Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/_Ij7PS5sJISV9yHTuPnAKkvfndk.roa
File: _Ij7PS5sJISV9yHTuPnAKkvfndk.roa (raw, json)
Hash identifier: 3K2ShmeTseo4j4A3SjNMXtcUQIhC2lIKBDIyrwNxdvc=
Subject key identifier: FC:88:FB:3D:2E:6C:24:84:95:F7:21:D3:B8:F9:C0:2A:4B:DF:9D:D9
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 01B1
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/_Ij7PS5sJISV9yHTuPnAKkvfndk.roa
Signing time: Fri 09 May 2025 08:07:47 +0000
ROA not before: Fri 09 May 2025 08:07:47 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 433 (0x1b1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 9 08:07:47 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=FC88FB3D2E6C248495F721D3B8F9C02A4BDF9DD9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:6a:f9:93:92:f9:ab:e7:f7:9e:3c:c9:28:6d:
29:72:64:e7:24:42:04:10:a2:da:60:79:9b:62:5e:
6b:d5:12:60:28:ef:d7:5b:f0:f3:11:72:29:ad:f1:
fa:a3:6f:2b:3d:62:f5:f1:43:17:df:9c:8d:1f:3b:
43:1f:fb:77:01:73:2c:c2:cd:2e:8c:dd:17:52:33:
41:ad:06:97:f6:ca:8b:1c:04:4b:f9:32:c3:2a:3e:
6b:6f:8b:32:d4:1e:6b:a8:46:d9:fa:66:44:93:eb:
4e:04:7a:81:5a:a6:c5:fb:8a:20:7b:62:27:6f:e1:
67:d0:3c:df:f2:3a:b6:83:eb:a4:12:c8:df:25:68:
cc:44:92:5b:46:80:d4:52:98:0d:2f:5a:12:f3:ab:
56:67:d3:5e:e4:4d:ff:7d:5a:39:20:3f:dc:20:d0:
7f:6d:af:ef:8d:0a:a7:03:5e:71:2d:aa:32:1f:2a:
fd:f0:05:25:ae:95:55:91:35:eb:5b:a3:d9:86:18:
56:7e:bb:8e:a0:0f:b0:21:eb:14:12:f6:ab:e7:ea:
6e:04:5b:db:f9:59:8e:cf:8e:8d:e3:78:83:8e:44:
a4:ae:c1:bd:f8:38:8d:f2:02:c2:a7:bb:e3:0f:cc:
e9:5f:fe:a1:3c:78:f0:3e:61:62:d1:63:c3:ee:48:
cb:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:88:FB:3D:2E:6C:24:84:95:F7:21:D3:B8:F9:C0:2A:4B:DF:9D:D9
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/_Ij7PS5sJISV9yHTuPnAKkvfndk.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
16:03:58:24:1c:b1:b3:9a:3e:8c:5d:0d:32:a3:71:6b:c8:b6:
4b:a5:a5:50:09:4e:42:18:0b:72:c9:57:d2:2d:1c:2b:34:a0:
70:39:59:e1:66:25:2a:45:30:79:cd:a6:22:eb:16:5d:f2:4a:
20:d5:d7:63:35:1c:0c:fd:2b:ca:aa:d8:d5:0f:e1:8d:f3:d0:
7d:7d:98:50:d3:56:7e:dc:44:e4:62:bd:97:a3:cc:25:bb:a7:
47:b1:92:66:37:1e:d8:1e:5b:5a:2a:0d:10:12:c3:d1:21:6c:
59:16:6b:1d:c3:e8:b4:9c:b4:d5:48:50:97:ea:80:c5:2c:13:
73:71:6a:5a:c5:d4:4b:49:16:93:82:c4:7f:a1:ba:eb:e8:9e:
6d:b4:63:52:79:65:96:03:72:3e:bd:59:0d:e6:45:cc:af:8c:
6e:aa:b5:1b:ca:aa:1c:f8:e1:e5:e0:30:c9:6c:b1:14:04:e6:
34:cd:94:67:fc:50:25:f4:e5:17:d3:d5:c0:ed:c4:93:6a:0a:
ec:46:7b:d1:6a:d7:bf:9e:8b:d6:ea:66:6f:78:5a:29:07:86:
fe:50:64:11:70:07:fe:75:09:4a:9e:ee:5d:56:25:f3:6c:4b:
58:01:13:8f:34:4d:93:aa:39:77:70:47:f6:4e:ae:e9:97:2f:
8d:0b:e6:34
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICAbEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MDkw
ODA3NDdaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEZDODhGQjNEMkU2QzI0
ODQ5NUY3MjFEM0I4RjlDMDJBNEJERjlERDkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDHavmTkvmr5/eePMkobSlyZOckQgQQotpgeZtiXmvVEmAo79db
8PMRcimt8fqjbys9YvXxQxffnI0fO0Mf+3cBcyzCzS6M3RdSM0GtBpf2yoscBEv5
MsMqPmtvizLUHmuoRtn6ZkST604EeoFapsX7iiB7Yidv4WfQPN/yOraD66QSyN8l
aMxEkltGgNRSmA0vWhLzq1Zn017kTf99WjkgP9wg0H9tr++NCqcDXnEtqjIfKv3w
BSWulVWRNetbo9mGGFZ+u46gD7Ah6xQS9qvn6m4EW9v5WY7Pjo3jeIOORKSuwb34
OI3yAsKnu+MPzOlf/qE8ePA+YWLRY8PuSMvRAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQU/Ij7PS5sJISV9yHTuPnAKkvfndkwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9fSWo3UFM1c0pJU1Y5eUhU
dVBuQUtrdmZuZGsucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBABYDWCQcsbOaPoxdDTKjcWvItkulpVAJTkIY
C3LJV9ItHCs0oHA5WeFmJSpFMHnNpiLrFl3ySiDV12M1HAz9K8qq2NUP4Y3z0H19
mFDTVn7cRORivZejzCW7p0exkmY3HtgeW1oqDRASw9EhbFkWax3D6LSctNVIUJfq
gMUsE3NxalrF1EtJFpOCxH+huuvonm20Y1J5ZZYDcj69WQ3mRcyvjG6qtRvKqhz4
4eXgMMlssRQE5jTNlGf8UCX05RfT1cDtxJNqCuxGe9Fq17+ei9bqZm94WikHhv5Q
ZBFwB/51CUqe7l1WJfNsS1gBE480TZOqOXdwR/ZOrumXL40L5jQ=
-----END CERTIFICATE-----
Generated at Sun May 18 00:51:28 2025 by rpki-client