Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/RjwVvrwyb1OLBwlNi5Kj_WwvPvg.roa
File: RjwVvrwyb1OLBwlNi5Kj_WwvPvg.roa (raw, json)
Hash identifier: KFylamhbKa/kGL+47lOXY4SmqZgbI2G0jahcrL+0uK0=
Subject key identifier: 46:3C:15:BE:BC:32:6F:53:8B:07:09:4D:8B:92:A3:FD:6C:2F:3E:F8
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 04D9
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/RjwVvrwyb1OLBwlNi5Kj_WwvPvg.roa
Signing time: Tue 13 May 2025 13:08:01 +0000
ROA not before: Tue 13 May 2025 13:08:01 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1241 (0x4d9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 13 13:08:01 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=463C15BEBC326F538B07094D8B92A3FD6C2F3EF8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:ae:46:a5:0b:a2:5c:31:44:41:1a:99:cc:81:
d7:c5:d6:be:39:f6:af:d6:ca:a9:be:14:da:27:02:
62:a3:8b:7c:8c:a7:1f:56:a1:85:bb:3a:23:95:3a:
f8:cb:6a:e1:ab:42:e6:94:40:fd:f0:e1:45:84:99:
88:f3:57:fc:c2:76:3a:c3:a3:71:7f:a6:5b:1c:71:
c3:a5:09:c2:a4:e2:5e:42:40:ed:40:1e:53:f2:d2:
2d:95:ef:03:b7:38:f4:54:a9:3a:9a:41:cd:03:3c:
8a:b6:4d:67:65:bb:27:39:5a:be:6f:74:da:b0:a9:
2b:bc:00:5e:93:9b:39:96:84:80:cd:49:45:27:2b:
83:20:e1:b4:19:af:a3:a1:9b:2b:8e:ba:2f:7b:67:
76:fe:e3:94:2e:81:b2:f8:3a:f8:7d:a0:4e:0a:f3:
f1:12:cc:fb:26:45:09:3e:b0:17:ca:b8:1f:f1:57:
3d:38:a5:11:4b:06:01:48:c7:f9:1b:8b:8d:35:21:
ab:c3:d1:57:92:c5:79:34:eb:aa:cf:55:f9:79:f7:
fa:cb:cb:9d:78:26:52:8d:78:07:0b:e6:82:7f:ca:
47:a0:da:ec:8b:bb:9b:b2:36:13:b6:e9:c6:2b:13:
11:9b:53:3b:db:6c:0d:f6:dd:b2:90:ae:9a:86:00:
79:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:3C:15:BE:BC:32:6F:53:8B:07:09:4D:8B:92:A3:FD:6C:2F:3E:F8
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/RjwVvrwyb1OLBwlNi5Kj_WwvPvg.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
0c:f9:33:f5:51:8a:7d:e6:70:55:03:e9:81:64:83:c3:ea:b0:
e2:43:ce:93:5b:ca:89:ac:dc:44:fb:71:2f:0d:c4:3a:b0:6e:
47:e9:2f:6f:98:e1:6e:83:97:b4:5c:8b:ae:b9:e6:27:29:26:
63:b2:4e:2e:a1:3c:c6:24:d8:4f:8e:f4:5c:dd:8b:2c:51:46:
da:0e:2d:c7:f8:ee:ef:b1:ca:82:a1:55:de:a8:23:39:cb:4b:
5c:0d:42:d6:55:90:eb:d8:97:2f:24:fd:0b:da:f8:d8:e1:65:
c9:47:dd:9f:4e:55:dc:a5:bc:4a:fa:59:99:bb:d6:a8:7c:18:
d3:cd:82:fc:16:6a:5c:d1:10:2b:14:4a:69:2c:56:81:a9:ef:
4f:1b:92:5d:fe:9b:32:3d:c5:da:10:15:f5:b0:f1:cb:e6:ba:
12:0a:83:dd:c8:b6:c3:29:43:8b:f4:ce:15:79:72:9e:4b:f1:
a2:d2:0e:27:f9:39:48:f5:b6:f2:88:5e:95:c4:c6:16:5b:71:
01:cf:01:70:6b:3e:60:8d:16:52:70:a8:85:46:9f:24:78:88:
34:35:40:d9:8b:b1:be:ef:2f:27:3b:73:b6:af:14:fd:38:59:
32:23:68:c7:b4:e2:87:d3:dd:7d:67:fc:11:04:6b:11:1f:c9:
ae:8c:5f:6d
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICBNkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTMx
MzA4MDFaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDQ2M0MxNUJFQkMzMjZG
NTM4QjA3MDk0RDhCOTJBM0ZENkMyRjNFRjgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCmrkalC6JcMURBGpnMgdfF1r459q/Wyqm+FNonAmKji3yMpx9W
oYW7OiOVOvjLauGrQuaUQP3w4UWEmYjzV/zCdjrDo3F/plscccOlCcKk4l5CQO1A
HlPy0i2V7wO3OPRUqTqaQc0DPIq2TWdluyc5Wr5vdNqwqSu8AF6TmzmWhIDNSUUn
K4Mg4bQZr6OhmyuOui97Z3b+45QugbL4Ovh9oE4K8/ESzPsmRQk+sBfKuB/xVz04
pRFLBgFIx/kbi401IavD0VeSxXk066rPVfl59/rLy514JlKNeAcL5oJ/ykeg2uyL
u5uyNhO26cYrExGbUzvbbA323bKQrpqGAHlDAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQURjwVvrwyb1OLBwlNi5Kj/WwvPvgwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9SandWdnJ3eWIxT0xCd2xO
aTVLal9Xd3ZQdmcucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBAAz5M/VRin3mcFUD6YFkg8PqsOJDzpNbyoms
3ET7cS8NxDqwbkfpL2+Y4W6Dl7Rci6655icpJmOyTi6hPMYk2E+O9FzdiyxRRtoO
Lcf47u+xyoKhVd6oIznLS1wNQtZVkOvYly8k/Qva+NjhZclH3Z9OVdylvEr6WZm7
1qh8GNPNgvwWalzRECsUSmksVoGp708bkl3+mzI9xdoQFfWw8cvmuhIKg93ItsMp
Q4v0zhV5cp5L8aLSDif5OUj1tvKIXpXExhZbcQHPAXBrPmCNFlJwqIVGnyR4iDQ1
QNmLsb7vLyc7c7avFP04WTIjaMe04ofT3X1n/BEEaxEfya6MX20=
-----END CERTIFICATE-----
Generated at Sun May 18 18:58:37 2025 by rpki-client