Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/hqHAPAhELtMA_sxI8caROWD5KQQ.roa
File: hqHAPAhELtMA_sxI8caROWD5KQQ.roa (raw, json)
Hash identifier: /ftM4dcghRsHtBJVKa1Dc1Pe1uMISfhoZTiwQg5XT7k=
Subject key identifier: 86:A1:C0:3C:08:44:2E:D3:00:FE:CC:48:F1:C6:91:39:60:F9:29:04
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0191
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/hqHAPAhELtMA_sxI8caROWD5KQQ.roa
Signing time: Fri 09 May 2025 04:08:17 +0000
ROA not before: Fri 09 May 2025 04:08:17 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 401 (0x191)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 9 04:08:17 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=86A1C03C08442ED300FECC48F1C6913960F92904
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:53:68:3e:7b:63:50:9b:50:0a:ae:51:5a:27:
0c:2d:3c:1e:4d:81:57:a3:dd:08:5d:2b:a6:6c:6e:
6c:d0:30:f5:43:c5:ba:51:39:b7:38:a0:8f:0f:5e:
2e:34:bb:e8:58:52:99:09:74:aa:0a:39:98:fc:d9:
cf:e4:81:ed:27:37:3c:d1:79:46:c1:78:ac:96:db:
37:2d:a9:ed:e0:3d:fe:d8:75:98:a1:20:6e:4f:8e:
0a:c7:01:71:a6:2f:b2:13:43:dc:a2:2a:b6:9f:ee:
44:98:e9:3b:23:0d:e5:5c:52:54:d7:fb:9e:7b:b1:
71:b1:2f:4f:a5:0c:3d:bf:97:21:df:81:f2:43:5b:
a2:51:b2:e0:b9:e5:f8:c9:22:13:75:76:4e:c9:36:
92:49:5a:de:24:e1:23:f2:0a:23:25:c4:cc:02:cb:
08:06:04:0d:d0:5b:5b:4e:0d:d2:d5:a0:a6:76:4c:
ba:21:04:d1:9f:30:62:16:88:7e:39:ff:f9:44:fe:
66:3c:ff:25:89:90:9c:b3:65:d7:57:d3:27:e2:95:
83:d9:f2:b7:ff:ca:99:fe:41:09:e0:67:16:ea:b5:
10:5f:16:f9:ba:83:8f:c6:0a:8f:24:4e:b6:c7:bd:
7b:9b:ae:9a:9d:a7:e6:90:00:e5:04:6c:0c:46:1a:
ae:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:A1:C0:3C:08:44:2E:D3:00:FE:CC:48:F1:C6:91:39:60:F9:29:04
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/hqHAPAhELtMA_sxI8caROWD5KQQ.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
8b:5b:77:67:09:c6:48:dd:1f:04:5e:be:4d:a4:af:3b:95:28:
0c:87:95:55:11:6b:ec:48:59:18:13:83:77:82:f5:d5:46:97:
87:6c:c3:ab:1b:13:31:a2:ee:51:62:77:17:6a:58:1f:ba:2c:
99:c8:a3:01:47:b2:ab:57:4c:95:4c:e5:c0:40:95:2f:d4:da:
e4:29:77:74:04:0e:eb:ea:fd:6e:10:b0:e6:d9:44:49:d8:a7:
3a:04:27:fd:a9:42:4b:63:1b:25:89:b7:90:5d:5b:45:22:03:
7f:48:28:c1:fa:d0:04:df:c7:23:05:da:b6:ff:ed:44:05:a3:
65:a3:91:c5:47:90:0f:71:18:a2:7c:41:d1:1c:c9:3c:c9:21:
a4:55:19:b7:0a:a9:31:02:3f:ae:d7:86:ae:ba:48:63:00:32:
7a:37:2f:b0:f0:53:61:9a:f7:ad:d1:d9:47:0a:f5:86:80:6c:
4b:58:87:93:fb:6c:f3:0b:00:35:f4:1a:72:23:ac:00:c6:d5:
9a:05:0d:a8:9f:3c:23:f1:1e:d5:0e:99:95:96:25:51:3a:cd:
46:a7:49:06:10:41:4e:10:ab:ad:68:85:15:e0:10:36:3a:b4:
03:94:1a:7b:fb:23:5d:09:90:32:5c:4d:5f:dd:4d:99:fa:b9:
66:9c:be:9a
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICAZEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MDkw
NDA4MTdaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDg2QTFDMDNDMDg0NDJF
RDMwMEZFQ0M0OEYxQzY5MTM5NjBGOTI5MDQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC7U2g+e2NQm1AKrlFaJwwtPB5NgVej3QhdK6ZsbmzQMPVDxbpR
Obc4oI8PXi40u+hYUpkJdKoKOZj82c/kge0nNzzReUbBeKyW2zctqe3gPf7YdZih
IG5PjgrHAXGmL7ITQ9yiKraf7kSY6TsjDeVcUlTX+557sXGxL0+lDD2/lyHfgfJD
W6JRsuC55fjJIhN1dk7JNpJJWt4k4SPyCiMlxMwCywgGBA3QW1tODdLVoKZ2TLoh
BNGfMGIWiH45//lE/mY8/yWJkJyzZddX0yfilYPZ8rf/ypn+QQngZxbqtRBfFvm6
g4/GCo8kTrbHvXubrpqdp+aQAOUEbAxGGq6tAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUhqHAPAhELtMA/sxI8caROWD5KQQwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9ocUhBUEFoRUx0TUFfc3hJ
OGNhUk9XRDVLUVEucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBAItbd2cJxkjdHwRevk2krzuVKAyHlVURa+xI
WRgTg3eC9dVGl4dsw6sbEzGi7lFidxdqWB+6LJnIowFHsqtXTJVM5cBAlS/U2uQp
d3QEDuvq/W4QsObZREnYpzoEJ/2pQktjGyWJt5BdW0UiA39IKMH60ATfxyMF2rb/
7UQFo2WjkcVHkA9xGKJ8QdEcyTzJIaRVGbcKqTECP67Xhq66SGMAMno3L7DwU2Ga
963R2UcK9YaAbEtYh5P7bPMLADX0GnIjrADG1ZoFDaifPCPxHtUOmZWWJVE6zUan
SQYQQU4Qq61ohRXgEDY6tAOUGnv7I10JkDJcTV/dTZn6uWacvpo=
-----END CERTIFICATE-----
Generated at Sat May 17 23:33:14 2025 by rpki-client