Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/yfpi4pgn59kY-6XHP2x5oeXDZ4Y.roa
File: yfpi4pgn59kY-6XHP2x5oeXDZ4Y.roa (raw, json)
Hash identifier: Iz84xzuzd2WrW7KX54lQjESaggVND8nFD+d0sgSEaS8=
Subject key identifier: C9:FA:62:E2:98:27:E7:D9:18:FB:A5:C7:3F:6C:79:A1:E5:C3:67:86
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 048D
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/yfpi4pgn59kY-6XHP2x5oeXDZ4Y.roa
Signing time: Tue 13 May 2025 03:37:57 +0000
ROA not before: Tue 13 May 2025 03:37:57 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1165 (0x48d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 13 03:37:57 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=C9FA62E29827E7D918FBA5C73F6C79A1E5C36786
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:ac:26:da:35:a3:ed:80:f2:04:24:bc:ec:b7:
20:0a:01:f8:71:9c:d4:98:50:4c:26:4c:fd:f4:c8:
85:c5:7a:55:56:89:f6:e2:21:1e:24:6d:1f:06:bc:
c4:cb:ab:8c:b7:1a:1e:3d:08:af:d0:e3:ac:db:12:
c7:3f:4c:ff:04:a0:6f:56:59:83:21:6e:32:f1:0b:
ad:3f:5f:3d:15:a9:19:6f:90:93:83:c0:85:fd:8d:
e3:a3:99:b7:da:8b:e0:e7:23:f8:1e:e6:20:dd:81:
9c:19:6c:08:88:d0:85:74:cf:00:2a:0b:32:fd:2a:
a4:ea:8e:71:5d:67:7c:c2:c1:2e:4e:23:03:6b:b3:
4f:b9:ab:04:ec:6b:9e:35:57:fb:43:6b:4f:27:71:
4a:a2:0b:be:0e:00:75:92:3e:43:93:4b:6f:cf:e3:
00:11:77:0a:9f:e1:96:4e:dd:ce:c9:06:76:6e:45:
0b:9d:55:b7:69:97:c3:95:b7:ef:d7:0d:58:f0:1a:
26:b9:23:08:ba:a9:f4:be:e6:c7:66:61:7b:32:09:
99:3c:45:dd:c4:9b:9a:ea:3e:dc:39:98:0c:75:1e:
80:66:d8:16:e1:43:f0:4f:6c:29:25:8b:c3:8c:e9:
3f:86:c9:09:4c:58:2c:56:42:aa:f5:09:8e:1c:98:
b3:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:FA:62:E2:98:27:E7:D9:18:FB:A5:C7:3F:6C:79:A1:E5:C3:67:86
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/yfpi4pgn59kY-6XHP2x5oeXDZ4Y.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
1d:aa:1b:b5:6a:57:cb:04:49:ca:95:bb:8a:cd:14:4e:5e:60:
4c:d7:42:04:40:c0:8e:8b:1d:00:d9:62:a3:9b:ff:28:48:e4:
ef:6b:15:d6:aa:c0:fe:b7:fd:7d:38:2d:9e:85:b9:1f:e5:61:
a0:fe:a0:ad:8f:b1:fe:92:0b:09:96:85:c2:e1:50:b4:4b:66:
1d:66:a1:f9:83:f0:e2:8a:67:6e:6b:26:3d:69:3a:33:5e:6e:
b3:76:15:12:40:8c:f4:25:cb:26:1f:c6:cd:30:b8:d4:e0:41:
b0:8d:99:70:0d:30:23:d9:38:bd:26:c3:db:a2:0c:c9:bd:81:
99:42:4a:65:c6:16:57:75:7f:ff:8e:be:8b:0a:a3:61:5a:c7:
41:30:39:22:34:cc:59:06:b4:c7:e6:2f:0b:bc:27:d4:24:76:
18:03:3f:b7:ba:30:78:b1:b7:fd:0b:eb:98:90:93:14:05:54:
3a:de:8e:7c:7d:b2:66:d5:cd:3d:7e:66:8d:7e:ee:35:21:5a:
07:b3:c8:65:1a:66:d3:60:53:13:d3:a7:ea:59:09:30:b0:17:
6f:e8:e1:e6:9d:99:a3:1c:69:b4:ba:d8:ed:98:68:23:b2:53:
d7:5f:98:91:23:02:89:eb:10:47:15:0c:46:5c:89:2e:c7:93:
17:31:a0:af
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICBI0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTMw
MzM3NTdaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEM5RkE2MkUyOTgyN0U3
RDkxOEZCQTVDNzNGNkM3OUExRTVDMzY3ODYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDcrCbaNaPtgPIEJLzstyAKAfhxnNSYUEwmTP30yIXFelVWifbi
IR4kbR8GvMTLq4y3Gh49CK/Q46zbEsc/TP8EoG9WWYMhbjLxC60/Xz0VqRlvkJOD
wIX9jeOjmbfai+DnI/ge5iDdgZwZbAiI0IV0zwAqCzL9KqTqjnFdZ3zCwS5OIwNr
s0+5qwTsa541V/tDa08ncUqiC74OAHWSPkOTS2/P4wARdwqf4ZZO3c7JBnZuRQud
Vbdpl8OVt+/XDVjwGia5Iwi6qfS+5sdmYXsyCZk8Rd3Em5rqPtw5mAx1HoBm2Bbh
Q/BPbCkli8OM6T+GyQlMWCxWQqr1CY4cmLNrAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUyfpi4pgn59kY+6XHP2x5oeXDZ4YwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni95ZnBpNHBnbjU5a1ktNlhI
UDJ4NW9lWERaNFkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBAB2qG7VqV8sEScqVu4rNFE5eYEzXQgRAwI6L
HQDZYqOb/yhI5O9rFdaqwP63/X04LZ6FuR/lYaD+oK2Psf6SCwmWhcLhULRLZh1m
ofmD8OKKZ25rJj1pOjNebrN2FRJAjPQlyyYfxs0wuNTgQbCNmXANMCPZOL0mw9ui
DMm9gZlCSmXGFld1f/+OvosKo2Fax0EwOSI0zFkGtMfmLwu8J9QkdhgDP7e6MHix
t/0L65iQkxQFVDrejnx9smbVzT1+Zo1+7jUhWgezyGUaZtNgUxPTp+pZCTCwF2/o
4eadmaMcabS62O2YaCOyU9dfmJEjAonrEEcVDEZciS7HkxcxoK8=
-----END CERTIFICATE-----
Generated at Sun May 18 10:00:30 2025 by rpki-client