Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/58F3x4VI5SsIpZM54DFJeFfwUh4.roa
File: 58F3x4VI5SsIpZM54DFJeFfwUh4.roa (raw, json)
Hash identifier: rv4rsFTGwaxdV3DyTrbwDc6HhBnWp6jRtwYaIeEaeM4=
Subject key identifier: E7:C1:77:C7:85:48:E5:2B:08:A5:93:39:E0:31:49:78:57:F0:52:1E
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0791
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/58F3x4VI5SsIpZM54DFJeFfwUh4.roa
Signing time: Sat 17 May 2025 04:08:09 +0000
ROA not before: Sat 17 May 2025 04:08:09 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1937 (0x791)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 17 04:08:09 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=E7C177C78548E52B08A59339E031497857F0521E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:ce:f3:2c:2d:a1:f1:a9:05:8b:b7:9b:9d:01:
c3:ec:83:e2:26:b4:2e:fe:c9:21:5e:18:81:64:f9:
a6:b4:26:d8:67:85:5c:04:36:bd:75:5c:e0:91:e0:
d0:c0:41:db:f3:aa:f0:0d:b1:c6:56:48:08:4d:3a:
96:dc:f2:cb:3d:fe:a6:b1:99:53:73:e8:4f:6b:cc:
e5:6f:e9:2e:63:e3:d7:a2:a6:92:34:1b:df:01:2d:
63:45:52:b6:5f:57:76:31:8d:9b:ac:1b:6c:ab:b6:
05:87:b3:85:d4:a0:91:49:0c:24:fb:86:fe:46:17:
d5:29:df:75:07:35:41:96:35:25:c3:d7:7e:25:5f:
57:d9:1d:82:f8:04:c6:20:79:b2:35:2b:76:83:b9:
7b:ce:bf:e8:59:a5:b7:b1:ca:7f:45:95:66:14:b3:
0a:58:05:87:11:9c:26:62:cd:35:90:e9:5e:8a:76:
fc:ea:12:84:54:8b:e6:7f:7e:a4:15:94:6c:07:76:
10:0a:32:b5:f7:00:f8:fb:19:28:6a:9c:fb:bb:a8:
7e:17:4e:13:78:72:c3:0f:81:43:dc:14:5c:1a:39:
df:9e:5a:df:a0:1a:f9:e4:01:09:12:ae:5d:e2:08:
8a:a1:74:f6:2a:40:8b:3c:17:86:e5:84:8e:5f:bb:
cf:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:C1:77:C7:85:48:E5:2B:08:A5:93:39:E0:31:49:78:57:F0:52:1E
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/58F3x4VI5SsIpZM54DFJeFfwUh4.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
76:bb:67:b5:ad:a7:99:f3:7e:d2:78:2c:21:31:82:6b:77:3e:
54:b7:c7:f2:8c:93:3f:a4:be:14:64:d6:23:20:09:37:38:37:
fe:65:a6:68:b1:27:c9:20:61:ee:53:cf:4d:89:9b:c8:52:17:
39:0f:80:82:53:b6:57:a9:67:10:65:44:90:69:b8:cb:de:f4:
45:0b:10:21:34:f9:d5:c6:57:79:ec:6a:c6:73:c7:d7:7a:77:
3d:20:8c:2e:af:78:66:37:36:9c:3e:1f:b6:77:b7:02:3d:e4:
6c:0d:55:7c:a2:b0:76:89:57:41:7d:c3:ef:89:10:58:22:83:
d7:63:d2:d3:d6:d5:20:35:12:60:54:a7:6b:1b:b7:93:af:c7:
a4:9d:b7:2e:a5:c0:fc:29:cc:4a:1b:dc:4c:3d:8f:83:77:97:
67:65:b0:e2:52:59:b4:8d:0f:ec:30:d0:a0:9b:66:ea:12:c9:
2d:1b:18:4f:62:11:f3:52:5c:30:cf:39:39:83:33:11:3c:63:
bc:0a:3f:d7:cd:9e:38:38:9d:cf:45:5a:8f:12:af:24:53:ba:
58:c4:b3:ce:ea:a4:06:2a:5d:df:ff:86:7e:29:02:74:90:d7:
cf:c9:48:70:18:2d:9a:0d:fd:ea:22:55:d0:3d:84:3e:27:4c:
aa:68:6f:d0
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICB5EwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTcw
NDA4MDlaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEU3QzE3N0M3ODU0OEU1
MkIwOEE1OTMzOUUwMzE0OTc4NTdGMDUyMUUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCrzvMsLaHxqQWLt5udAcPsg+ImtC7+ySFeGIFk+aa0JthnhVwE
Nr11XOCR4NDAQdvzqvANscZWSAhNOpbc8ss9/qaxmVNz6E9rzOVv6S5j49eippI0
G98BLWNFUrZfV3YxjZusG2yrtgWHs4XUoJFJDCT7hv5GF9Up33UHNUGWNSXD134l
X1fZHYL4BMYgebI1K3aDuXvOv+hZpbexyn9FlWYUswpYBYcRnCZizTWQ6V6Kdvzq
EoRUi+Z/fqQVlGwHdhAKMrX3APj7GShqnPu7qH4XThN4csMPgUPcFFwaOd+eWt+g
GvnkAQkSrl3iCIqhdPYqQIs8F4blhI5fu88RAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQU58F3x4VI5SsIpZM54DFJeFfwUh4wHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni81OEYzeDRWSTVTc0lwWk01
NERGSmVGZndVaDQucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBAHa7Z7Wtp5nzftJ4LCExgmt3PlS3x/KMkz+k
vhRk1iMgCTc4N/5lpmixJ8kgYe5Tz02Jm8hSFzkPgIJTtlepZxBlRJBpuMve9EUL
ECE0+dXGV3nsasZzx9d6dz0gjC6veGY3Npw+H7Z3twI95GwNVXyisHaJV0F9w++J
EFgig9dj0tPW1SA1EmBUp2sbt5Ovx6Sdty6lwPwpzEob3Ew9j4N3l2dlsOJSWbSN
D+ww0KCbZuoSyS0bGE9iEfNSXDDPOTmDMxE8Y7wKP9fNnjg4nc9FWo8SryRTuljE
s87qpAYqXd//hn4pAnSQ18/JSHAYLZoN/eoiVdA9hD4nTKpob9A=
-----END CERTIFICATE-----
Generated at Sun Jun 22 01:04:40 2025 by rpki-client