Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/x5pVH6-TDzgmooZdbmW351bJy54.roa
File: x5pVH6-TDzgmooZdbmW351bJy54.roa (raw, json)
Hash identifier: nA6fRib/TpTtBiearsnJkgs8pbR7UtLjQQgOoVgoPMQ=
Subject key identifier: C7:9A:55:1F:AF:93:0F:38:26:A2:86:5D:6E:65:B7:E7:56:C9:CB:9E
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 06C9
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/x5pVH6-TDzgmooZdbmW351bJy54.roa
Signing time: Fri 16 May 2025 03:08:02 +0000
ROA not before: Fri 16 May 2025 03:08:02 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1737 (0x6c9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 16 03:08:02 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=C79A551FAF930F3826A2865D6E65B7E756C9CB9E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:b5:41:44:93:83:bf:fa:01:99:35:c1:28:60:
36:3e:75:35:68:81:16:24:36:27:ff:4c:6f:78:25:
31:70:92:b3:38:67:0e:ac:3a:c9:e5:e7:36:1b:4d:
f6:20:6a:ce:44:62:80:c3:47:fe:b4:01:c5:c3:d3:
e9:a5:2b:b4:a2:d9:bf:15:54:59:90:f1:00:0b:c2:
e5:c5:c5:e3:f8:10:b5:6a:d6:6a:d4:63:1b:65:ef:
5e:e6:96:86:8d:22:de:a5:db:8c:0a:a4:34:58:58:
88:14:18:e1:0f:ca:0e:16:f0:49:43:01:7e:04:3e:
e3:28:b7:e6:27:f6:0f:3f:34:d3:7b:43:1c:5b:cb:
4a:65:a3:d1:70:a1:a5:78:62:8d:36:10:74:46:68:
2c:82:19:f4:5f:66:6a:67:0b:d8:9f:5d:d7:2b:69:
ac:cd:a5:2f:c2:bb:69:e7:d6:b5:98:9d:ef:65:73:
fd:8a:cc:55:82:7b:4d:b5:25:9c:37:9d:22:f6:e9:
05:3f:d0:93:2e:cc:88:bc:92:66:fd:2e:99:70:af:
db:06:10:cc:77:bf:72:46:59:fb:73:fb:a3:71:a9:
a5:b7:53:39:26:8d:29:50:9c:95:c7:83:22:4d:2b:
f3:78:3c:a4:f5:c9:c6:a4:41:e6:ce:78:2e:2c:af:
05:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:9A:55:1F:AF:93:0F:38:26:A2:86:5D:6E:65:B7:E7:56:C9:CB:9E
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/x5pVH6-TDzgmooZdbmW351bJy54.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
2d:55:ee:69:ae:fd:e5:ce:e1:01:2e:90:0d:32:ae:9d:f8:d3:
0a:10:af:b0:29:4f:68:29:e1:b0:eb:d3:af:b2:9e:35:60:e9:
d0:86:29:f4:4a:f8:ed:40:47:8e:1f:b2:02:41:c0:d0:11:2b:
01:a1:6e:d0:a9:d9:87:be:f8:0d:9a:2c:5c:d8:f9:23:77:ca:
45:cd:e1:e4:b7:d2:86:ff:ee:dc:2a:f0:16:5e:9e:ad:36:8b:
4b:68:65:62:c3:f0:2c:4c:d7:4b:3d:78:cf:ce:f1:d7:e4:18:
dc:ef:42:dd:78:95:43:92:e6:8c:50:d7:98:c7:75:41:51:a3:
c1:a6:f0:c8:70:1f:0f:42:cd:6f:2a:b7:f3:82:fc:04:1e:fb:
c2:eb:60:7c:fa:4f:92:b9:45:03:f3:93:45:56:85:b3:d1:43:
7d:45:0b:3c:6f:83:14:a6:c5:f9:01:8c:ba:b1:5e:de:06:ec:
37:dc:6f:ed:7e:70:e5:43:e4:e3:3a:42:5c:55:75:e2:22:26:
9f:ce:28:b7:ec:86:1e:e7:fa:c7:73:44:e5:b2:c8:ee:b3:ad:
dc:98:7d:8c:94:18:0a:e1:5b:91:ed:42:d4:0b:24:46:f8:2b:
0b:85:17:43:cf:03:9c:41:3c:c2:8e:00:bb:bd:22:dc:85:94:
79:be:c7:6d
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICBskwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTYw
MzA4MDJaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEM3OUE1NTFGQUY5MzBG
MzgyNkEyODY1RDZFNjVCN0U3NTZDOUNCOUUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCxtUFEk4O/+gGZNcEoYDY+dTVogRYkNif/TG94JTFwkrM4Zw6s
Osnl5zYbTfYgas5EYoDDR/60AcXD0+mlK7Si2b8VVFmQ8QALwuXFxeP4ELVq1mrU
Yxtl717mloaNIt6l24wKpDRYWIgUGOEPyg4W8ElDAX4EPuMot+Yn9g8/NNN7Qxxb
y0plo9FwoaV4Yo02EHRGaCyCGfRfZmpnC9ifXdcraazNpS/Cu2nn1rWYne9lc/2K
zFWCe021JZw3nSL26QU/0JMuzIi8kmb9Lplwr9sGEMx3v3JGWftz+6NxqaW3Uzkm
jSlQnJXHgyJNK/N4PKT1ycakQebOeC4srwWhAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUx5pVH6+TDzgmooZdbmW351bJy54wHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni94NXBWSDYtVER6Z21vb1pk
Ym1XMzUxYkp5NTQucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBAC1V7mmu/eXO4QEukA0yrp340woQr7ApT2gp
4bDr06+ynjVg6dCGKfRK+O1AR44fsgJBwNARKwGhbtCp2Ye++A2aLFzY+SN3ykXN
4eS30ob/7twq8BZenq02i0toZWLD8CxM10s9eM/O8dfkGNzvQt14lUOS5oxQ15jH
dUFRo8Gm8MhwHw9CzW8qt/OC/AQe+8LrYHz6T5K5RQPzk0VWhbPRQ31FCzxvgxSm
xfkBjLqxXt4G7Dfcb+1+cOVD5OM6QlxVdeIiJp/OKLfshh7n+sdzROWyyO6zrdyY
fYyUGArhW5HtQtQLJEb4KwuFF0PPA5xBPMKOALu9ItyFlHm+x20=
-----END CERTIFICATE-----
Generated at Sat May 17 21:28:09 2025 by rpki-client