Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/VG2NIwByzjHVpJAZPg5HFUMRqCc.roa
File: VG2NIwByzjHVpJAZPg5HFUMRqCc.roa (raw, json)
Hash identifier: 3i0SGshbzHgK0Eh0+fL4XnNCv9qvGjxp3m5EyA3Yj00=
Subject key identifier: 54:6D:8D:23:00:72:CE:31:D5:A4:90:19:3E:0E:47:15:43:11:A8:27
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0621
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/VG2NIwByzjHVpJAZPg5HFUMRqCc.roa
Signing time: Thu 15 May 2025 06:08:05 +0000
ROA not before: Thu 15 May 2025 06:08:05 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1569 (0x621)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 15 06:08:05 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=546D8D230072CE31D5A490193E0E47154311A827
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:f9:1a:b5:7e:88:71:ea:c9:75:ce:2d:58:ff:
e1:50:98:97:4e:0f:56:99:f2:62:df:c7:5a:92:a4:
55:2d:31:fe:25:66:67:89:85:bc:a2:5e:fb:29:0a:
54:f8:c5:da:a6:3d:5d:f3:30:67:1b:bc:65:59:73:
93:d3:5a:f2:c2:6b:85:a6:f4:50:d0:d9:8a:84:ea:
a0:00:50:91:86:d4:37:83:6f:e8:6e:33:05:29:2a:
ad:ac:8f:61:6c:29:84:42:67:c6:87:b2:eb:cf:0e:
43:73:70:f2:0d:90:07:c7:cd:8a:ff:11:53:1c:e9:
16:c8:a2:08:31:c7:f0:85:21:a2:6f:02:6e:fd:0a:
4d:70:89:36:bb:83:80:fd:b9:9c:c1:74:67:fe:b8:
f3:89:d5:57:0f:61:d2:2a:34:96:67:c7:3c:96:25:
3c:d3:92:f1:37:1c:85:e3:61:e0:37:a6:1c:7d:e2:
18:4b:3c:9f:75:2e:ac:e2:f9:2d:2c:81:c8:90:cc:
7d:90:da:ec:52:0e:65:6c:36:d9:0c:ff:09:31:65:
e5:35:ea:45:fe:8c:c1:56:f1:2d:ce:44:4f:3c:ee:
89:ad:eb:5c:95:96:93:ab:de:29:24:b7:62:da:a1:
61:03:38:05:6d:f0:3a:df:25:56:88:56:d4:e1:9f:
31:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:6D:8D:23:00:72:CE:31:D5:A4:90:19:3E:0E:47:15:43:11:A8:27
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/VG2NIwByzjHVpJAZPg5HFUMRqCc.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
25:a1:61:b2:20:c1:24:c0:5c:de:24:54:b4:30:a0:dc:46:6e:
9f:b3:ef:90:9a:b2:b9:39:2a:a3:b6:40:b1:3f:b5:0c:00:86:
33:14:b2:2b:37:ac:4f:1d:5c:78:f8:92:7e:6a:59:fa:fc:cc:
ae:1f:3f:64:8e:e5:b5:8c:f7:4d:0f:4a:9f:5c:22:e1:35:7d:
af:db:f8:fc:7e:02:64:53:89:bb:09:ba:c2:37:11:48:46:bc:
52:a9:e3:be:ef:0e:c3:72:10:e5:1e:5c:9c:73:5d:1d:6c:29:
77:07:21:1f:46:a3:f2:b6:cd:5d:a9:7c:1b:94:42:6d:08:67:
12:24:ff:f7:f3:9e:81:dc:6c:9a:89:50:ed:e6:62:ca:ac:42:
c3:0c:63:4f:1e:b4:6d:a3:35:f0:4a:c4:50:d2:0b:d9:fc:ab:
ef:d8:34:49:dd:03:a4:59:47:1b:d0:3b:80:f5:59:e9:3e:fd:
b1:16:e2:ca:21:84:13:ca:20:a6:32:60:ec:60:f8:92:47:2f:
84:f8:bf:8b:a7:ec:3c:e2:f1:1b:03:19:92:2c:f0:e3:83:0c:
47:4b:29:29:5d:82:8e:cb:ad:90:4a:0e:fb:f9:21:ad:13:3c:
1f:0c:bf:d2:30:95:7f:a9:3a:b6:d9:0a:1f:c9:c9:94:ab:ea:
1f:d7:4b:35
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICBiEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTUw
NjA4MDVaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDU0NkQ4RDIzMDA3MkNF
MzFENUE0OTAxOTNFMEU0NzE1NDMxMUE4MjcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDN+Rq1fohx6sl1zi1Y/+FQmJdOD1aZ8mLfx1qSpFUtMf4lZmeJ
hbyiXvspClT4xdqmPV3zMGcbvGVZc5PTWvLCa4Wm9FDQ2YqE6qAAUJGG1DeDb+hu
MwUpKq2sj2FsKYRCZ8aHsuvPDkNzcPINkAfHzYr/EVMc6RbIoggxx/CFIaJvAm79
Ck1wiTa7g4D9uZzBdGf+uPOJ1VcPYdIqNJZnxzyWJTzTkvE3HIXjYeA3phx94hhL
PJ91Lqzi+S0sgciQzH2Q2uxSDmVsNtkM/wkxZeU16kX+jMFW8S3ORE887omt61yV
lpOr3ikkt2LaoWEDOAVt8DrfJVaIVtThnzF1AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUVG2NIwByzjHVpJAZPg5HFUMRqCcwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9WRzJOSXdCeXpqSFZwSkFa
UGc1SEZVTVJxQ2Mucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBACWhYbIgwSTAXN4kVLQwoNxGbp+z75Casrk5
KqO2QLE/tQwAhjMUsis3rE8dXHj4kn5qWfr8zK4fP2SO5bWM900PSp9cIuE1fa/b
+Px+AmRTibsJusI3EUhGvFKp477vDsNyEOUeXJxzXR1sKXcHIR9Go/K2zV2pfBuU
Qm0IZxIk//fznoHcbJqJUO3mYsqsQsMMY08etG2jNfBKxFDSC9n8q+/YNEndA6RZ
RxvQO4D1Wek+/bEW4sohhBPKIKYyYOxg+JJHL4T4v4un7Dzi8RsDGZIs8OODDEdL
KSldgo7LrZBKDvv5Ia0TPB8Mv9IwlX+pOrbZCh/JyZSr6h/XSzU=
-----END CERTIFICATE-----
Generated at Sun May 18 04:51:59 2025 by rpki-client