Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/hqWSXW0fvNx4UFK2_77uT3KcxdE.roa
File: hqWSXW0fvNx4UFK2_77uT3KcxdE.roa (raw, json)
Hash identifier: WY0kDBQ/1N5POq3/bTw9yFYHpEEnznlP6Wu+rdvpRlw=
Subject key identifier: 86:A5:92:5D:6D:1F:BC:DC:78:50:52:B6:FF:BE:EE:4F:72:9C:C5:D1
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0105
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/hqWSXW0fvNx4UFK2_77uT3KcxdE.roa
Signing time: Thu 08 May 2025 10:37:40 +0000
ROA not before: Thu 08 May 2025 10:37:40 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 261 (0x105)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 8 10:37:40 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=86A5925D6D1FBCDC785052B6FFBEEE4F729CC5D1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:5e:f1:a2:07:89:bc:5d:14:25:98:61:8a:ed:
f2:9a:ca:d4:4f:89:5e:e9:3c:cc:99:dd:a3:18:25:
5c:af:cf:85:32:c4:c2:f5:a2:02:a0:49:df:5d:2f:
a6:0f:30:2a:34:61:3e:d8:e0:a3:c0:38:46:7f:51:
27:f7:07:a5:40:d1:2e:fc:e6:14:30:d0:f7:78:b2:
e3:52:0a:a1:5a:3a:13:08:43:47:21:09:4c:17:8e:
e8:b6:53:ba:26:3e:1f:d9:bd:cc:8d:f4:20:9e:c2:
80:1b:c6:37:63:de:e2:0e:e2:2a:02:ba:d7:51:e6:
76:60:49:1f:27:71:c8:55:13:dd:0f:b5:89:50:0d:
20:91:fc:30:7e:0d:25:c8:74:b0:db:04:3b:b5:84:
a2:16:74:09:4c:e8:64:53:d1:88:6c:bc:d0:40:d0:
1a:a8:25:e0:1c:8d:37:83:99:2a:63:f2:a8:e7:6e:
88:41:d9:08:f3:93:aa:3a:cf:4c:a0:09:f0:79:91:
01:2f:80:e7:00:75:1f:9b:12:d8:92:fd:48:df:68:
bc:fb:de:42:2e:58:63:87:73:c3:bd:3b:d8:d0:22:
23:cd:ee:00:df:c5:9d:5e:d0:87:1b:c2:ad:5e:11:
96:df:5c:95:af:99:37:c8:86:01:f8:38:5c:bc:d9:
61:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:A5:92:5D:6D:1F:BC:DC:78:50:52:B6:FF:BE:EE:4F:72:9C:C5:D1
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/hqWSXW0fvNx4UFK2_77uT3KcxdE.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
39:a7:e2:98:b1:1c:c6:fe:08:50:30:2f:a0:48:1c:4a:df:87:
55:4c:5b:ba:45:66:c7:fe:47:5d:b5:ba:b1:32:5e:81:8e:42:
93:5c:6c:56:07:44:87:df:17:c3:45:c9:07:8d:26:37:78:27:
6a:64:a4:de:de:aa:0b:cf:af:9c:d1:9b:88:74:ac:3a:e7:cb:
18:30:0b:b5:4e:1e:63:bf:95:51:15:ca:9d:ca:aa:53:61:43:
57:de:14:e8:5e:e7:5d:2a:79:e2:8d:28:7a:de:a2:44:8d:c7:
6c:54:39:5e:1f:23:c6:24:ea:9e:24:52:48:e8:5a:f8:ea:20:
f4:5a:ad:fd:e8:6d:ff:e8:3d:80:7c:f4:e4:7a:ea:75:ab:77:
4d:d9:f7:fc:ad:20:85:65:54:e5:eb:a6:79:61:c9:58:1c:a9:
98:24:f1:9c:5c:3f:26:23:12:c4:f1:a0:28:78:33:a8:a7:0e:
bb:11:06:d3:ca:6e:a2:08:de:00:50:fb:e7:b9:47:5f:51:50:
51:a5:39:9a:2b:b1:ca:9d:cd:fb:a4:78:23:a3:25:1b:b3:4c:
db:b1:40:ba:f4:99:f4:fe:f5:7c:b2:bc:c9:5b:46:53:ea:7e:
0b:56:e3:ed:04:a2:69:52:9c:f5:a1:bd:ee:1a:00:42:76:df:
7d:2d:58:48
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICAQUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MDgx
MDM3NDBaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDg2QTU5MjVENkQxRkJD
REM3ODUwNTJCNkZGQkVFRTRGNzI5Q0M1RDEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCuXvGiB4m8XRQlmGGK7fKaytRPiV7pPMyZ3aMYJVyvz4UyxML1
ogKgSd9dL6YPMCo0YT7Y4KPAOEZ/USf3B6VA0S785hQw0Pd4suNSCqFaOhMIQ0ch
CUwXjui2U7omPh/ZvcyN9CCewoAbxjdj3uIO4ioCutdR5nZgSR8ncchVE90PtYlQ
DSCR/DB+DSXIdLDbBDu1hKIWdAlM6GRT0YhsvNBA0BqoJeAcjTeDmSpj8qjnbohB
2Qjzk6o6z0ygCfB5kQEvgOcAdR+bEtiS/UjfaLz73kIuWGOHc8O9O9jQIiPN7gDf
xZ1e0Icbwq1eEZbfXJWvmTfIhgH4OFy82WENAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUhqWSXW0fvNx4UFK2/77uT3KcxdEwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9ocVdTWFcwZnZOeDRVRksy
Xzc3dVQzS2N4ZEUucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBADmn4pixHMb+CFAwL6BIHErfh1VMW7pFZsf+
R121urEyXoGOQpNcbFYHRIffF8NFyQeNJjd4J2pkpN7eqgvPr5zRm4h0rDrnyxgw
C7VOHmO/lVEVyp3KqlNhQ1feFOhe510qeeKNKHreokSNx2xUOV4fI8Yk6p4kUkjo
WvjqIPRarf3obf/oPYB89OR66nWrd03Z9/ytIIVlVOXrpnlhyVgcqZgk8ZxcPyYj
EsTxoCh4M6inDrsRBtPKbqII3gBQ++e5R19RUFGlOZorscqdzfukeCOjJRuzTNux
QLr0mfT+9XyyvMlbRlPqfgtW4+0EomlSnPWhve4aAEJ2330tWEg=
-----END CERTIFICATE-----
Generated at Sun May 18 03:33:16 2025 by rpki-client