Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/xrBBVWe79oBoANMAvU2CpIqxSG8.roa
File: xrBBVWe79oBoANMAvU2CpIqxSG8.roa (raw, json)
Hash identifier: bolLo+NNgkHDOlxqhxsXqoa04ef84JzG00o3NkBO800=
Subject key identifier: C6:B0:41:55:67:BB:F6:80:68:00:D3:00:BD:4D:82:A4:8A:B1:48:6F
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: E5
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/xrBBVWe79oBoANMAvU2CpIqxSG8.roa
Signing time: Thu 08 May 2025 06:37:40 +0000
ROA not before: Thu 08 May 2025 06:37:40 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 229 (0xe5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 8 06:37:40 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=C6B0415567BBF6806800D300BD4D82A48AB1486F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:5f:00:21:81:63:6f:4a:cd:03:ec:46:91:6d:
e4:6a:a3:8c:e2:9a:3a:29:9b:1f:a3:80:2e:d7:65:
e2:6a:a5:0f:3c:4c:9f:ed:b2:0f:87:da:87:9c:8c:
9f:11:f5:dd:c5:dc:e4:73:9f:13:14:8c:30:22:d5:
bc:2e:b0:12:d3:02:1e:3c:24:c7:f2:79:f5:45:bf:
f8:3b:3e:6f:d8:f5:36:44:57:c9:04:aa:69:61:a7:
79:78:1b:8b:c5:09:9f:ac:26:60:27:a3:2b:54:61:
c0:f1:7e:ce:8c:b5:dc:e5:cc:f2:13:ee:97:14:76:
ed:4d:24:87:cc:73:02:5c:bf:c8:06:31:9a:c9:a6:
89:30:7e:30:bb:2e:3a:8b:27:6a:73:15:b4:b0:73:
39:81:1a:ca:78:28:00:72:7e:3a:35:df:28:b9:b9:
8c:98:75:be:7d:b0:8e:6b:a9:90:42:30:ee:73:e6:
e5:00:ea:34:58:65:d4:34:80:87:a2:97:9b:f2:e3:
76:62:a7:e8:ac:af:4e:0c:39:42:b9:2d:88:f4:f2:
49:c5:ca:ca:f7:54:3a:a0:96:9d:d0:23:6b:ad:10:
a3:8b:ef:19:d6:67:d2:a5:4b:c9:95:86:92:ee:45:
ca:db:da:19:54:a8:49:6d:56:4e:c4:a9:21:c3:d4:
fd:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:B0:41:55:67:BB:F6:80:68:00:D3:00:BD:4D:82:A4:8A:B1:48:6F
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/xrBBVWe79oBoANMAvU2CpIqxSG8.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
86:55:02:e6:0a:c3:cf:4e:b9:ff:a5:b6:2c:73:5d:f1:a8:dc:
3d:80:62:eb:bf:3c:60:3e:dc:98:e2:39:48:c2:fa:07:38:9e:
bc:89:fd:5b:ac:2a:59:76:bd:a4:54:d1:e2:1f:71:6f:19:3f:
c7:2f:48:fc:95:29:f7:9e:1f:73:54:a7:0e:4a:49:06:53:43:
48:ba:c6:a7:89:74:12:0b:31:f5:b5:50:fe:80:62:f8:c8:09:
cd:54:9f:d0:ce:f5:3b:9f:a7:4f:a6:d5:2f:aa:86:4a:65:17:
ec:98:fa:5a:e8:7c:44:ec:7f:c4:9c:6e:77:5d:62:28:d8:5e:
3f:c2:67:bc:ef:3a:3d:61:94:d8:5f:43:18:fa:1b:e2:8f:63:
a4:5c:51:0d:7d:73:2b:ab:c5:c2:e2:af:05:f3:c8:16:7a:66:
e7:4a:54:ed:93:08:89:9c:9b:08:5e:49:78:86:66:00:d2:38:
24:36:d9:ce:ca:43:5c:2c:53:5b:9d:e6:2b:58:13:d2:9e:a1:
49:c7:b4:a9:75:74:49:bd:36:91:6d:49:f8:ca:b4:05:43:bc:
bd:9e:65:02:bc:51:1e:20:c3:1a:59:d2:9c:2e:25:ca:59:aa:
08:60:34:63:17:d5:8a:5e:72:1b:b4:8a:f0:d4:88:16:dd:a2:
ea:09:3e:f5
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICAOUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MDgw
NjM3NDBaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEM2QjA0MTU1NjdCQkY2
ODA2ODAwRDMwMEJENEQ4MkE0OEFCMTQ4NkYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDGXwAhgWNvSs0D7EaRbeRqo4zimjopmx+jgC7XZeJqpQ88TJ/t
sg+H2oecjJ8R9d3F3ORznxMUjDAi1bwusBLTAh48JMfyefVFv/g7Pm/Y9TZEV8kE
qmlhp3l4G4vFCZ+sJmAnoytUYcDxfs6MtdzlzPIT7pcUdu1NJIfMcwJcv8gGMZrJ
pokwfjC7LjqLJ2pzFbSwczmBGsp4KAByfjo13yi5uYyYdb59sI5rqZBCMO5z5uUA
6jRYZdQ0gIeil5vy43Zip+isr04MOUK5LYj08knFysr3VDqglp3QI2utEKOL7xnW
Z9KlS8mVhpLuRcrb2hlUqEltVk7EqSHD1P3RAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUxrBBVWe79oBoANMAvU2CpIqxSG8wHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni94ckJCVldlNzlvQm9BTk1B
dlUyQ3BJcXhTRzgucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBAIZVAuYKw89Ouf+ltixzXfGo3D2AYuu/PGA+
3JjiOUjC+gc4nryJ/VusKll2vaRU0eIfcW8ZP8cvSPyVKfeeH3NUpw5KSQZTQ0i6
xqeJdBILMfW1UP6AYvjICc1Un9DO9Tufp0+m1S+qhkplF+yY+lrofETsf8Scbndd
YijYXj/CZ7zvOj1hlNhfQxj6G+KPY6RcUQ19cyurxcLirwXzyBZ6ZudKVO2TCImc
mwheSXiGZgDSOCQ22c7KQ1wsU1ud5itYE9KeoUnHtKl1dEm9NpFtSfjKtAVDvL2e
ZQK8UR4gwxpZ0pwuJcpZqghgNGMX1Ypechu0ivDUiBbdouoJPvU=
-----END CERTIFICATE-----
Generated at Sun May 18 19:01:56 2025 by rpki-client