Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/qS7HcN-mzxJ88FPySNP5_1-gxQs.roa
File: qS7HcN-mzxJ88FPySNP5_1-gxQs.roa (raw, json)
Hash identifier: Grd6CqV9+I84vXv50yxtFlRQZVwqMxnj4xzfZoodn1U=
Subject key identifier: A9:2E:C7:70:DF:A6:CF:12:7C:F0:53:F2:48:D3:F9:FF:5F:A0:C5:0B
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 010D
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/qS7HcN-mzxJ88FPySNP5_1-gxQs.roa
Signing time: Thu 08 May 2025 11:37:40 +0000
ROA not before: Thu 08 May 2025 11:37:40 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 269 (0x10d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 8 11:37:40 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=A92EC770DFA6CF127CF053F248D3F9FF5FA0C50B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:e6:ff:9b:3e:bc:7f:42:ff:43:34:8f:96:41:
e3:58:88:fd:32:f4:73:7a:11:13:c4:3e:23:ba:47:
68:2c:cf:28:a8:dd:eb:c0:d4:49:45:12:cd:4d:2c:
87:d7:77:c5:0d:3b:e6:3e:6f:fa:b9:fd:ab:07:ad:
26:37:98:8d:4b:51:a7:f0:62:32:41:b2:66:a3:f2:
87:17:d6:7f:53:fc:a9:97:8a:37:b9:4c:c1:82:51:
a9:62:76:1d:8e:8a:6e:86:99:85:ac:9c:31:de:e7:
cc:ae:ce:d3:2a:62:c4:36:22:d6:0a:05:50:b0:67:
a7:87:5b:b4:62:1c:e1:f1:f5:67:9f:11:af:9c:23:
a4:6c:85:58:aa:93:9c:2a:a5:e4:80:15:1a:e4:c7:
10:86:31:67:38:a2:34:06:7c:ee:8d:07:b8:f7:06:
4a:ef:07:89:e6:88:22:6d:dd:37:58:88:40:a6:00:
c1:d5:95:08:5b:13:6d:99:26:8c:91:b7:df:52:82:
81:bb:18:ca:b7:09:e8:86:c6:10:25:0e:09:d3:f2:
fe:79:51:4a:7c:78:e2:3b:d8:c1:23:ee:9f:a7:a0:
55:32:35:0b:24:40:07:2f:73:fb:63:d7:97:7c:37:
7b:f8:a4:e0:4b:57:12:4b:51:09:5f:71:24:9c:46:
28:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:2E:C7:70:DF:A6:CF:12:7C:F0:53:F2:48:D3:F9:FF:5F:A0:C5:0B
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/qS7HcN-mzxJ88FPySNP5_1-gxQs.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
74:19:62:af:2e:22:5c:ba:02:73:c9:ec:de:0b:51:8a:ea:a3:
89:48:72:e2:5b:e2:05:e0:4e:b9:d9:f5:9e:8e:8d:a9:9f:ee:
92:3e:19:af:bf:76:66:88:b8:ae:08:8b:db:cd:65:90:3e:5e:
70:28:f9:6e:e1:3c:d1:49:6a:58:b9:7b:3b:e0:ee:9a:31:a3:
41:33:74:1d:fc:39:eb:3d:ab:62:3c:91:fe:e5:57:3c:9b:50:
41:c1:69:b2:25:16:f9:35:1d:07:2c:47:20:ec:f1:79:22:44:
fd:01:43:a2:10:5f:ff:26:ae:5e:5e:bb:b6:c7:70:c3:9f:c9:
5d:14:d0:20:ba:cd:24:89:2e:c3:a4:5c:c5:f2:a9:15:f7:75:
e6:8f:b9:06:87:54:5c:0f:3a:7a:ea:df:5c:ce:b4:44:88:16:
c7:3f:2b:64:ea:57:7f:61:e3:10:4a:b8:0b:7f:d9:98:f1:6a:
84:24:83:48:9f:5c:5b:19:b5:6b:a4:8a:97:34:fc:86:97:b8:
98:1c:25:c5:a1:15:78:46:24:8e:72:d3:ba:de:22:39:40:3e:
6b:75:fb:1e:d7:b0:50:d5:24:aa:70:8f:31:e4:0e:30:91:7b:
82:cd:fa:1e:5f:c9:f2:e4:1c:0c:af:79:3b:d0:99:d3:75:59:
e5:ef:dd:ff
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICAQ0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MDgx
MTM3NDBaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEE5MkVDNzcwREZBNkNG
MTI3Q0YwNTNGMjQ4RDNGOUZGNUZBMEM1MEIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDm5v+bPrx/Qv9DNI+WQeNYiP0y9HN6ERPEPiO6R2gszyio3evA
1ElFEs1NLIfXd8UNO+Y+b/q5/asHrSY3mI1LUafwYjJBsmaj8ocX1n9T/KmXije5
TMGCUalidh2Oim6GmYWsnDHe58yuztMqYsQ2ItYKBVCwZ6eHW7RiHOHx9WefEa+c
I6RshViqk5wqpeSAFRrkxxCGMWc4ojQGfO6NB7j3BkrvB4nmiCJt3TdYiECmAMHV
lQhbE22ZJoyRt99SgoG7GMq3CeiGxhAlDgnT8v55UUp8eOI72MEj7p+noFUyNQsk
QAcvc/tj15d8N3v4pOBLVxJLUQlfcSScRih1AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUqS7HcN+mzxJ88FPySNP5/1+gxQswHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9xUzdIY04tbXp4Sjg4RlB5
U05QNV8xLWd4UXMucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBAHQZYq8uIly6AnPJ7N4LUYrqo4lIcuJb4gXg
TrnZ9Z6Ojamf7pI+Ga+/dmaIuK4Ii9vNZZA+XnAo+W7hPNFJali5ezvg7poxo0Ez
dB38Oes9q2I8kf7lVzybUEHBabIlFvk1HQcsRyDs8XkiRP0BQ6IQX/8mrl5eu7bH
cMOfyV0U0CC6zSSJLsOkXMXyqRX3deaPuQaHVFwPOnrq31zOtESIFsc/K2TqV39h
4xBKuAt/2ZjxaoQkg0ifXFsZtWukipc0/IaXuJgcJcWhFXhGJI5y07reIjlAPmt1
+x7XsFDVJKpwjzHkDjCRe4LN+h5fyfLkHAyveTvQmdN1WeXv3f8=
-----END CERTIFICATE-----
Generated at Sat May 17 22:41:32 2025 by rpki-client