Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/u2jXgxe-QJLlpJ_bYjMZMsk2RcE.roa
File: u2jXgxe-QJLlpJ_bYjMZMsk2RcE.roa (raw, json)
Hash identifier: dlNBkoxyuN6OcRoiss4dA+PUHDs6VD1hnLsPhmvwbgc=
Subject key identifier: BB:68:D7:83:17:BE:40:92:E5:A4:9F:DB:62:33:19:32:C9:36:45:C1
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 044D
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/u2jXgxe-QJLlpJ_bYjMZMsk2RcE.roa
Signing time: Mon 12 May 2025 19:38:46 +0000
ROA not before: Mon 12 May 2025 19:38:46 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1101 (0x44d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 12 19:38:46 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=BB68D78317BE4092E5A49FDB62331932C93645C1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:d8:52:99:60:5a:91:c7:9d:25:d5:25:ae:e5:
c8:01:70:3d:d0:1a:c0:d3:80:1f:92:f4:0a:1d:16:
41:e2:87:93:b7:e7:5c:61:c4:ea:6f:a9:4c:43:af:
55:93:6e:7e:73:49:7d:e8:b5:2e:de:45:96:97:4b:
08:fb:05:47:35:02:65:a9:ae:36:cb:f9:c1:7d:ea:
ab:73:aa:df:e8:0e:5b:d0:d7:75:a0:71:d4:89:0b:
78:8c:eb:50:6e:3e:b7:de:11:72:ba:41:3f:aa:d7:
d1:3a:85:56:05:d6:83:81:ea:d1:e2:aa:af:6d:68:
cc:cc:ef:52:8f:69:b0:1c:7b:75:cf:54:e1:7c:88:
95:25:ff:bd:1c:96:e1:3e:cc:60:db:1b:f9:ae:d3:
d0:ae:18:61:a5:26:06:ca:ac:ed:f3:53:87:b1:fe:
7f:69:69:44:07:c8:1a:60:79:9a:c9:92:0b:35:68:
df:b5:8d:8e:da:5b:7c:0a:36:ff:de:58:c1:ca:84:
94:61:b1:03:96:e1:b5:f9:4c:ce:a6:be:97:8c:bd:
04:b9:31:2d:c4:69:76:b0:cf:05:e9:0f:5c:ee:56:
5f:5c:79:ba:61:84:ee:2f:ca:9b:04:4b:82:87:36:
c2:a4:0d:4e:dc:fe:31:70:0c:99:dd:4e:38:3b:31:
e9:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:68:D7:83:17:BE:40:92:E5:A4:9F:DB:62:33:19:32:C9:36:45:C1
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/u2jXgxe-QJLlpJ_bYjMZMsk2RcE.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
23:83:c7:22:0f:77:e1:37:ea:72:71:ff:a0:30:d5:3d:17:43:
6a:b9:fb:92:28:38:1b:ad:4d:81:28:b5:8a:c8:99:0f:4e:7c:
d9:74:a6:9b:f4:8e:86:7c:4b:2a:e4:7f:ce:a6:63:39:8a:e9:
a5:ad:7b:41:98:b8:9f:e8:59:2d:d4:00:2a:19:8a:14:8a:6f:
28:c8:f0:65:52:e4:53:02:77:2e:0e:4d:61:6a:c4:94:55:e6:
bc:84:d3:bc:39:0d:d2:9d:32:24:cc:b5:e0:91:03:62:8d:f4:
4c:53:7e:9d:54:56:0b:f2:8c:90:6b:77:24:97:d8:76:3c:5b:
2b:94:02:4c:bb:fc:90:a5:63:6b:f6:d8:88:85:c8:26:c7:db:
e4:ab:8d:84:71:17:19:92:b8:33:f5:da:9d:de:ac:49:68:1a:
ce:a6:00:82:d9:57:11:7b:76:28:5e:ee:2b:f7:13:cf:43:36:
bf:a3:75:80:41:85:77:62:fe:2d:a1:3a:65:63:c6:76:9c:ea:
bd:12:60:5a:75:80:81:5f:78:b1:1c:5a:19:7c:e8:ca:36:73:
b5:fc:60:21:84:2c:b6:a9:a9:0e:16:6e:cb:ed:0b:0a:ac:e0:
16:d9:2d:ed:7d:f6:45:f3:a1:32:2b:e7:ca:4a:59:ea:d7:e8:
2d:e0:72:e9
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICBE0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTIx
OTM4NDZaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEJCNjhENzgzMTdCRTQw
OTJFNUE0OUZEQjYyMzMxOTMyQzkzNjQ1QzEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDa2FKZYFqRx50l1SWu5cgBcD3QGsDTgB+S9AodFkHih5O351xh
xOpvqUxDr1WTbn5zSX3otS7eRZaXSwj7BUc1AmWprjbL+cF96qtzqt/oDlvQ13Wg
cdSJC3iM61BuPrfeEXK6QT+q19E6hVYF1oOB6tHiqq9taMzM71KPabAce3XPVOF8
iJUl/70cluE+zGDbG/mu09CuGGGlJgbKrO3zU4ex/n9paUQHyBpgeZrJkgs1aN+1
jY7aW3wKNv/eWMHKhJRhsQOW4bX5TM6mvpeMvQS5MS3EaXawzwXpD1zuVl9cebph
hO4vypsES4KHNsKkDU7c/jFwDJndTjg7Mem9AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUu2jXgxe+QJLlpJ/bYjMZMsk2RcEwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni91MmpYZ3hlLVFKTGxwSl9i
WWpNWk1zazJSY0Uucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBACODxyIPd+E36nJx/6Aw1T0XQ2q5+5IoOBut
TYEotYrImQ9OfNl0ppv0joZ8Syrkf86mYzmK6aWte0GYuJ/oWS3UACoZihSKbyjI
8GVS5FMCdy4OTWFqxJRV5ryE07w5DdKdMiTMteCRA2KN9ExTfp1UVgvyjJBrdySX
2HY8WyuUAky7/JClY2v22IiFyCbH2+SrjYRxFxmSuDP12p3erEloGs6mAILZVxF7
dihe7iv3E89DNr+jdYBBhXdi/i2hOmVjxnac6r0SYFp1gIFfeLEcWhl86Mo2c7X8
YCGELLapqQ4WbsvtCwqs4BbZLe199kXzoTIr58pKWerX6C3gcuk=
-----END CERTIFICATE-----
Generated at Mon May 19 06:20:17 2025 by rpki-client