ca:65:97:35:9c:df:cc:bd:3f:d1:f5:06:aa:
cd:70:f7:35:fb:57:be:ab:52:85:6d:4f:d5:91:b2:
1a:06:43:bf:ad:a3:78:95:c1:e1:ee:83:ec:4e:79:
0e:9e:c6:b3:18:39:fb:20:2e:9c:1e:23:5e:60:e2:
a0:60:4d:eb:37:5d:b1:d9:2d:97:ff:66:ee:f6:8d:
88:92:6f:3e:d3:f7:a1:25:3f:4b:6c:15:1b:c6:f4:
eb:65:5f:33:f0:16:92:f8:36:a7:44:2c:b7:72:43:
7b:b6:6f:7f:e2:2f:a7:89:1f:cb:51:c6:38:b4:57:
f1:a8:4b:98:0f:4c:b2:a8:1d:42:1f:72:da:53:88:
02:15:28:f0:50:75:12:90:1a:16:8a:8c:9c:5f:c7:
4f:07:20:6a:85:5c:95:c3:7e:19:db:b6:89:d1:97:
c5:76:94:61:4f:b0:ed:90:f4:b2:02:7c:0f:67:ea:
74:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:CA:CA:CA:30:2A:1A:12:E8:9E:53:D9:2E:F8:BD:46:37:EC:00:77
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/QcrKyjAqGhLonlPZLvi9RjfsAHc.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
16:36:4e:fd:ab:57:04:5c:ca:15:49:d8:95:8f:6e:1a:af:1e:
a5:17:62:78:00:c6:85:94:39:62:d7:10:ab:be:b2:7b:c9:b7:
f6:86:d7:bb:03:13:8f:66:e6:15:4e:07:ea:81:23:26:c6:10:
04:39:a6:e8:83:2d:1f:4e:5f:69:04:6a:12:79:04:07:ca:7a:
57:76:fb:00:c8:27:4b:35:7f:c9:50:bf:a9:55:a7:64:c2:ef:
eb:2a:01:18:3b:32:2e:55:cd:f5:bb:94:ca:50:b8:79:c7:ff:
78:27:f6:97:8a:f7:2c:99:0d:61:dc:6b:09:ec:d3:5a:38:d2:
b8:37:b0:1f:9c:0a:17:0c:8e:17:9f:1e:01:98:6f:f2:33:70:
c8:05:29:0b:25:20:59:e1:cc:6e:1f:bb:ff:66:d1:ba:cf:59:
3c:0b:8e:b1:0d:a0:1e:a6:0b:2d:9d:06:1d:55:0a:f2:cd:fd:
2d:86:b1:8b:34:20:7c:75:8f:df:0a:f8:2e:f7:1d:47:2b:4f:
0d:23:c0:b0:eb:77:6b:9f:5d:e0:70:8d:66:12:44:dd:35:c3:
b8:5d:9b:6b:11:00:f1:e7:bd:b2:4f:5c:54:34:02:2d:3e:d6:
e5:8b:91:ed:16:2b:c2:ab:64:68:55:ca:b8:d4:3b:d0:cc:b8:
c2:df:52:1e
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICB3EwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTcw
MDA4MTdaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDQxQ0FDQUNBMzAyQTFB
MTJFODlFNTNEOTJFRjhCRDQ2MzdFQzAwNzcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQD1+aNc+oEJEsthhXwDGicUs22GSMkUoDKlmLLxRDkdN5CEFQ5z
gmci+BxSqajX4jsKXFxkb1/UrBsXD4cD66qznFrNe4z0uw4LB1dzymWXNZzfzL0/
0fUGqs1w9zX7V76rUoVtT9WRshoGQ7+to3iVweHug+xOeQ6exrMYOfsgLpweI15g
4qBgTes3XbHZLZf/Zu72jYiSbz7T96ElP0tsFRvG9OtlXzPwFpL4NqdELLdyQ3u2
b3/iL6eJH8tRxji0V/GoS5gPTLKoHUIfctpTiAIVKPBQdRKQGhaKjJxfx08HIGqF
XJXDfhnbtonRl8V2lGFPsO2Q9LICfA9n6nSXAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUQcrKyjAqGhLonlPZLvi9RjfsAHcwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9RY3JLeWpBcUdoTG9ubFBa
THZpOVJqZnNBSGMucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBABY2Tv2rVwRcyhVJ2JWPbhqvHqUXYngAxoWU
OWLXEKu+snvJt/aG17sDE49m5hVOB+qBIybGEAQ5puiDLR9OX2kEahJ5BAfKeld2
+wDIJ0s1f8lQv6lVp2TC7+sqARg7Mi5VzfW7lMpQuHnH/3gn9peK9yyZDWHcawns
01o40rg3sB+cChcMjhefHgGYb/IzcMgFKQslIFnhzG4fu/9m0brPWTwLjrENoB6m
Cy2dBh1VCvLN/S2GsYs0IHx1j98K+C73HUcrTw0jwLDrd2ufXeBwjWYSRN01w7hd
m2sRAPHnvbJPXFQ0Ai0+1uWLke0WK8KrZGhVyrjUO9DMuMLfUh4=
-----END CERTIFICATE-----
Generated at Sun May 18 18:44:31 2025 by rpki-client