Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/pZYFF2QOXcCM8CNE37XYSc5eRiA.roa
File: pZYFF2QOXcCM8CNE37XYSc5eRiA.roa (raw, json)
Hash identifier: OCukFyi3E20ZgvgLxNoRX/4AziPLvFoyrAm51JNEwGQ=
Subject key identifier: A5:96:05:17:64:0E:5D:C0:8C:F0:23:44:DF:B5:D8:49:CE:5E:46:20
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 069D
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/pZYFF2QOXcCM8CNE37XYSc5eRiA.roa
Signing time: Thu 15 May 2025 21:38:45 +0000
ROA not before: Thu 15 May 2025 21:38:45 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1693 (0x69d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 15 21:38:45 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=A5960517640E5DC08CF02344DFB5D849CE5E4620
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:e6:da:73:9a:be:ac:ce:e1:90:2e:b6:2d:fb:
19:80:33:9a:f2:4e:04:bf:3e:c7:2f:1a:67:fa:67:
ed:85:92:b1:b7:a3:db:a3:48:09:e3:ea:cc:eb:bc:
d3:bf:c2:bb:9f:88:1c:dc:c7:2d:6f:14:44:11:a4:
8c:58:c1:82:46:6e:15:1e:d0:69:6d:30:d5:4a:84:
18:28:8f:e8:6d:18:59:0b:a0:5f:06:25:e9:6b:43:
82:88:f2:a9:be:2c:b7:e9:94:f1:ea:36:ff:6e:e4:
94:73:af:62:bc:6f:73:e7:e3:32:60:0d:86:f1:52:
86:19:a3:ae:51:63:14:30:92:5f:53:f4:88:d2:4f:
88:71:4d:d8:6a:6e:fa:37:1e:68:7f:95:a4:3a:c1:
fb:e3:f4:a1:d0:4d:85:70:ba:5a:4c:6d:14:84:74:
92:84:f2:cd:64:01:42:24:d6:f0:4e:84:78:46:f1:
b3:3d:ab:b3:57:2c:6b:de:79:10:fa:b4:92:44:77:
c5:de:7a:b5:5e:d3:89:bd:6f:75:da:59:69:76:1a:
2c:ce:ee:cc:b4:51:c4:46:fa:28:00:a1:d5:5e:9b:
fc:a9:40:24:5a:58:89:3c:a8:b3:fc:91:07:d7:cf:
91:a3:66:03:a7:23:1a:10:f8:b5:eb:bf:b9:e0:d9:
be:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:96:05:17:64:0E:5D:C0:8C:F0:23:44:DF:B5:D8:49:CE:5E:46:20
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/pZYFF2QOXcCM8CNE37XYSc5eRiA.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
86:ce:6c:57:8e:07:33:8d:59:78:75:5a:7b:69:35:f2:f0:70:
7c:04:f2:1d:a9:50:d3:e6:a7:6d:6a:07:99:d7:43:de:c0:e8:
09:f0:e6:6c:a3:96:75:3e:1b:65:fd:0d:95:d1:fd:39:51:7b:
99:8d:c5:69:f5:96:56:e7:cc:31:a2:c9:83:69:0b:5c:22:a9:
62:55:fc:c2:c2:b2:86:b1:99:8c:77:ab:5b:9e:d9:e3:25:e3:
38:8b:37:33:af:a7:59:ec:a1:ee:cd:2f:fe:dd:aa:cd:b7:05:
57:d1:2f:f3:8a:b4:e6:60:9b:be:68:73:4c:34:e1:b2:ea:28:
27:f0:33:bb:0f:c6:50:80:c1:18:88:11:05:0a:b9:88:6d:25:
e2:f2:8a:27:8b:c1:5e:d5:32:dc:f0:49:cb:8f:10:c1:69:46:
09:55:ed:fd:4e:f9:2c:20:c4:04:27:1a:60:56:c8:0a:d6:91:
d6:fe:c1:da:10:81:fd:9a:b2:45:93:25:ef:b4:ea:8f:47:e7:
d1:cb:3a:43:19:7d:40:8d:c2:ef:96:33:8e:45:dd:3e:5f:ba:
de:46:94:a0:68:13:7d:56:dd:de:43:a7:c4:78:9e:52:40:42:
15:49:a1:73:d0:b3:0b:3a:29:1f:38:1d:22:2a:58:cf:94:2a:
e3:e9:83:22
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICBp0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTUy
MTM4NDVaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEE1OTYwNTE3NjQwRTVE
QzA4Q0YwMjM0NERGQjVEODQ5Q0U1RTQ2MjAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDG5tpzmr6szuGQLrYt+xmAM5ryTgS/PscvGmf6Z+2FkrG3o9uj
SAnj6szrvNO/wrufiBzcxy1vFEQRpIxYwYJGbhUe0GltMNVKhBgoj+htGFkLoF8G
JelrQ4KI8qm+LLfplPHqNv9u5JRzr2K8b3Pn4zJgDYbxUoYZo65RYxQwkl9T9IjS
T4hxTdhqbvo3Hmh/laQ6wfvj9KHQTYVwulpMbRSEdJKE8s1kAUIk1vBOhHhG8bM9
q7NXLGveeRD6tJJEd8XeerVe04m9b3XaWWl2GizO7sy0UcRG+igAodVem/ypQCRa
WIk8qLP8kQfXz5GjZgOnIxoQ+LXrv7ng2b51AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUpZYFF2QOXcCM8CNE37XYSc5eRiAwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9wWllGRjJRT1hjQ004Q05F
MzdYWVNjNWVSaUEucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBAIbObFeOBzONWXh1WntpNfLwcHwE8h2pUNPm
p21qB5nXQ97A6Anw5myjlnU+G2X9DZXR/TlRe5mNxWn1llbnzDGiyYNpC1wiqWJV
/MLCsoaxmYx3q1ue2eMl4ziLNzOvp1nsoe7NL/7dqs23BVfRL/OKtOZgm75oc0w0
4bLqKCfwM7sPxlCAwRiIEQUKuYhtJeLyiieLwV7VMtzwScuPEMFpRglV7f1O+Swg
xAQnGmBWyArWkdb+wdoQgf2askWTJe+06o9H59HLOkMZfUCNwu+WM45F3T5fut5G
lKBoE31W3d5Dp8R4nlJAQhVJoXPQsws6KR84HSIqWM+UKuPpgyI=
-----END CERTIFICATE-----
Generated at Sun May 18 04:54:01 2025 by rpki-client