Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/j2kKhFfzsQshv6s0tr7H7Xxg7KE.roa
File: j2kKhFfzsQshv6s0tr7H7Xxg7KE.roa (raw, json)
Hash identifier: YBjTdNh9YtszIR6uegC92/+s2YHLxdQY+Q3/oC9nRsA=
Subject key identifier: 8F:69:0A:84:57:F3:B1:0B:21:BF:AB:34:B6:BE:C7:ED:7C:60:EC:A1
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 04E1
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/j2kKhFfzsQshv6s0tr7H7Xxg7KE.roa
Signing time: Tue 13 May 2025 14:08:08 +0000
ROA not before: Tue 13 May 2025 14:08:08 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1249 (0x4e1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 13 14:08:08 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=8F690A8457F3B10B21BFAB34B6BEC7ED7C60ECA1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:29:7c:9f:78:2a:a3:1c:8d:ad:c7:fc:9c:55:
73:8d:e5:f3:dd:95:a3:ac:ea:1d:5f:d2:2f:3d:be:
6e:20:2d:ab:b6:0f:36:2a:8d:23:4f:f4:84:7d:a4:
b3:c1:8a:98:79:d9:9f:a9:63:64:ff:bb:0f:d9:99:
fd:a9:b2:39:1f:1d:0e:d6:18:f8:a4:70:86:7f:aa:
d8:3c:5d:66:bd:7d:b7:83:b1:89:1e:82:7f:ee:27:
6b:00:b0:cc:69:ce:55:98:2e:28:b0:69:6f:b2:f6:
3a:0e:3c:ca:b2:91:c3:ed:c5:e5:bd:40:ce:e2:0c:
88:03:66:60:b2:f8:02:1f:d0:91:46:0c:a4:32:00:
ad:a4:72:21:15:20:01:66:e4:0d:99:71:01:27:43:
a3:28:a6:d7:a2:ff:3c:97:c6:fd:fd:17:d7:a7:bb:
90:0b:c3:d5:4d:f7:cf:a1:23:d2:cc:19:e8:1c:43:
f8:4f:05:2b:08:8e:41:11:7a:74:d1:f0:8b:23:f8:
bd:04:bc:01:8f:5d:b8:26:28:3e:e8:92:fb:e5:cb:
27:79:9e:e1:6a:9c:03:98:5f:d8:08:28:a1:77:74:
d4:e8:56:2a:6f:6d:db:3a:15:8d:a5:f8:98:38:aa:
50:8a:76:86:c9:06:d2:b8:b0:6c:ec:e5:7a:a6:bf:
8b:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:69:0A:84:57:F3:B1:0B:21:BF:AB:34:B6:BE:C7:ED:7C:60:EC:A1
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/j2kKhFfzsQshv6s0tr7H7Xxg7KE.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
36:30:f9:fa:98:04:2d:0d:d8:e9:8a:31:d3:30:7d:f5:92:16:
fd:64:ff:6a:0f:40:7a:34:11:4c:f9:8d:66:c6:ca:c4:5d:02:
03:4b:22:54:4c:48:16:db:de:5f:ba:52:77:38:17:aa:bb:49:
c3:96:a0:c4:17:30:57:66:c9:b9:31:57:f6:6c:92:d4:b6:b9:
02:ab:0a:51:51:54:84:2a:ab:4e:81:93:ef:76:91:e3:5c:c5:
5a:a4:0f:d5:24:c2:bb:87:8f:d4:c5:c1:0b:26:1e:a2:ac:cb:
d3:3a:75:f3:16:a1:df:1e:6a:96:6a:4d:ae:26:04:14:a1:cf:
98:10:4a:34:c8:37:75:aa:4b:24:65:e5:b0:f5:d1:0e:02:26:
2e:9a:a3:e2:29:d7:11:a6:9e:e9:4c:85:ac:b2:c0:49:ab:1d:
20:f6:da:aa:f5:ca:1d:9b:54:61:39:23:be:aa:2b:61:c6:b0:
32:e4:d0:e4:b1:b5:a6:ab:3b:62:aa:1f:b6:8c:90:51:d9:fc:
e5:04:46:60:9d:33:1d:4e:ba:ba:f4:35:09:ea:50:8e:28:41:
7b:95:6b:8d:59:6a:f5:27:6d:d8:40:7a:8c:a3:77:b6:31:80:
97:4a:d3:fb:5a:a5:2b:2c:7d:79:d4:3e:94:26:72:fa:89:ea:
87:30:e6:f7
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICBOEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTMx
NDA4MDhaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDhGNjkwQTg0NTdGM0Ix
MEIyMUJGQUIzNEI2QkVDN0VEN0M2MEVDQTEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCkKXyfeCqjHI2tx/ycVXON5fPdlaOs6h1f0i89vm4gLau2DzYq
jSNP9IR9pLPBiph52Z+pY2T/uw/Zmf2psjkfHQ7WGPikcIZ/qtg8XWa9fbeDsYke
gn/uJ2sAsMxpzlWYLiiwaW+y9joOPMqykcPtxeW9QM7iDIgDZmCy+AIf0JFGDKQy
AK2kciEVIAFm5A2ZcQEnQ6Moptei/zyXxv39F9enu5ALw9VN98+hI9LMGegcQ/hP
BSsIjkERenTR8Isj+L0EvAGPXbgmKD7okvvlyyd5nuFqnAOYX9gIKKF3dNToVipv
bds6FY2l+Jg4qlCKdobJBtK4sGzs5Xqmv4spAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUj2kKhFfzsQshv6s0tr7H7Xxg7KEwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9qMmtLaEZmenNRc2h2NnMw
dHI3SDdYeGc3S0Uucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBADYw+fqYBC0N2OmKMdMwffWSFv1k/2oPQHo0
EUz5jWbGysRdAgNLIlRMSBbb3l+6Unc4F6q7ScOWoMQXMFdmybkxV/ZsktS2uQKr
ClFRVIQqq06Bk+92keNcxVqkD9UkwruHj9TFwQsmHqKsy9M6dfMWod8eapZqTa4m
BBShz5gQSjTIN3WqSyRl5bD10Q4CJi6ao+Ip1xGmnulMhayywEmrHSD22qr1yh2b
VGE5I76qK2HGsDLk0OSxtaarO2KqH7aMkFHZ/OUERmCdMx1Ourr0NQnqUI4oQXuV
a41ZavUnbdhAeoyjd7YxgJdK0/tapSssfXnUPpQmcvqJ6ocw5vc=
-----END CERTIFICATE-----
Generated at Sat May 17 23:25:55 2025 by rpki-client