Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/stGcV2xWEcEVzIhVhDzJtbWbMOA.roa
File: stGcV2xWEcEVzIhVhDzJtbWbMOA.roa (raw, json)
Hash identifier: AxymiY0xZ/PcXF7Hu6MSopJmqtm3l8kos0VRDz27xXE=
Subject key identifier: B2:D1:9C:57:6C:56:11:C1:15:CC:88:55:84:3C:C9:B5:B5:9B:30:E0
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0389
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/stGcV2xWEcEVzIhVhDzJtbWbMOA.roa
Signing time: Sun 11 May 2025 19:08:19 +0000
ROA not before: Sun 11 May 2025 19:08:19 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 905 (0x389)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 11 19:08:19 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=B2D19C576C5611C115CC8855843CC9B5B59B30E0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:00:48:0a:67:89:07:13:f7:a2:06:22:e3:9b:
1e:be:ba:f0:ab:34:48:b0:61:04:45:d5:da:9e:7f:
a6:06:cf:5f:f2:e2:66:7b:34:81:74:e4:2e:25:26:
4d:da:20:7f:75:4a:70:da:31:e6:ca:df:d3:01:a6:
59:f9:16:12:39:3f:d8:7c:6e:36:db:a3:2f:c9:ad:
bf:aa:b2:39:23:db:a5:8b:ab:07:15:6a:9b:fc:e4:
d1:f8:47:f3:9f:a7:c1:8a:35:9f:b8:da:6d:01:b6:
0a:78:b3:e8:fb:85:a1:3d:14:a3:56:0e:86:79:72:
46:aa:e3:31:5e:d4:e6:25:d8:2f:64:86:24:bd:fe:
9e:f4:b6:1a:ee:ed:b6:99:fc:34:ba:93:1b:e5:7c:
c0:ef:1b:9a:43:80:4c:16:49:cb:b2:8d:b7:ec:f8:
8a:c0:a8:df:dc:4e:74:8e:f6:5c:28:43:41:71:ee:
de:32:22:34:96:2c:1c:3b:a0:7f:ce:8f:ac:f4:20:
d5:bd:fb:b6:12:2f:71:79:b1:d5:20:79:6c:88:0e:
3a:09:60:af:dd:e9:8d:ec:d4:34:a0:af:88:28:34:
c7:67:51:39:2a:35:ab:a8:fb:43:8f:d6:94:f8:f9:
c0:7e:04:76:3f:b6:3b:06:d8:8d:5a:e4:4d:ed:b5:
67:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:D1:9C:57:6C:56:11:C1:15:CC:88:55:84:3C:C9:B5:B5:9B:30:E0
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/stGcV2xWEcEVzIhVhDzJtbWbMOA.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
2d:a0:6e:45:64:0f:7d:89:34:cb:19:4b:c1:01:33:5b:60:94:
fa:17:7b:85:da:bc:89:a0:4f:d7:26:a1:d2:97:ed:1d:b5:65:
97:52:13:19:f3:75:e0:e8:f5:5b:c2:18:53:98:99:f3:0f:d2:
bc:0d:46:99:d6:89:2a:72:a4:b2:8c:cf:f0:76:73:3e:98:20:
10:8b:f3:33:c9:da:0f:02:46:f9:9b:fe:96:69:50:9f:8f:08:
14:7e:5a:cb:22:79:fa:cc:8c:61:ff:2a:e8:ba:bf:d9:b4:61:
9b:af:72:4b:0e:e7:4e:b5:ed:9a:d0:6a:72:df:92:7f:f3:c6:
d5:57:99:1f:c0:64:6e:b0:2d:45:0d:90:fc:fb:b3:be:e3:b6:
1f:5b:10:ba:56:21:f2:d1:53:4e:75:57:e6:f8:54:4d:44:6f:
d3:27:ff:ec:10:44:12:f8:fc:86:e7:fc:33:d3:ea:0f:7b:0e:
2a:7f:99:d8:9d:cc:e0:8f:12:dd:94:32:57:23:75:df:11:9b:
6b:71:2c:d6:3b:6d:f5:8a:66:27:a5:60:de:20:cd:24:60:6b:
88:3c:c9:7b:da:fe:fb:08:e5:fa:fc:5d:28:d2:97:6b:5f:4b:
55:1c:30:54:29:25:f4:2a:18:c9:77:2b:d5:82:c2:dc:73:8f:
52:b2:dc:5b
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICA4kwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTEx
OTA4MTlaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEIyRDE5QzU3NkM1NjEx
QzExNUNDODg1NTg0M0NDOUI1QjU5QjMwRTAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC5AEgKZ4kHE/eiBiLjmx6+uvCrNEiwYQRF1dqef6YGz1/y4mZ7
NIF05C4lJk3aIH91SnDaMebK39MBpln5FhI5P9h8bjbboy/Jrb+qsjkj26WLqwcV
apv85NH4R/Ofp8GKNZ+42m0Btgp4s+j7haE9FKNWDoZ5ckaq4zFe1OYl2C9khiS9
/p70thru7baZ/DS6kxvlfMDvG5pDgEwWScuyjbfs+IrAqN/cTnSO9lwoQ0Fx7t4y
IjSWLBw7oH/Oj6z0INW9+7YSL3F5sdUgeWyIDjoJYK/d6Y3s1DSgr4goNMdnUTkq
Nauo+0OP1pT4+cB+BHY/tjsG2I1a5E3ttWe/AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUstGcV2xWEcEVzIhVhDzJtbWbMOAwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9zdEdjVjJ4V0VjRVZ6SWhW
aER6SnRiV2JNT0Eucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBAC2gbkVkD32JNMsZS8EBM1tglPoXe4XavImg
T9cmodKX7R21ZZdSExnzdeDo9VvCGFOYmfMP0rwNRpnWiSpypLKMz/B2cz6YIBCL
8zPJ2g8CRvmb/pZpUJ+PCBR+WssiefrMjGH/Kui6v9m0YZuvcksO50617ZrQanLf
kn/zxtVXmR/AZG6wLUUNkPz7s77jth9bELpWIfLRU051V+b4VE1Eb9Mn/+wQRBL4
/Ibn/DPT6g97Dip/mdidzOCPEt2UMlcjdd8Rm2txLNY7bfWKZielYN4gzSRga4g8
yXva/vsI5fr8XSjSl2tfS1UcMFQpJfQqGMl3K9WCwtxzj1Ky3Fs=
-----END CERTIFICATE-----
Generated at Sat May 17 23:16:52 2025 by rpki-client