Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/iIR4EUaXZju5UCL6ed6Zlv0BC3Y.roa
File: iIR4EUaXZju5UCL6ed6Zlv0BC3Y.roa (raw, json)
Hash identifier: UgXBzxDPOWQulckffIuTnl8n9H61kVI1GqY/Qlkpw0s=
Subject key identifier: 88:84:78:11:46:97:66:3B:B9:50:22:FA:79:DE:99:96:FD:01:0B:76
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 030D
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/iIR4EUaXZju5UCL6ed6Zlv0BC3Y.roa
Signing time: Sun 11 May 2025 03:37:51 +0000
ROA not before: Sun 11 May 2025 03:37:51 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 781 (0x30d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 11 03:37:51 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=888478114697663BB95022FA79DE9996FD010B76
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:3b:2f:f7:ca:b6:5f:a8:76:c6:9d:e5:d0:ea:
cc:15:66:a2:b3:2e:40:17:7a:cb:eb:9f:ef:16:4e:
6f:3f:57:f0:45:a9:4c:48:92:af:2b:b8:09:6b:3c:
5c:d0:df:a0:29:43:71:84:2c:6d:81:50:2f:c2:cc:
0e:11:cc:51:bd:ff:0c:45:37:b8:11:dd:f2:23:14:
b7:59:31:ed:22:1f:71:eb:a0:a2:3e:82:05:26:a2:
cd:83:0b:1e:d4:4c:12:08:a8:bb:62:c3:df:57:d1:
55:e2:f2:4c:27:54:4b:3c:bb:94:7a:09:53:21:83:
ec:f5:22:86:f2:c2:4a:cb:00:dd:e2:b5:eb:5c:06:
3f:80:77:3b:34:63:c9:3a:fc:00:41:a2:99:52:a0:
aa:e0:e8:43:ab:6d:ca:be:42:0b:7a:17:cb:68:73:
81:f5:87:ee:05:2a:a5:aa:41:e5:23:ca:ea:b4:a3:
89:5e:56:9b:69:f8:48:5e:25:30:5b:c0:4a:a5:6e:
85:94:55:33:0e:83:8e:dc:f4:08:58:78:3e:cf:47:
27:0b:fb:3a:95:3b:ab:92:1b:49:04:ee:c3:d8:bd:
f8:f4:14:de:7f:a3:f0:9d:2c:6f:ef:94:07:62:d2:
71:91:25:46:9f:0a:17:7e:3a:3f:ac:0e:9e:f2:29:
06:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:84:78:11:46:97:66:3B:B9:50:22:FA:79:DE:99:96:FD:01:0B:76
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/iIR4EUaXZju5UCL6ed6Zlv0BC3Y.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
44:29:f7:6a:ee:96:82:df:36:89:72:60:6e:43:10:13:c2:fb:
48:c2:65:3e:e5:ab:3d:0a:87:2d:c2:10:8b:dd:6a:7f:31:dd:
af:d9:41:06:94:9a:91:e4:81:53:7c:5e:5d:53:20:14:fa:b5:
11:e4:65:8a:d3:45:eb:ba:57:fc:46:d2:94:57:af:78:f0:d9:
fb:be:fa:e2:09:8a:cd:c5:41:f1:23:43:7b:3e:1c:85:e3:a4:
b3:b0:54:6a:61:5e:7c:9f:19:d3:54:ea:3b:49:94:d1:c4:01:
e7:0a:27:c9:60:50:0d:d6:b8:a8:02:a6:23:4c:e3:37:46:e6:
0a:70:b6:29:95:f3:52:86:fc:63:9d:33:fc:bd:2e:57:e2:ae:
e2:47:12:46:ac:1d:8e:ab:f0:93:76:9a:2d:fe:fc:85:86:3c:
9e:08:e2:eb:dd:34:18:04:41:d6:36:b5:57:bf:8c:40:ad:35:
10:b6:4a:98:07:eb:2e:b8:78:80:7f:3e:6e:42:4b:72:7c:a5:
38:13:c8:36:d6:40:f3:bb:18:d3:8e:af:d1:3f:bb:64:5d:24:
25:f0:62:b7:83:45:6f:a8:a2:03:cc:e3:1f:95:b5:1d:00:93:
5f:59:fa:b2:6c:5b:d0:5e:ca:96:06:db:57:ae:27:49:ff:29:
26:6a:3d:82
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICAw0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTEw
MzM3NTFaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDg4ODQ3ODExNDY5NzY2
M0JCOTUwMjJGQTc5REU5OTk2RkQwMTBCNzYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCpOy/3yrZfqHbGneXQ6swVZqKzLkAXesvrn+8WTm8/V/BFqUxI
kq8ruAlrPFzQ36ApQ3GELG2BUC/CzA4RzFG9/wxFN7gR3fIjFLdZMe0iH3HroKI+
ggUmos2DCx7UTBIIqLtiw99X0VXi8kwnVEs8u5R6CVMhg+z1IobywkrLAN3itetc
Bj+Adzs0Y8k6/ABBoplSoKrg6EOrbcq+Qgt6F8toc4H1h+4FKqWqQeUjyuq0o4le
Vptp+EheJTBbwEqlboWUVTMOg47c9AhYeD7PRycL+zqVO6uSG0kE7sPYvfj0FN5/
o/CdLG/vlAdi0nGRJUafChd+Oj+sDp7yKQapAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUiIR4EUaXZju5UCL6ed6Zlv0BC3YwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9pSVI0RVVhWFpqdTVVQ0w2
ZWQ2Wmx2MEJDM1kucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBAEQp92ruloLfNolyYG5DEBPC+0jCZT7lqz0K
hy3CEIvdan8x3a/ZQQaUmpHkgVN8Xl1TIBT6tRHkZYrTReu6V/xG0pRXr3jw2fu+
+uIJis3FQfEjQ3s+HIXjpLOwVGphXnyfGdNU6jtJlNHEAecKJ8lgUA3WuKgCpiNM
4zdG5gpwtimV81KG/GOdM/y9LlfiruJHEkasHY6r8JN2mi3+/IWGPJ4I4uvdNBgE
QdY2tVe/jECtNRC2SpgH6y64eIB/Pm5CS3J8pTgTyDbWQPO7GNOOr9E/u2RdJCXw
YreDRW+oogPM4x+VtR0Ak19Z+rJsW9BeypYG21euJ0n/KSZqPYI=
-----END CERTIFICATE-----
Generated at Sat May 17 21:31:31 2025 by rpki-client