Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/gmyyHDXmNw6dZgV77MrzgQTkuoo.roa
File: gmyyHDXmNw6dZgV77MrzgQTkuoo.roa (raw, json)
Hash identifier: 4Ol7gl1CkYFPcVzA13ZAPyDLFTr7D4/bhebRT4JYqGY=
Subject key identifier: 82:6C:B2:1C:35:E6:37:0E:9D:66:05:7B:EC:CA:F3:81:04:E4:BA:8A
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 034D
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/gmyyHDXmNw6dZgV77MrzgQTkuoo.roa
Signing time: Sun 11 May 2025 11:37:53 +0000
ROA not before: Sun 11 May 2025 11:37:53 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 845 (0x34d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 11 11:37:53 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=826CB21C35E6370E9D66057BECCAF38104E4BA8A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:5a:73:9b:1a:2b:22:f5:71:2d:da:d3:0d:22:
55:6f:e1:42:84:af:58:45:39:c4:df:37:2c:c8:37:
90:1d:b2:23:4d:e6:a9:69:1e:cb:21:76:18:e6:d0:
b1:95:8d:15:8a:2a:aa:ed:1e:7e:7d:1d:34:6e:7f:
2e:7d:e5:de:fb:da:17:6f:cf:69:06:48:db:de:e7:
68:06:3a:b1:44:be:e0:6f:c9:09:42:30:d3:4c:00:
9d:ac:23:5a:a0:f6:ef:08:db:9c:d7:5c:48:f6:03:
c3:52:b0:f6:e2:88:a2:bc:0b:78:a4:c3:b9:b0:04:
ec:4d:b2:c7:85:4e:73:0d:c6:9e:c4:bd:05:7f:b3:
f3:3a:ea:83:77:5c:62:53:fa:17:d8:d2:c6:f1:07:
19:13:6a:1f:15:a1:dc:c7:23:aa:5d:68:e6:2b:43:
66:35:91:0e:36:8f:ea:fc:9e:db:6e:1b:17:81:75:
c9:f1:6d:08:26:30:e3:22:81:75:a1:a0:d6:b0:6c:
40:62:6d:bd:e8:a4:68:51:f5:21:cf:f7:ad:d2:1e:
58:e8:3f:c6:3d:d7:66:63:9a:52:ca:08:14:b8:f6:
2f:b6:c2:30:72:70:6e:4b:75:b9:ea:fe:2e:d2:ac:
6c:64:4e:95:9e:31:d8:1c:79:56:e4:81:ed:40:cd:
ab:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:6C:B2:1C:35:E6:37:0E:9D:66:05:7B:EC:CA:F3:81:04:E4:BA:8A
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/gmyyHDXmNw6dZgV77MrzgQTkuoo.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
66:1e:f0:70:53:ed:7a:3a:e0:9f:aa:46:d6:5f:90:0f:65:7a:
85:f3:19:fc:51:86:d5:79:3f:fd:be:79:4b:d6:3b:1c:a7:f2:
44:40:22:31:d4:c3:d9:8d:6e:7a:ac:5f:a6:69:28:e4:90:69:
08:99:a2:6e:5c:37:9a:51:b1:fd:05:ce:ef:26:d2:07:6c:ef:
f3:b3:95:c4:17:21:98:d9:ce:02:b4:f1:91:50:48:04:78:ee:
d4:91:c2:95:ca:24:55:25:32:cd:85:f2:51:c9:ed:91:e3:49:
5a:46:21:b4:ac:ad:7e:92:f5:22:de:4f:91:72:74:1b:6d:f8:
d9:82:de:56:a3:0f:e5:2a:27:7d:a2:36:3f:38:f5:72:c1:ad:
15:44:e9:a1:9c:d4:22:af:1c:c5:d5:7a:fa:0a:10:12:12:c2:
d8:1d:3a:fa:4a:01:49:6c:8a:55:26:39:82:d1:c9:54:ba:b4:
75:ff:4d:67:a2:fd:28:1f:ff:11:3b:83:35:a2:06:6b:dc:b6:
87:71:f9:78:80:3a:8d:94:90:24:96:fd:ea:c7:00:0d:fb:a0:
cf:f1:cd:48:8b:fe:07:61:16:d3:45:49:36:61:14:c6:59:66:
63:e5:db:c9:d9:b9:cc:af:a2:bc:2d:81:ca:f8:50:56:0a:1d:
9d:f3:e6:d1
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICA00wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTEx
MTM3NTNaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDgyNkNCMjFDMzVFNjM3
MEU5RDY2MDU3QkVDQ0FGMzgxMDRFNEJBOEEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDyWnObGisi9XEt2tMNIlVv4UKEr1hFOcTfNyzIN5AdsiNN5qlp
Hsshdhjm0LGVjRWKKqrtHn59HTRufy595d772hdvz2kGSNve52gGOrFEvuBvyQlC
MNNMAJ2sI1qg9u8I25zXXEj2A8NSsPbiiKK8C3ikw7mwBOxNsseFTnMNxp7EvQV/
s/M66oN3XGJT+hfY0sbxBxkTah8VodzHI6pdaOYrQ2Y1kQ42j+r8nttuGxeBdcnx
bQgmMOMigXWhoNawbEBibb3opGhR9SHP963SHljoP8Y912ZjmlLKCBS49i+2wjBy
cG5Ldbnq/i7SrGxkTpWeMdgceVbkge1AzavdAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUgmyyHDXmNw6dZgV77MrzgQTkuoowHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9nbXl5SERYbU53NmRaZ1Y3
N01yemdRVGt1b28ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBAGYe8HBT7Xo64J+qRtZfkA9leoXzGfxRhtV5
P/2+eUvWOxyn8kRAIjHUw9mNbnqsX6ZpKOSQaQiZom5cN5pRsf0Fzu8m0gds7/Oz
lcQXIZjZzgK08ZFQSAR47tSRwpXKJFUlMs2F8lHJ7ZHjSVpGIbSsrX6S9SLeT5Fy
dBtt+NmC3lajD+UqJ32iNj849XLBrRVE6aGc1CKvHMXVevoKEBISwtgdOvpKAUls
ilUmOYLRyVS6tHX/TWei/Sgf/xE7gzWiBmvctodx+XiAOo2UkCSW/erHAA37oM/x
zUiL/gdhFtNFSTZhFMZZZmPl28nZucyvorwtgcr4UFYKHZ3z5tE=
-----END CERTIFICATE-----
Generated at Sat May 17 21:29:16 2025 by rpki-client