Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/iEdw8vTmDJ4l1zYoRiPnHdZgNRs.roa
File: iEdw8vTmDJ4l1zYoRiPnHdZgNRs.roa (raw, json)
Hash identifier: z8cKNZvaIhEBqVyfNV02c+PPGOtZi9n/xw9UgRtLApg=
Subject key identifier: 88:47:70:F2:F4:E6:0C:9E:25:D7:36:28:46:23:E7:1D:D6:60:35:1B
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 03A1
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/iEdw8vTmDJ4l1zYoRiPnHdZgNRs.roa
Signing time: Sun 11 May 2025 22:07:57 +0000
ROA not before: Sun 11 May 2025 22:07:57 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 929 (0x3a1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 11 22:07:57 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=884770F2F4E60C9E25D736284623E71DD660351B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:1e:e0:d4:2f:03:9f:af:3c:35:ec:1a:be:48:
db:45:1f:fd:0e:44:b6:11:55:20:75:4d:16:10:4c:
c3:a0:6e:12:7a:01:ee:d2:98:9f:30:3a:6c:4c:e1:
11:51:1b:13:8c:b7:43:5c:6a:94:3f:b4:a8:12:06:
a1:34:5e:35:5c:87:e8:5b:a1:31:94:cd:41:2a:44:
5f:7e:26:17:8a:1f:46:c0:a8:2d:c4:b0:13:c9:ae:
fa:76:0a:24:41:fa:29:5a:bb:b2:b7:81:96:16:bc:
20:d2:4a:fd:28:ca:3e:aa:16:d5:c3:fe:88:e6:e4:
11:38:0b:49:18:ce:6b:5e:8a:e9:ba:6a:1f:7a:6e:
be:9a:19:be:74:a8:29:4e:32:ab:a2:27:db:8f:78:
d5:0f:23:e1:6f:75:dd:2f:f0:bb:6f:9e:bc:99:26:
e7:82:0b:0a:a2:fd:0c:0d:5f:79:3f:c0:c4:86:8f:
fa:87:b7:a5:fc:4b:08:fe:fd:05:69:0a:3b:54:09:
2f:f5:bc:87:46:78:de:2b:28:e0:ae:5c:1a:44:16:
97:f3:14:e1:9f:5c:e6:17:61:e2:e4:30:14:89:ef:
7c:98:1f:f3:82:74:78:d1:35:51:cc:44:13:ba:7f:
33:b9:31:d4:fc:3e:b1:5b:24:a0:ee:02:e2:e4:5d:
54:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:47:70:F2:F4:E6:0C:9E:25:D7:36:28:46:23:E7:1D:D6:60:35:1B
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/iEdw8vTmDJ4l1zYoRiPnHdZgNRs.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
2c:60:dc:ce:4e:70:a2:d2:8b:4c:89:d6:7e:9a:c0:c2:13:bf:
cc:34:3e:46:e3:a6:c2:97:6b:d2:61:0b:1f:61:9f:ce:da:c2:
88:d9:70:81:22:55:4b:7e:ac:09:c1:ee:47:af:1e:37:e5:aa:
a4:7c:05:5b:12:35:1b:be:c0:c4:94:95:66:fe:77:75:b1:7c:
02:81:01:8c:36:5b:86:65:5d:e8:bb:6b:3d:f9:63:29:bd:30:
8d:54:d1:2a:f4:6b:e0:cb:be:fe:95:ca:ec:6c:5f:0c:b4:d7:
91:43:c1:d7:96:8c:5b:cd:5f:93:e5:6f:a4:91:fd:b1:16:fa:
0e:7f:8a:bb:8d:97:ae:5a:46:1c:2c:cc:c4:1b:66:4a:70:2d:
eb:9d:01:55:30:28:86:de:b9:4b:e1:9e:dc:0e:6c:e1:6a:20:
cf:db:9b:ae:73:55:a4:0f:93:4d:c8:1f:f4:7c:5e:42:1c:61:
a7:dc:41:61:c5:4a:5f:bc:89:9c:83:6e:4b:95:5a:3e:84:3f:
e5:41:8a:a4:f1:98:c3:7f:42:fa:ab:04:ea:5a:94:94:d4:e9:
c3:d6:1f:9d:83:5e:cc:db:7b:a1:72:71:a6:f9:4d:e2:12:25:
f1:71:6a:9c:56:82:f5:26:4a:bc:e7:64:c1:07:e1:fc:53:24:
08:20:5a:09
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICA6EwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTEy
MjA3NTdaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDg4NDc3MEYyRjRFNjBD
OUUyNUQ3MzYyODQ2MjNFNzFERDY2MDM1MUIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCzHuDULwOfrzw17Bq+SNtFH/0ORLYRVSB1TRYQTMOgbhJ6Ae7S
mJ8wOmxM4RFRGxOMt0NcapQ/tKgSBqE0XjVch+hboTGUzUEqRF9+JheKH0bAqC3E
sBPJrvp2CiRB+ilau7K3gZYWvCDSSv0oyj6qFtXD/ojm5BE4C0kYzmteium6ah96
br6aGb50qClOMquiJ9uPeNUPI+Fvdd0v8LtvnryZJueCCwqi/QwNX3k/wMSGj/qH
t6X8Swj+/QVpCjtUCS/1vIdGeN4rKOCuXBpEFpfzFOGfXOYXYeLkMBSJ73yYH/OC
dHjRNVHMRBO6fzO5MdT8PrFbJKDuAuLkXVTlAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUiEdw8vTmDJ4l1zYoRiPnHdZgNRswHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9pRWR3OHZUbURKNGwxellv
UmlQbkhkWmdOUnMucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBACxg3M5OcKLSi0yJ1n6awMITv8w0PkbjpsKX
a9JhCx9hn87awojZcIEiVUt+rAnB7kevHjflqqR8BVsSNRu+wMSUlWb+d3WxfAKB
AYw2W4ZlXei7az35Yym9MI1U0Sr0a+DLvv6VyuxsXwy015FDwdeWjFvNX5Plb6SR
/bEW+g5/iruNl65aRhwszMQbZkpwLeudAVUwKIbeuUvhntwObOFqIM/bm65zVaQP
k03IH/R8XkIcYafcQWHFSl+8iZyDbkuVWj6EP+VBiqTxmMN/QvqrBOpalJTU6cPW
H52DXszbe6Fycab5TeISJfFxapxWgvUmSrznZMEH4fxTJAggWgk=
-----END CERTIFICATE-----
Generated at Sun May 18 02:00:45 2025 by rpki-client