Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/jLReJIxBGbDWKCIlueBG1S3CqMA.roa
File: jLReJIxBGbDWKCIlueBG1S3CqMA.roa (raw, json)
Hash identifier: YeMxJc5bttmrO9KvF/QxAa5hWsI3b9HQZQu28cRgLPs=
Subject key identifier: 8C:B4:5E:24:8C:41:19:B0:D6:28:22:25:B9:E0:46:D5:2D:C2:A8:C0
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 060D
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/jLReJIxBGbDWKCIlueBG1S3CqMA.roa
Signing time: Thu 15 May 2025 03:38:01 +0000
ROA not before: Thu 15 May 2025 03:38:01 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1549 (0x60d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 15 03:38:01 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=8CB45E248C4119B0D6282225B9E046D52DC2A8C0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:b8:b7:1a:77:2d:95:57:98:70:9b:b6:0b:27:
7f:22:21:77:2b:b6:9f:4e:73:25:08:a8:5b:9a:3a:
f4:8a:5f:57:98:4e:21:98:ac:4b:b9:e8:71:fe:51:
53:1e:fe:94:19:1e:9f:9c:5b:b8:24:a2:38:17:6f:
be:39:72:ec:60:f1:a6:09:5d:a7:a0:09:49:9b:74:
23:11:27:a3:47:b5:54:6d:cf:67:94:4a:b9:8f:a1:
5c:09:c1:d6:cf:91:94:9e:6c:39:ac:d4:7e:9f:82:
a4:6d:e7:a1:a0:32:9c:ca:ce:d4:df:f7:eb:b0:e2:
ee:0b:3a:95:26:34:d5:09:51:ab:7b:8c:99:63:88:
d3:59:55:aa:64:14:80:cc:65:8e:b2:3d:70:ed:f9:
d7:7a:e9:ad:cf:e8:4b:99:7e:2e:cd:7d:23:2f:a6:
77:de:c0:80:f1:95:9b:c8:70:eb:69:da:0d:c6:0f:
7b:57:63:33:df:c1:77:cf:46:b9:53:23:ef:f8:e2:
72:2a:0d:13:5e:b6:3e:ed:ea:2b:7b:16:36:10:18:
b9:98:0c:39:03:d3:1c:0d:41:35:85:47:0d:23:de:
5d:84:56:bb:89:d1:3b:25:45:03:06:b1:f4:cf:36:
33:71:9d:48:f3:65:66:62:ff:53:00:27:eb:c0:51:
7c:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:B4:5E:24:8C:41:19:B0:D6:28:22:25:B9:E0:46:D5:2D:C2:A8:C0
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/jLReJIxBGbDWKCIlueBG1S3CqMA.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
97:d9:19:f0:7f:c2:9a:83:ae:32:8c:fb:e4:5d:1e:7f:29:87:
76:57:66:b2:3f:20:e3:95:7e:60:eb:04:4f:09:7b:49:03:8b:
94:e8:9e:f6:45:94:09:ec:79:80:ac:6e:5b:3e:0d:02:f4:d0:
b9:a2:01:40:82:d4:27:a2:3f:03:8a:29:a8:30:cf:ed:c5:f2:
a5:b5:dc:31:2d:16:ca:f0:ce:ae:5c:7a:9e:9e:3f:69:f5:ca:
ef:e2:62:85:1a:8e:22:73:4a:7c:80:5c:40:69:ed:00:cb:0f:
85:c4:f4:2b:6d:23:4b:1b:1b:14:68:2d:33:ab:8c:db:18:0c:
43:b6:54:52:78:47:51:3b:2b:ae:f8:35:57:79:ca:f3:da:c6:
3d:37:62:ce:1c:9d:da:c6:aa:74:28:e7:a2:e3:0f:47:6d:1e:
38:21:48:a1:c9:96:c3:1d:9b:81:ae:4b:13:13:fa:b7:d6:e9:
c6:7e:08:4d:0e:5d:97:73:68:f8:fe:ac:34:4b:d2:c4:73:dd:
ca:e7:ec:63:0f:a6:75:0a:f1:1b:23:8e:d0:bd:a2:b8:6e:06:
13:27:66:ca:cd:34:dd:35:2f:ab:a6:f5:5a:60:4f:98:64:95:
87:c9:c9:a8:1d:7d:06:40:1e:c6:c1:15:ad:f5:8a:ed:1e:e2:
be:81:02:09
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICBg0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTUw
MzM4MDFaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDhDQjQ1RTI0OEM0MTE5
QjBENjI4MjIyNUI5RTA0NkQ1MkRDMkE4QzAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC3uLcady2VV5hwm7YLJ38iIXcrtp9OcyUIqFuaOvSKX1eYTiGY
rEu56HH+UVMe/pQZHp+cW7gkojgXb745cuxg8aYJXaegCUmbdCMRJ6NHtVRtz2eU
SrmPoVwJwdbPkZSebDms1H6fgqRt56GgMpzKztTf9+uw4u4LOpUmNNUJUat7jJlj
iNNZVapkFIDMZY6yPXDt+dd66a3P6EuZfi7NfSMvpnfewIDxlZvIcOtp2g3GD3tX
YzPfwXfPRrlTI+/44nIqDRNetj7t6it7FjYQGLmYDDkD0xwNQTWFRw0j3l2EVruJ
0TslRQMGsfTPNjNxnUjzZWZi/1MAJ+vAUXybAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUjLReJIxBGbDWKCIlueBG1S3CqMAwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9qTFJlSkl4QkdiRFdLQ0ls
dWVCRzFTM0NxTUEucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBAJfZGfB/wpqDrjKM++RdHn8ph3ZXZrI/IOOV
fmDrBE8Je0kDi5TonvZFlAnseYCsbls+DQL00LmiAUCC1CeiPwOKKagwz+3F8qW1
3DEtFsrwzq5cep6eP2n1yu/iYoUajiJzSnyAXEBp7QDLD4XE9CttI0sbGxRoLTOr
jNsYDEO2VFJ4R1E7K674NVd5yvPaxj03Ys4cndrGqnQo56LjD0dtHjghSKHJlsMd
m4GuSxMT+rfW6cZ+CE0OXZdzaPj+rDRL0sRz3crn7GMPpnUK8RsjjtC9orhuBhMn
ZsrNNN01L6um9VpgT5hklYfJyagdfQZAHsbBFa31iu0e4r6BAgk=
-----END CERTIFICATE-----
Generated at Sat May 17 22:55:30 2025 by rpki-client