Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/rI3ldelprVyPdTay1ezhRuiZw6c.roa
File: rI3ldelprVyPdTay1ezhRuiZw6c.roa (raw, json)
Hash identifier: Xs/hFK2HJe/QApgNzzqL0u03NK6VmIU0KJGH9DGrGso=
Subject key identifier: AC:8D:E5:75:E9:69:AD:5C:8F:75:36:B2:D5:EC:E1:46:E8:99:C3:A7
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0605
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/rI3ldelprVyPdTay1ezhRuiZw6c.roa
Signing time: Thu 15 May 2025 02:38:03 +0000
ROA not before: Thu 15 May 2025 02:38:03 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1541 (0x605)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 15 02:38:03 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=AC8DE575E969AD5C8F7536B2D5ECE146E899C3A7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:d9:d1:99:53:e5:17:f8:12:d6:83:7a:8b:fd:
f9:0a:e9:a6:b7:3b:3d:5b:74:7d:a4:81:a9:45:f2:
2b:69:fa:4b:6d:e7:90:0b:78:a0:4d:b2:41:3c:06:
1d:58:d6:b5:11:78:bc:af:49:3b:98:85:e3:36:f2:
45:87:af:ee:2e:ee:1a:2f:95:4b:58:bf:e5:63:e5:
e1:a4:21:f8:e2:db:40:26:75:d8:7f:a1:17:63:c6:
15:b0:9c:77:eb:73:4c:6e:73:81:44:bb:87:77:4c:
dd:24:e4:5d:19:17:d9:d3:6d:ca:47:af:a9:a2:79:
b5:f7:bb:2c:5d:55:31:2b:8d:d2:85:6c:21:01:f7:
73:c1:8a:26:ec:d4:02:72:21:0f:41:19:50:0e:83:
46:b7:49:ae:8f:10:f3:66:a6:8e:58:12:e7:8b:6c:
c1:ea:d2:d0:76:ee:26:4e:96:08:65:c5:f4:3b:7f:
12:7d:01:7d:24:53:8b:e3:68:5a:24:28:12:13:9d:
c5:7b:2f:9e:b8:ed:42:2b:a4:1e:77:d9:59:46:3a:
61:38:89:9a:0f:b0:b3:5e:00:7a:b5:16:09:3b:58:
04:18:27:ec:73:55:e2:62:00:e3:02:39:a7:75:0b:
49:44:ae:ec:08:99:c3:0c:5e:8f:f2:4c:0c:b2:e2:
c8:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:8D:E5:75:E9:69:AD:5C:8F:75:36:B2:D5:EC:E1:46:E8:99:C3:A7
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/rI3ldelprVyPdTay1ezhRuiZw6c.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
68:20:ac:eb:ad:c6:27:8b:63:78:27:22:82:ab:57:b7:00:9c:
59:46:6a:89:b8:e1:b9:c0:c8:a0:90:a9:04:69:56:52:f7:87:
6c:08:9b:26:dd:0e:ab:07:8e:6d:1a:7b:cc:1f:54:8c:d9:34:
15:45:7c:a3:6a:5d:57:8f:19:8c:48:47:47:6e:fa:6c:a0:d1:
c0:7c:41:86:fa:ca:c1:f8:1d:58:4a:be:52:ff:be:8d:5c:ce:
3b:03:fe:c2:07:68:d9:84:97:ad:65:c9:7a:d0:34:28:3e:8c:
92:d5:a0:a0:6e:da:39:b7:09:7e:ef:8e:f5:85:32:5c:9b:45:
62:ff:31:9f:f6:67:22:77:0e:68:8c:e4:fe:4a:0a:5d:3e:a3:
5b:5d:ba:58:de:9b:2d:d3:83:56:f6:28:a2:66:0a:ef:11:da:
6a:f4:ac:50:69:5b:31:27:ff:8c:b8:e0:29:f5:44:93:d8:d6:
e6:d7:7e:43:d1:bb:4f:9d:76:16:54:f5:e3:51:6b:8f:27:15:
98:66:bc:52:48:15:16:33:2c:3e:0e:e0:8e:58:be:a3:80:86:
d6:2b:c6:fe:7e:4c:21:f5:7d:7b:1b:5c:8c:9c:e3:34:b5:be:
8b:d1:01:43:3f:65:2d:a0:66:e3:58:83:bc:bd:cf:1d:58:84:
03:74:80:42
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICBgUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTUw
MjM4MDNaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEFDOERFNTc1RTk2OUFE
NUM4Rjc1MzZCMkQ1RUNFMTQ2RTg5OUMzQTcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCw2dGZU+UX+BLWg3qL/fkK6aa3Oz1bdH2kgalF8itp+ktt55AL
eKBNskE8Bh1Y1rUReLyvSTuYheM28kWHr+4u7hovlUtYv+Vj5eGkIfji20Amddh/
oRdjxhWwnHfrc0xuc4FEu4d3TN0k5F0ZF9nTbcpHr6miebX3uyxdVTErjdKFbCEB
93PBiibs1AJyIQ9BGVAOg0a3Sa6PEPNmpo5YEueLbMHq0tB27iZOlghlxfQ7fxJ9
AX0kU4vjaFokKBITncV7L5647UIrpB532VlGOmE4iZoPsLNeAHq1Fgk7WAQYJ+xz
VeJiAOMCOad1C0lEruwImcMMXo/yTAyy4sjRAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUrI3ldelprVyPdTay1ezhRuiZw6cwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9ySTNsZGVscHJWeVBkVGF5
MWV6aFJ1aVp3NmMucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBAGggrOutxieLY3gnIoKrV7cAnFlGaom44bnA
yKCQqQRpVlL3h2wImybdDqsHjm0ae8wfVIzZNBVFfKNqXVePGYxIR0du+myg0cB8
QYb6ysH4HVhKvlL/vo1czjsD/sIHaNmEl61lyXrQNCg+jJLVoKBu2jm3CX7vjvWF
MlybRWL/MZ/2ZyJ3DmiM5P5KCl0+o1tduljemy3Tg1b2KKJmCu8R2mr0rFBpWzEn
/4y44Cn1RJPY1ubXfkPRu0+ddhZU9eNRa48nFZhmvFJIFRYzLD4O4I5YvqOAhtYr
xv5+TCH1fXsbXIyc4zS1vovRAUM/ZS2gZuNYg7y9zx1YhAN0gEI=
-----END CERTIFICATE-----
Generated at Sat May 17 19:37:58 2025 by rpki-client