Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/efAoNxoQuGrq-RtXJe1XP5CA8g8.roa
File: efAoNxoQuGrq-RtXJe1XP5CA8g8.roa (raw, json)
Hash identifier: BU8LFDGuQPs0Cyg6dwpTjD+Ab7R2/PpzMd1xnBTQsQg=
Subject key identifier: 79:F0:28:37:1A:10:B8:6A:EA:F9:1B:57:25:ED:57:3F:90:80:F2:0F
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 01E9
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/efAoNxoQuGrq-RtXJe1XP5CA8g8.roa
Signing time: Fri 09 May 2025 15:08:15 +0000
ROA not before: Fri 09 May 2025 15:08:15 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 489 (0x1e9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 9 15:08:15 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=79F028371A10B86AEAF91B5725ED573F9080F20F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:9b:a4:6b:3a:9c:d9:48:cb:5d:a1:d7:be:db:
74:e3:b9:6b:00:7f:83:20:35:84:e5:14:31:a4:07:
23:d2:eb:49:ac:63:2c:9c:e7:d9:aa:24:82:65:a2:
db:41:7f:bd:c5:f1:67:c4:7a:91:b6:b6:4a:43:2e:
1d:ea:72:f9:e8:eb:cc:25:f1:87:03:c6:59:bf:4a:
f3:45:c0:1f:bb:a8:2e:42:ea:9f:02:20:46:00:a8:
63:5e:a1:c0:e4:6d:3b:23:92:11:02:f2:b0:5f:0e:
c0:a8:e1:98:ca:99:cc:c4:d9:65:25:8c:c7:e9:9d:
3a:fb:ca:a7:f4:db:ab:46:10:57:f6:44:78:b0:fc:
be:c5:0c:27:18:26:0d:23:f2:29:ae:e1:c0:dd:2d:
26:69:56:ac:36:70:ba:b9:aa:c7:b7:8c:50:ac:3d:
5d:83:6c:8b:c1:53:d2:ae:57:c3:02:55:c7:7f:9b:
2b:43:92:47:69:96:8c:b3:09:c5:79:d5:07:53:7f:
53:4e:5b:83:49:1b:c2:e1:f7:96:ee:74:90:b2:d7:
df:6c:7e:26:68:29:1f:bf:23:6c:64:d5:96:dc:48:
00:c2:a9:47:fe:64:00:37:d6:62:ae:ed:1c:4a:90:
a8:67:70:9b:fe:1d:4d:8b:5e:d7:3d:85:c6:64:b4:
74:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:F0:28:37:1A:10:B8:6A:EA:F9:1B:57:25:ED:57:3F:90:80:F2:0F
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/efAoNxoQuGrq-RtXJe1XP5CA8g8.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
87:01:20:b7:b3:6b:dd:65:47:fb:ea:2d:d9:f5:f4:48:a3:9b:
a5:76:41:ee:e2:14:fc:c7:b1:a5:c5:2a:75:eb:54:87:e1:61:
5b:a5:b9:b5:23:c0:05:4e:79:5d:1c:fd:dd:7f:e9:bb:36:14:
1a:90:7c:9d:30:75:f9:55:66:31:99:95:6c:77:2c:b6:4b:ce:
5e:eb:a4:9e:c9:42:ae:47:22:ad:b7:b6:16:26:28:3b:00:c6:
3d:da:5f:e9:5a:75:12:6e:c5:6e:6c:6c:94:5c:cf:25:b8:8e:
e0:4f:fb:90:7e:fb:11:1a:cb:91:a8:10:a2:1d:0e:4e:1a:af:
bb:c7:3c:c5:bb:a3:93:87:6e:74:e0:31:1b:c1:2d:6d:f6:5e:
c6:f6:26:a0:00:b5:11:cf:8b:d4:e4:bd:3b:cb:ba:d3:ac:5a:
b1:61:c9:86:1f:78:93:b9:7e:e9:5c:b2:fe:78:99:8a:38:a0:
d7:9a:18:73:f0:88:4c:20:a4:84:d1:19:c0:d8:44:cf:8f:af:
10:9a:bd:29:58:9d:5f:16:65:a3:95:a5:58:da:26:d3:30:84:
da:d6:ba:c8:42:9d:ac:52:40:65:52:51:6a:12:0a:7f:4b:e6:
1b:22:38:54:fa:3d:07:be:9b:e7:40:75:72:32:1a:52:91:98:
41:11:f2:65
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICAekwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MDkx
NTA4MTVaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDc5RjAyODM3MUExMEI4
NkFFQUY5MUI1NzI1RUQ1NzNGOTA4MEYyMEYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCem6RrOpzZSMtdode+23TjuWsAf4MgNYTlFDGkByPS60msYyyc
59mqJIJlottBf73F8WfEepG2tkpDLh3qcvno68wl8YcDxlm/SvNFwB+7qC5C6p8C
IEYAqGNeocDkbTsjkhEC8rBfDsCo4ZjKmczE2WUljMfpnTr7yqf026tGEFf2RHiw
/L7FDCcYJg0j8imu4cDdLSZpVqw2cLq5qse3jFCsPV2DbIvBU9KuV8MCVcd/mytD
kkdployzCcV51QdTf1NOW4NJG8Lh95budJCy199sfiZoKR+/I2xk1ZbcSADCqUf+
ZAA31mKu7RxKkKhncJv+HU2LXtc9hcZktHT9AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUefAoNxoQuGrq+RtXJe1XP5CA8g8wHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9lZkFvTnhvUXVHcnEtUnRY
SmUxWFA1Q0E4Zzgucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBAIcBILeza91lR/vqLdn19Eijm6V2Qe7iFPzH
saXFKnXrVIfhYVulubUjwAVOeV0c/d1/6bs2FBqQfJ0wdflVZjGZlWx3LLZLzl7r
pJ7JQq5HIq23thYmKDsAxj3aX+ladRJuxW5sbJRczyW4juBP+5B++xEay5GoEKId
Dk4ar7vHPMW7o5OHbnTgMRvBLW32Xsb2JqAAtRHPi9TkvTvLutOsWrFhyYYfeJO5
fulcsv54mYo4oNeaGHPwiEwgpITRGcDYRM+PrxCavSlYnV8WZaOVpVjaJtMwhNrW
ushCnaxSQGVSUWoSCn9L5hsiOFT6PQe+m+dAdXIyGlKRmEER8mU=
-----END CERTIFICATE-----
Generated at Sun May 18 03:37:09 2025 by rpki-client