Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/V1redlIc2CmPi7d-feSs89B_hJ0.roa
File: V1redlIc2CmPi7d-feSs89B_hJ0.roa (raw, json)
Hash identifier: y6TdIrG9eGJooS2jfQ/95Y6Ml/vPLlNIODy2Eg7TrAE=
Subject key identifier: 57:5A:DE:76:52:1C:D8:29:8F:8B:B7:7E:7D:E4:AC:F3:D0:7F:84:9D
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 03F5
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/V1redlIc2CmPi7d-feSs89B_hJ0.roa
Signing time: Mon 12 May 2025 08:37:55 +0000
ROA not before: Mon 12 May 2025 08:37:55 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1013 (0x3f5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 12 08:37:55 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=575ADE76521CD8298F8BB77E7DE4ACF3D07F849D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:4e:85:b9:f2:80:e9:54:38:be:59:74:c4:05:
64:c8:ea:20:d9:12:b7:a4:ff:33:44:d5:e7:ba:24:
cc:39:38:74:58:c8:60:8b:fd:de:1c:a2:14:b6:03:
19:c6:ca:bc:14:35:00:14:5e:03:17:a6:5e:25:66:
10:bf:a2:0f:45:ec:d3:58:63:3c:33:6d:1a:a5:d8:
b4:06:6f:f5:91:53:c5:b0:4f:1c:41:75:62:19:37:
67:0a:6a:96:fb:69:da:de:9d:68:d0:cb:2c:9b:b8:
f0:61:5b:a1:45:2b:cb:73:c6:66:f8:97:6f:cc:e8:
b5:dd:5f:94:41:39:3e:fd:e8:8a:76:82:43:9d:0b:
73:16:e7:bb:67:a8:18:2e:4a:9a:6f:c0:7e:7f:6e:
bd:d5:06:4b:8c:fb:c8:0f:69:7e:89:7e:51:eb:00:
2b:87:58:84:df:7f:1c:a6:ef:01:d3:3c:7c:d3:74:
1e:b6:41:ab:e3:ca:54:7b:49:31:ec:c3:cd:67:5b:
62:2e:9e:85:c4:60:2c:a0:f9:ab:c7:1e:71:bb:6d:
8c:03:08:5b:a5:e7:09:a0:5a:03:96:d7:82:68:a2:
fb:bc:7a:69:aa:37:2e:07:98:ed:b7:f0:6b:5c:5b:
1b:5c:e8:17:24:23:f2:06:f3:22:96:0e:62:28:4a:
bb:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:5A:DE:76:52:1C:D8:29:8F:8B:B7:7E:7D:E4:AC:F3:D0:7F:84:9D
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/V1redlIc2CmPi7d-feSs89B_hJ0.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
93:1f:bc:4e:cd:6b:53:15:c4:3d:cf:6a:12:b6:80:90:a6:ca:
cd:2a:8d:a2:90:b4:f2:ba:d1:90:64:2c:92:cf:f7:23:59:97:
9c:19:93:91:32:d5:fb:9f:d6:b2:5c:fa:d7:7b:4d:99:aa:ec:
94:9f:26:d4:42:bd:98:a8:12:b3:18:99:b8:4a:6d:67:53:5f:
21:ba:34:dc:3d:e4:95:28:dc:eb:fd:bc:11:c9:b3:dc:ac:43:
c2:9a:5c:52:84:a9:34:6c:50:d6:20:5a:f4:45:21:3d:b3:a4:
35:ff:b0:e7:9e:de:aa:8a:99:b0:19:0f:a2:28:8c:34:d0:b1:
b9:8c:6f:0a:31:7f:be:61:c5:c4:c6:3b:71:0b:ef:70:62:02:
86:17:8f:53:15:05:61:98:ae:7d:5a:a0:b5:a0:59:8b:35:2c:
9b:9e:db:21:9b:3a:9b:b4:66:c4:bb:55:31:19:a2:9c:f2:c5:
10:ac:e4:1d:30:68:aa:13:41:6c:11:be:dd:00:f0:38:75:32:
18:c9:83:03:9f:49:cd:ee:0c:00:11:d8:37:28:bc:3f:07:ec:
58:bc:6f:bd:0d:c6:79:57:0d:eb:cd:e2:4d:33:9e:a5:6b:6e:
fe:04:d9:4e:87:b5:49:70:63:8d:56:33:f5:6f:f3:a1:ae:5e:
38:c3:a2:7e
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICA/UwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTIw
ODM3NTVaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDU3NUFERTc2NTIxQ0Q4
Mjk4RjhCQjc3RTdERTRBQ0YzRDA3Rjg0OUQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC8ToW58oDpVDi+WXTEBWTI6iDZErek/zNE1ee6JMw5OHRYyGCL
/d4cohS2AxnGyrwUNQAUXgMXpl4lZhC/og9F7NNYYzwzbRql2LQGb/WRU8WwTxxB
dWIZN2cKapb7adrenWjQyyybuPBhW6FFK8tzxmb4l2/M6LXdX5RBOT796Ip2gkOd
C3MW57tnqBguSppvwH5/br3VBkuM+8gPaX6JflHrACuHWITffxym7wHTPHzTdB62
QavjylR7STHsw81nW2IunoXEYCyg+avHHnG7bYwDCFul5wmgWgOW14Joovu8emmq
Ny4HmO238GtcWxtc6BckI/IG8yKWDmIoSrsTAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUV1redlIc2CmPi7d+feSs89B/hJ0wHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9WMXJlZGxJYzJDbVBpN2Qt
ZmVTczg5Ql9oSjAucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBAJMfvE7Na1MVxD3PahK2gJCmys0qjaKQtPK6
0ZBkLJLP9yNZl5wZk5Ey1fuf1rJc+td7TZmq7JSfJtRCvZioErMYmbhKbWdTXyG6
NNw95JUo3Ov9vBHJs9ysQ8KaXFKEqTRsUNYgWvRFIT2zpDX/sOee3qqKmbAZD6Io
jDTQsbmMbwoxf75hxcTGO3EL73BiAoYXj1MVBWGYrn1aoLWgWYs1LJue2yGbOpu0
ZsS7VTEZopzyxRCs5B0waKoTQWwRvt0A8Dh1MhjJgwOfSc3uDAAR2DcovD8H7Fi8
b70NxnlXDevN4k0znqVrbv4E2U6HtUlwY41WM/Vv86GuXjjDon4=
-----END CERTIFICATE-----
Generated at Sun May 18 04:54:09 2025 by rpki-client