Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/_lMYw4Mh6oXWkubTclPh5TcHing.roa
File: _lMYw4Mh6oXWkubTclPh5TcHing.roa (raw, json)
Hash identifier: mBAPf/Op+EBNRIfOJXeDCyf+gmArWzMbgPWwTP5p9AA=
Subject key identifier: FE:53:18:C3:83:21:EA:85:D6:92:E6:D3:72:53:E1:E5:37:07:8A:78
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0371
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/_lMYw4Mh6oXWkubTclPh5TcHing.roa
Signing time: Sun 11 May 2025 16:07:53 +0000
ROA not before: Sun 11 May 2025 16:07:53 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 881 (0x371)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 11 16:07:53 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=FE5318C38321EA85D692E6D37253E1E537078A78
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:06:31:c2:e9:0f:36:55:8c:cb:20:3f:e4:29:
cc:50:30:f5:04:5b:31:ed:ec:f8:56:f4:47:95:5c:
fc:52:50:19:99:5a:06:d9:16:55:69:3d:f6:08:32:
82:4c:94:38:11:1b:cc:c0:72:37:0f:2f:95:6b:c6:
63:12:61:4b:e5:6c:23:50:0a:25:d6:9e:67:d8:e2:
92:98:70:1d:a4:49:76:8d:be:45:22:90:d6:b0:67:
77:b2:8c:aa:26:32:05:38:d9:5d:71:ea:1e:ea:c6:
10:28:1b:9c:a9:03:d5:96:24:5e:9a:f6:27:3c:3e:
db:1f:64:da:d9:59:91:cd:64:20:73:93:f9:fc:4d:
5e:62:f0:dd:41:7a:59:79:aa:af:17:40:b5:13:12:
d3:2f:1d:f5:d1:88:e8:47:eb:f0:2e:4d:73:79:30:
8f:bf:53:48:2f:ba:80:61:f8:da:15:46:8c:44:04:
df:bf:3e:41:48:c8:42:1c:1c:49:81:53:bd:23:4c:
8e:25:08:9d:49:55:41:ac:b4:97:ac:96:07:fd:03:
3e:70:2d:88:ad:6b:3b:96:1f:bc:87:05:f7:07:5b:
05:c2:40:2e:ee:64:63:0a:4e:e6:5b:03:e5:37:da:
f9:7c:8c:bb:df:31:5c:f4:5c:b6:f0:44:32:8d:2a:
dc:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:53:18:C3:83:21:EA:85:D6:92:E6:D3:72:53:E1:E5:37:07:8A:78
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/_lMYw4Mh6oXWkubTclPh5TcHing.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
00:bb:3a:b8:66:30:0e:e8:eb:c8:e3:c5:fa:1f:5c:d9:53:6b:
03:9c:b4:b6:14:1f:bb:1b:2d:2c:cf:2f:8e:06:26:3b:7a:67:
d6:50:d3:66:a4:ec:56:02:0a:50:39:fa:cc:66:a9:41:67:0c:
53:7d:b6:d3:cf:0c:ac:f4:7a:53:8f:8f:f2:7f:9e:ad:d7:70:
ee:b2:cb:57:b9:89:c6:0d:6d:0b:12:a9:c5:88:66:bf:69:e6:
38:f7:80:c4:9e:b2:cf:7a:95:c7:8e:73:d0:cd:33:2d:b5:dd:
23:45:78:61:4d:7a:27:76:c5:52:e1:0f:41:44:c5:4b:fd:e0:
ec:13:9c:8f:fd:09:d2:7c:e8:bd:fa:80:19:a2:f4:71:ae:cb:
54:04:cd:02:50:20:3f:05:82:f1:ae:69:bf:cd:fe:92:ad:f7:
87:6b:4e:e8:01:91:4f:20:1a:21:22:52:86:25:9b:35:64:8d:
07:69:f1:50:c1:fb:d8:47:32:be:50:24:34:be:58:8a:4e:6a:
80:8f:03:04:53:c3:96:6d:42:f1:e1:60:2f:3d:87:a2:a1:e8:
a2:1a:cb:27:bd:19:f1:bd:13:5d:ee:3a:10:2e:dd:2e:f6:c0:
a9:48:5b:26:2e:18:71:c9:27:8f:8f:50:ad:2c:1f:30:54:00:
8c:c2:21:4d
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICA3EwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTEx
NjA3NTNaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEZFNTMxOEMzODMyMUVB
ODVENjkyRTZEMzcyNTNFMUU1MzcwNzhBNzgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDYBjHC6Q82VYzLID/kKcxQMPUEWzHt7PhW9EeVXPxSUBmZWgbZ
FlVpPfYIMoJMlDgRG8zAcjcPL5VrxmMSYUvlbCNQCiXWnmfY4pKYcB2kSXaNvkUi
kNawZ3eyjKomMgU42V1x6h7qxhAoG5ypA9WWJF6a9ic8PtsfZNrZWZHNZCBzk/n8
TV5i8N1Bell5qq8XQLUTEtMvHfXRiOhH6/AuTXN5MI+/U0gvuoBh+NoVRoxEBN+/
PkFIyEIcHEmBU70jTI4lCJ1JVUGstJeslgf9Az5wLYitazuWH7yHBfcHWwXCQC7u
ZGMKTuZbA+U32vl8jLvfMVz0XLbwRDKNKty1AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQU/lMYw4Mh6oXWkubTclPh5TcHingwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9fbE1ZdzRNaDZvWFdrdWJU
Y2xQaDVUY0hpbmcucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBAAC7OrhmMA7o68jjxfofXNlTawOctLYUH7sb
LSzPL44GJjt6Z9ZQ02ak7FYCClA5+sxmqUFnDFN9ttPPDKz0elOPj/J/nq3XcO6y
y1e5icYNbQsSqcWIZr9p5jj3gMSess96lceOc9DNMy213SNFeGFNeid2xVLhD0FE
xUv94OwTnI/9CdJ86L36gBmi9HGuy1QEzQJQID8FgvGuab/N/pKt94drTugBkU8g
GiEiUoYlmzVkjQdp8VDB+9hHMr5QJDS+WIpOaoCPAwRTw5ZtQvHhYC89h6Kh6KIa
yye9GfG9E13uOhAu3S72wKlIWyYuGHHJJ4+PUK0sHzBUAIzCIU0=
-----END CERTIFICATE-----
Generated at Sun May 18 02:01:50 2025 by rpki-client