Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/rWd1aY6b586JSiFuifK8BmR-AgY.roa
File: rWd1aY6b586JSiFuifK8BmR-AgY.roa (raw, json)
Hash identifier: FymOBeRT5zqOPHvh498dbECzPyUMo8fW8Lhv2q95vaA=
Subject key identifier: AD:67:75:69:8E:9B:E7:CE:89:4A:21:6E:89:F2:BC:06:64:7E:02:06
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 02C1
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/rWd1aY6b586JSiFuifK8BmR-AgY.roa
Signing time: Sat 10 May 2025 18:07:52 +0000
ROA not before: Sat 10 May 2025 18:07:52 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 705 (0x2c1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 10 18:07:52 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=AD6775698E9BE7CE894A216E89F2BC06647E0206
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:4b:63:7e:58:e7:cc:68:f7:b3:af:b1:7c:f3:
ca:61:a2:20:b0:97:f7:17:b1:08:ce:34:e3:c5:55:
54:b5:d9:ab:92:8d:02:73:48:44:9b:0f:b2:6b:c8:
1a:99:c9:89:82:6f:6f:e5:39:59:0c:89:f8:b6:c5:
a2:96:6e:d6:d2:62:c1:5f:ec:d3:d8:2e:a1:43:80:
ac:fb:91:fc:26:4f:a8:99:17:e8:e7:6b:5c:37:ca:
a2:70:39:cc:3e:1e:b7:33:b5:a6:62:ea:a0:30:16:
c4:87:05:e8:d4:76:e7:a3:83:98:21:86:02:9c:86:
ad:6e:21:e6:38:a7:c7:5e:af:0f:82:14:98:2d:68:
50:4d:81:c3:9f:7a:b4:c1:fe:8c:d6:5a:fd:a7:16:
05:d2:1c:60:2e:54:46:f8:3d:2c:05:fe:36:4b:c6:
29:34:2a:c0:ec:ba:0a:3b:c7:0e:28:68:df:21:d4:
4c:a5:2a:1f:52:3c:8d:3f:2e:6d:73:e5:ae:2d:82:
02:ca:b8:15:38:ed:0a:47:51:e6:50:19:e7:f9:26:
d3:e4:3c:40:ce:16:8f:a6:94:a3:cd:5d:1f:23:86:
29:36:02:d2:78:b8:d7:f5:36:80:70:c3:c5:25:38:
d9:eb:e6:62:ee:ec:f2:42:86:1a:ff:7d:34:e5:81:
2a:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:67:75:69:8E:9B:E7:CE:89:4A:21:6E:89:F2:BC:06:64:7E:02:06
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/rWd1aY6b586JSiFuifK8BmR-AgY.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
07:c6:9e:e0:e6:5a:b1:72:a3:a6:74:7d:7c:4e:74:10:a9:7c:
04:77:56:fe:d5:d5:82:3a:df:d8:dc:82:23:e3:af:83:4b:70:
d5:65:40:58:3b:38:5e:19:ac:e9:86:c8:1d:16:90:e8:94:02:
05:6b:6f:53:cd:3d:12:40:da:9c:f8:c6:12:d2:28:20:4b:37:
2b:20:95:ba:a8:1f:c5:9b:10:c7:d1:11:95:a1:24:1b:25:35:
6b:20:6f:31:99:c8:83:13:ea:b6:83:08:4d:01:a6:df:8f:e0:
0b:94:29:d5:86:f8:ad:68:0b:66:71:d0:9c:7f:80:17:9a:45:
70:97:0b:09:ab:f4:cc:40:cc:26:b1:db:13:19:3a:12:80:ff:
0a:69:e8:38:84:a3:fc:6d:4e:c2:49:17:4e:e3:71:18:df:bb:
d5:40:cb:b5:23:74:7c:ee:c9:0b:87:00:e8:11:30:c0:18:d6:
f1:18:2b:5f:0f:20:df:b2:bc:9f:77:4d:ae:e0:29:8c:62:7d:
92:c6:08:ab:26:3a:de:02:63:4c:9a:67:f7:b3:05:7a:fd:87:
89:e8:52:9a:82:1a:78:73:cb:f5:44:06:06:bb:e2:dc:ea:58:
6f:7d:ce:c4:af:5c:10:59:a0:6b:5b:93:5f:a2:05:85:fe:13:
a5:5d:a8:d2
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICAsEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTAx
ODA3NTJaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEFENjc3NTY5OEU5QkU3
Q0U4OTRBMjE2RTg5RjJCQzA2NjQ3RTAyMDYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDSS2N+WOfMaPezr7F888phoiCwl/cXsQjONOPFVVS12auSjQJz
SESbD7JryBqZyYmCb2/lOVkMifi2xaKWbtbSYsFf7NPYLqFDgKz7kfwmT6iZF+jn
a1w3yqJwOcw+HrcztaZi6qAwFsSHBejUduejg5ghhgKchq1uIeY4p8derw+CFJgt
aFBNgcOferTB/ozWWv2nFgXSHGAuVEb4PSwF/jZLxik0KsDsugo7xw4oaN8h1Eyl
Kh9SPI0/Lm1z5a4tggLKuBU47QpHUeZQGef5JtPkPEDOFo+mlKPNXR8jhik2AtJ4
uNf1NoBww8UlONnr5mLu7PJChhr/fTTlgSqtAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUrWd1aY6b586JSiFuifK8BmR+AgYwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9yV2QxYVk2YjU4NkpTaUZ1
aWZLOEJtUi1BZ1kucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBAAfGnuDmWrFyo6Z0fXxOdBCpfAR3Vv7V1YI6
39jcgiPjr4NLcNVlQFg7OF4ZrOmGyB0WkOiUAgVrb1PNPRJA2pz4xhLSKCBLNysg
lbqoH8WbEMfREZWhJBslNWsgbzGZyIMT6raDCE0Bpt+P4AuUKdWG+K1oC2Zx0Jx/
gBeaRXCXCwmr9MxAzCax2xMZOhKA/wpp6DiEo/xtTsJJF07jcRjfu9VAy7UjdHzu
yQuHAOgRMMAY1vEYK18PIN+yvJ93Ta7gKYxifZLGCKsmOt4CY0yaZ/ezBXr9h4no
UpqCGnhzy/VEBga74tzqWG99zsSvXBBZoGtbk1+iBYX+E6VdqNI=
-----END CERTIFICATE-----
Generated at Sun May 18 04:52:54 2025 by rpki-client