Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/uiloDL_Eh7AtZLi2gf3ZIWJl_IA.roa
File: uiloDL_Eh7AtZLi2gf3ZIWJl_IA.roa (raw, json)
Hash identifier: jESD8bNN6bvA4tJGxEyrNa6Wf05ffk1GcWP/2OMb380=
Subject key identifier: BA:29:68:0C:BF:C4:87:B0:2D:64:B8:B6:81:FD:D9:21:62:65:FC:80
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 065D
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/uiloDL_Eh7AtZLi2gf3ZIWJl_IA.roa
Signing time: Thu 15 May 2025 13:38:09 +0000
ROA not before: Thu 15 May 2025 13:38:09 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1629 (0x65d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 15 13:38:09 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=BA29680CBFC487B02D64B8B681FDD9216265FC80
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:43:4c:0d:07:03:38:e8:47:45:7b:f5:d1:2f:
69:4b:28:bc:78:cd:49:0a:73:42:a2:f8:92:c4:00:
e6:49:c1:de:1d:98:74:cb:e5:1d:16:60:5d:bc:0d:
74:1c:01:55:d3:9e:72:f7:0b:62:aa:93:a7:11:29:
5a:80:d5:77:5a:20:86:4b:9a:3d:51:fc:0c:3c:5a:
47:ff:8f:d2:3e:0a:24:a7:4a:86:1d:a9:7f:db:ff:
83:81:35:f8:2a:5d:c3:28:7d:dd:e4:ff:1d:53:aa:
eb:ff:07:15:5a:87:99:37:4d:e9:d4:31:ef:0c:df:
03:65:a9:54:f6:6d:b1:75:d3:4d:5e:8f:a8:93:30:
1d:61:a2:ad:98:f3:6c:2e:52:60:c2:a6:96:a5:3c:
b1:fb:4f:2f:ac:10:e5:de:10:94:ae:71:f8:60:e8:
64:ac:20:13:3a:0c:bf:39:9d:2e:fb:60:21:f4:9d:
92:ce:e6:f3:c2:a4:64:df:e5:9b:b1:3c:ef:33:7b:
9a:de:78:5b:df:cf:10:02:9b:39:bd:5e:89:06:fe:
f8:44:ca:b1:7c:09:69:2f:8a:2b:a8:b8:eb:b2:83:
96:2c:1a:e9:ba:f8:5a:f5:91:aa:0a:3d:9e:bc:0a:
fc:31:d6:92:b7:0d:22:d6:b1:e0:91:52:3c:07:6f:
5c:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:29:68:0C:BF:C4:87:B0:2D:64:B8:B6:81:FD:D9:21:62:65:FC:80
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/uiloDL_Eh7AtZLi2gf3ZIWJl_IA.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
af:04:d1:25:c1:99:7f:cb:98:b9:5d:1e:2a:80:30:ea:10:10:
3e:6b:84:30:5d:94:33:3b:90:fd:e5:c7:4e:21:ab:02:61:a9:
c0:70:19:d8:1a:56:f0:1b:15:ab:13:d9:a4:25:f9:d7:b4:63:
bf:ab:13:69:41:e9:d2:9c:de:ba:63:0d:0d:01:70:28:2c:4b:
32:7a:49:99:0b:bb:16:87:56:44:92:81:60:c9:d8:48:08:60:
b1:f7:ec:a6:4d:fe:62:ae:49:f2:44:a7:f2:14:7f:9d:7a:4d:
93:e0:0a:ce:5b:bf:b5:fc:f6:7b:48:0b:13:50:ef:b4:aa:eb:
63:d9:e5:1a:36:75:74:b0:56:aa:09:9b:27:f1:8f:bc:1e:53:
85:18:25:2b:7e:09:27:cf:4b:e6:bb:7f:ae:3f:91:47:21:12:
10:fa:69:a2:b5:61:45:21:77:02:76:93:5e:74:0c:ee:ef:95:
4d:c8:0f:36:00:fd:8f:45:b6:c6:66:5b:a2:5c:dc:6f:e7:b7:
0f:23:e3:b4:7f:56:bd:1c:f2:b7:12:c5:4c:9e:c5:ed:e9:32:
d5:f7:99:1f:4d:27:6f:37:90:38:36:df:53:c7:62:80:09:0d:
48:f1:6c:c7:c2:47:14:40:1f:8b:b5:c8:7d:56:80:5f:7f:77:
d2:61:db:3a
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICBl0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTUx
MzM4MDlaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEJBMjk2ODBDQkZDNDg3
QjAyRDY0QjhCNjgxRkREOTIxNjI2NUZDODAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDZQ0wNBwM46EdFe/XRL2lLKLx4zUkKc0Ki+JLEAOZJwd4dmHTL
5R0WYF28DXQcAVXTnnL3C2Kqk6cRKVqA1XdaIIZLmj1R/Aw8Wkf/j9I+CiSnSoYd
qX/b/4OBNfgqXcMofd3k/x1Tquv/BxVah5k3TenUMe8M3wNlqVT2bbF1001ej6iT
MB1hoq2Y82wuUmDCppalPLH7Ty+sEOXeEJSucfhg6GSsIBM6DL85nS77YCH0nZLO
5vPCpGTf5ZuxPO8ze5reeFvfzxACmzm9XokG/vhEyrF8CWkviiuouOuyg5YsGum6
+Fr1kaoKPZ68Cvwx1pK3DSLWseCRUjwHb1z7AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUuiloDL/Eh7AtZLi2gf3ZIWJl/IAwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni91aWxvRExfRWg3QXRaTGky
Z2YzWklXSmxfSUEucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBAK8E0SXBmX/LmLldHiqAMOoQED5rhDBdlDM7
kP3lx04hqwJhqcBwGdgaVvAbFasT2aQl+de0Y7+rE2lB6dKc3rpjDQ0BcCgsSzJ6
SZkLuxaHVkSSgWDJ2EgIYLH37KZN/mKuSfJEp/IUf516TZPgCs5bv7X89ntICxNQ
77Sq62PZ5Ro2dXSwVqoJmyfxj7weU4UYJSt+CSfPS+a7f64/kUchEhD6aaK1YUUh
dwJ2k150DO7vlU3IDzYA/Y9FtsZmW6Jc3G/ntw8j47R/Vr0c8rcSxUyexe3pMtX3
mR9NJ283kDg231PHYoAJDUjxbMfCRxRAH4u1yH1WgF9/d9Jh2zo=
-----END CERTIFICATE-----
Generated at Sat May 17 22:39:14 2025 by rpki-client