Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/_W9YlUTUNhoLTBzMt6K51dcWzWc.roa
File: _W9YlUTUNhoLTBzMt6K51dcWzWc.roa (raw, json)
Hash identifier: sTBmregEiPFCkuvYpnz5E+VcjfQkhcayLh2XZfD9Aw8=
Subject key identifier: FD:6F:58:95:44:D4:36:1A:0B:4C:1C:CC:B7:A2:B9:D5:D7:16:CD:67
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 02D9
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/_W9YlUTUNhoLTBzMt6K51dcWzWc.roa
Signing time: Sat 10 May 2025 21:07:50 +0000
ROA not before: Sat 10 May 2025 21:07:50 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 729 (0x2d9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 10 21:07:50 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=FD6F589544D4361A0B4C1CCCB7A2B9D5D716CD67
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:e6:2b:65:c0:96:83:5d:51:d5:55:79:7a:b2:
2c:13:12:e5:ee:9f:ee:55:6b:43:d0:62:37:24:6e:
fa:19:58:65:78:fa:dc:54:da:07:43:a8:45:fc:7f:
a1:4e:68:90:25:13:01:e4:9c:6b:5c:b2:fb:47:b1:
11:4f:1d:9f:e5:c3:89:83:6e:cc:29:46:f5:09:3f:
48:c6:4e:ee:32:67:8d:e0:fa:e6:53:c0:ec:71:78:
90:d8:dc:4f:18:fa:29:f9:c3:b8:b4:a5:a7:77:05:
99:4a:aa:80:5e:4e:0e:70:85:b7:f6:fe:b2:75:3f:
6e:cc:cd:38:fa:24:ec:00:cf:e4:00:a2:87:98:65:
bf:60:23:94:d8:59:85:e6:9e:95:63:95:e9:5d:d5:
31:92:5f:14:43:bb:b7:08:82:5e:8b:1d:b5:12:f0:
83:ff:44:fd:61:b0:fb:6a:a4:4e:84:57:82:f3:3b:
1c:9d:eb:96:ab:55:a0:32:87:30:3c:aa:07:1f:55:
84:54:a9:e6:d8:4b:4b:16:a2:03:2e:0d:f6:1a:9d:
48:b2:4e:3c:31:be:3b:b9:8e:ee:3d:30:e3:33:fa:
56:ad:ec:80:24:9e:35:ad:fa:e9:86:9a:f7:ee:bd:
68:e8:c0:5f:67:95:3d:3c:4d:d6:a2:30:b8:45:c0:
4f:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:6F:58:95:44:D4:36:1A:0B:4C:1C:CC:B7:A2:B9:D5:D7:16:CD:67
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/_W9YlUTUNhoLTBzMt6K51dcWzWc.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
96:8b:e2:51:ef:95:2b:0e:7d:13:9d:7f:f7:9f:e4:ba:eb:47:
95:70:f5:f8:39:e3:04:fa:d6:8b:9d:73:19:16:e2:d7:a5:03:
1b:b0:74:de:5c:a9:88:56:bf:6c:43:9d:ec:dd:c8:27:a7:84:
bb:36:1f:4f:31:05:88:91:7d:a4:aa:03:67:6d:73:3f:4d:4c:
44:34:36:7c:98:00:1e:41:b0:83:73:48:d7:f5:6c:05:8c:45:
f3:7d:ba:cf:a8:96:ee:91:fb:6c:cb:ea:41:31:58:bf:6b:2b:
08:cb:e2:4b:8a:88:1d:b6:b6:29:5f:81:f4:5a:3a:b7:5c:7e:
39:62:e2:f9:13:d2:c3:f2:42:c7:6a:63:31:72:b0:e9:0a:67:
75:7c:2e:6a:b7:53:e7:70:eb:fc:4b:96:2a:1d:3a:44:4c:11:
00:db:fb:92:06:0d:89:9a:3e:ef:a8:08:f8:33:47:24:9d:6d:
5f:66:64:fd:e0:44:ce:f3:44:0b:d2:2c:74:37:fc:58:16:4c:
b0:57:23:be:1a:b8:56:dd:82:bd:8c:60:94:76:2a:f0:dc:f8:
53:23:38:af:27:a5:1e:17:5e:61:45:67:65:8c:8f:c4:f7:44:
80:21:09:5b:a6:47:8c:c7:5f:eb:34:f0:80:df:77:df:7d:73:
9c:05:c5:98
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICAtkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTAy
MTA3NTBaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEZENkY1ODk1NDRENDM2
MUEwQjRDMUNDQ0I3QTJCOUQ1RDcxNkNENjcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDP5itlwJaDXVHVVXl6siwTEuXun+5Va0PQYjckbvoZWGV4+txU
2gdDqEX8f6FOaJAlEwHknGtcsvtHsRFPHZ/lw4mDbswpRvUJP0jGTu4yZ43g+uZT
wOxxeJDY3E8Y+in5w7i0pad3BZlKqoBeTg5whbf2/rJ1P27MzTj6JOwAz+QAooeY
Zb9gI5TYWYXmnpVjleld1TGSXxRDu7cIgl6LHbUS8IP/RP1hsPtqpE6EV4LzOxyd
65arVaAyhzA8qgcfVYRUqebYS0sWogMuDfYanUiyTjwxvju5ju49MOMz+lat7IAk
njWt+umGmvfuvWjowF9nlT08TdaiMLhFwE8bAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQU/W9YlUTUNhoLTBzMt6K51dcWzWcwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9fVzlZbFVUVU5ob0xUQnpN
dDZLNTFkY1d6V2Mucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBAJaL4lHvlSsOfROdf/ef5LrrR5Vw9fg54wT6
1oudcxkW4telAxuwdN5cqYhWv2xDnezdyCenhLs2H08xBYiRfaSqA2dtcz9NTEQ0
NnyYAB5BsINzSNf1bAWMRfN9us+olu6R+2zL6kExWL9rKwjL4kuKiB22tilfgfRa
Ordcfjli4vkT0sPyQsdqYzFysOkKZ3V8Lmq3U+dw6/xLliodOkRMEQDb+5IGDYma
Pu+oCPgzRySdbV9mZP3gRM7zRAvSLHQ3/FgWTLBXI74auFbdgr2MYJR2KvDc+FMj
OK8npR4XXmFFZ2WMj8T3RIAhCVumR4zHX+s08IDfd999c5wFxZg=
-----END CERTIFICATE-----
Generated at Sat May 17 19:51:01 2025 by rpki-client