Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/wL5JSnqBfDEVG4tg2WW_y8zs7KY.roa
File: wL5JSnqBfDEVG4tg2WW_y8zs7KY.roa (raw, json)
Hash identifier: RnCytHEOZ+4Naz/A55exwsDEUDm/hHGuSzM0GJbh7Cw=
Subject key identifier: C0:BE:49:4A:7A:81:7C:31:15:1B:8B:60:D9:65:BF:CB:CC:EC:EC:A6
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 014D
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/wL5JSnqBfDEVG4tg2WW_y8zs7KY.roa
Signing time: Thu 08 May 2025 19:37:43 +0000
ROA not before: Thu 08 May 2025 19:37:43 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 333 (0x14d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 8 19:37:43 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=C0BE494A7A817C31151B8B60D965BFCBCCECECA6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:4e:5b:f0:6a:bc:ae:af:db:d2:58:68:51:4e:
19:75:df:14:77:d2:b0:35:34:6d:7f:96:63:68:7b:
e1:be:e2:35:e5:7e:c9:12:0c:d1:f7:be:f2:fb:54:
98:bd:8a:a5:01:46:a2:81:4b:c4:b4:e5:dc:da:90:
28:23:08:ea:84:5c:53:2e:c2:8e:71:f7:e2:d0:4d:
1a:da:c0:b0:e4:ad:bd:a5:f6:6e:20:a5:db:96:8a:
09:a8:41:97:90:81:6d:c3:11:d1:75:f1:15:7a:35:
76:6e:25:a5:34:30:b0:ea:bb:04:03:c3:26:8b:d4:
04:0d:36:0b:e7:61:39:ca:9c:60:db:0e:e0:d3:aa:
1b:ea:e2:89:fe:cf:dd:89:4a:3e:f1:56:71:b5:ea:
fb:af:f0:55:8c:c7:52:d0:55:b8:87:1b:ba:7a:90:
0f:e8:7e:7f:34:09:2e:39:60:4d:21:2c:93:c2:5c:
c4:61:b8:42:35:50:04:da:0b:49:f4:78:08:bc:46:
63:c8:63:da:7f:95:75:b7:5a:0e:ef:47:35:fd:01:
f8:17:34:00:b0:c6:be:e7:83:88:8a:95:fd:1f:f7:
76:9b:b4:24:fc:77:8c:7d:98:3a:ad:b5:43:7d:1a:
f1:3a:9a:40:7b:03:28:9d:0d:35:f0:6b:28:a3:e2:
25:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:BE:49:4A:7A:81:7C:31:15:1B:8B:60:D9:65:BF:CB:CC:EC:EC:A6
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/wL5JSnqBfDEVG4tg2WW_y8zs7KY.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
af:3c:14:ac:ff:83:29:c2:c5:07:2a:47:bd:28:be:aa:11:af:
c9:15:53:c5:84:eb:3a:86:59:45:20:4f:d7:8d:9b:18:75:b8:
a5:59:25:74:6a:a5:f7:9c:43:76:68:e8:4a:0d:03:e2:e3:be:
c8:3a:78:bb:70:42:6f:83:13:38:3a:de:d1:e8:d5:7c:43:d8:
1e:2a:d0:04:80:d1:a4:86:96:e9:c3:8e:6a:f2:f0:ee:d3:09:
84:6b:ec:cd:2b:b4:1d:d2:6c:98:25:8c:fa:ad:1c:f7:04:24:
62:27:d7:41:86:41:b1:1c:9c:63:0f:11:a7:db:00:a0:8a:be:
1f:c2:37:fc:c9:1d:2c:5e:98:d5:a3:3f:c3:ab:0b:36:33:a3:
8f:84:2c:53:65:a4:cc:16:a5:a3:8e:53:93:84:ef:90:b3:2b:
5e:4d:98:30:29:33:f1:44:71:39:13:42:da:df:7a:66:3a:01:
10:d7:13:ad:cf:0c:89:73:5d:53:17:ce:e1:d4:a9:a8:9c:0f:
ac:cf:ea:1c:c0:16:47:5d:3f:2c:05:d3:87:f9:0a:07:ba:22:
58:01:12:6a:b6:20:b2:ac:86:07:f8:33:73:14:fa:1e:84:5f:
6a:63:8e:1f:81:1e:89:d7:51:8e:52:26:51:c0:b3:ca:5f:16:
6c:23:94:c5
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICAU0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MDgx
OTM3NDNaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEMwQkU0OTRBN0E4MTdD
MzExNTFCOEI2MEQ5NjVCRkNCQ0NFQ0VDQTYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDDTlvwaryur9vSWGhRThl13xR30rA1NG1/lmNoe+G+4jXlfskS
DNH3vvL7VJi9iqUBRqKBS8S05dzakCgjCOqEXFMuwo5x9+LQTRrawLDkrb2l9m4g
pduWigmoQZeQgW3DEdF18RV6NXZuJaU0MLDquwQDwyaL1AQNNgvnYTnKnGDbDuDT
qhvq4on+z92JSj7xVnG16vuv8FWMx1LQVbiHG7p6kA/ofn80CS45YE0hLJPCXMRh
uEI1UATaC0n0eAi8RmPIY9p/lXW3Wg7vRzX9AfgXNACwxr7ng4iKlf0f93abtCT8
d4x9mDqttUN9GvE6mkB7AyidDTXwayij4iURAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUwL5JSnqBfDEVG4tg2WW/y8zs7KYwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni93TDVKU25xQmZERVZHNHRn
MldXX3k4enM3S1kucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBAK88FKz/gynCxQcqR70ovqoRr8kVU8WE6zqG
WUUgT9eNmxh1uKVZJXRqpfecQ3Zo6EoNA+Ljvsg6eLtwQm+DEzg63tHo1XxD2B4q
0ASA0aSGlunDjmry8O7TCYRr7M0rtB3SbJgljPqtHPcEJGIn10GGQbEcnGMPEafb
AKCKvh/CN/zJHSxemNWjP8OrCzYzo4+ELFNlpMwWpaOOU5OE75CzK15NmDApM/FE
cTkTQtrfemY6ARDXE63PDIlzXVMXzuHUqaicD6zP6hzAFkddPywF04f5Cge6IlgB
Emq2ILKshgf4M3MU+h6EX2pjjh+BHonXUY5SJlHAs8pfFmwjlMU=
-----END CERTIFICATE-----
Generated at Sat May 17 22:38:10 2025 by rpki-client