Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/5DLAdvylzR3yz77L8RPtkwMydQA.roa
File: 5DLAdvylzR3yz77L8RPtkwMydQA.roa (raw, json)
Hash identifier: 09N0N2VrrMBPBsiiSNWxfre9+eCJsgFY0JgxVOJTpBI=
Subject key identifier: E4:32:C0:76:FC:A5:CD:1D:F2:CF:BE:CB:F1:13:ED:93:03:32:75:00
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 13D9
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/5DLAdvylzR3yz77L8RPtkwMydQA.roa
Signing time: Mon 02 Jun 2025 13:09:13 +0000
ROA not before: Mon 02 Jun 2025 13:09:13 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5081 (0x13d9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 2 13:09:13 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=E432C076FCA5CD1DF2CFBECBF113ED9303327500
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:93:9c:c1:68:24:56:ed:b9:04:57:43:d5:52:
20:3f:ff:ef:f0:a6:4b:73:29:b2:76:57:29:4a:23:
4b:f3:61:d1:a8:19:14:7c:ba:3e:31:cd:2e:9c:1f:
cd:c3:c2:f6:dd:93:cf:ce:59:09:0e:c7:af:e5:7d:
ef:d1:80:d4:6c:69:18:77:cf:7e:01:e9:c1:6a:2e:
5d:c5:27:16:9a:91:f3:8a:d6:d2:56:55:a6:ec:1b:
cc:84:ef:b0:82:f4:0c:80:d0:b0:e1:4d:87:1d:bf:
f3:25:88:fd:46:bd:ea:82:5f:d6:f9:70:f8:06:cc:
c2:72:8c:89:f3:03:90:84:dd:4a:c3:66:9d:b2:1f:
5f:6e:29:85:9f:0c:d8:96:4a:ac:49:fb:43:62:3b:
7a:06:db:39:50:aa:fb:a7:bb:60:b6:c8:b8:51:ed:
30:a8:e5:8e:ba:64:4c:9d:c0:b3:11:03:b4:27:36:
f5:f4:83:bb:87:c2:98:56:4c:16:11:35:63:7b:ef:
5c:b8:61:00:bf:b0:3b:92:6d:aa:24:cc:86:e9:e1:
09:af:b8:8e:ee:59:22:2d:c0:7a:06:7d:15:c7:5e:
91:33:53:52:57:83:b4:05:c9:92:44:70:7d:5d:f5:
a2:fb:83:46:e2:11:a2:46:cd:30:e8:00:63:96:86:
9d:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:32:C0:76:FC:A5:CD:1D:F2:CF:BE:CB:F1:13:ED:93:03:32:75:00
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/5DLAdvylzR3yz77L8RPtkwMydQA.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
63:5f:68:53:bc:13:75:c6:ab:6e:9a:30:a4:18:f0:cf:af:8c:
79:cf:5e:fa:d1:88:94:c7:70:83:89:1f:b8:c3:9b:b6:b0:8d:
6b:35:95:77:a1:38:48:3d:96:7b:ec:fa:a2:8c:be:83:44:03:
21:77:97:bb:b5:ec:b0:29:3d:ef:f5:00:f4:ee:44:6a:f9:a8:
63:fe:a4:37:b1:31:e0:93:f1:bb:ef:a1:e2:49:38:47:ba:73:
9a:56:88:c1:65:62:08:bc:f8:6d:55:7a:85:e4:d6:71:29:29:
8a:d7:35:78:e4:54:73:99:45:18:75:f4:b3:95:a3:e0:45:6d:
2a:f4:66:75:fc:4d:71:da:60:1c:c7:35:dd:9d:bc:fb:cd:f1:
66:8b:95:49:f3:76:cf:fb:1a:aa:97:86:b5:36:92:a0:63:81:
94:27:81:88:d9:0e:f5:82:4a:7a:73:47:96:c2:c6:17:56:ef:
40:ea:44:9f:d8:62:87:26:fa:51:55:ae:17:79:16:ab:fa:3a:
c0:0e:f2:72:5a:5e:f9:8c:1a:0e:5a:66:c0:4c:ab:17:e0:50:
7e:96:56:aa:b3:df:04:46:24:e0:21:a7:f7:12:4b:c6:5f:24:
c1:8e:80:0d:a0:b2:ff:29:5e:a6:c5:96:cf:be:1e:e2:c2:ce:
b3:f3:20:f9
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICE9kwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MDIx
MzA5MTNaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEU0MzJDMDc2RkNBNUNE
MURGMkNGQkVDQkYxMTNFRDkzMDMzMjc1MDAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDfk5zBaCRW7bkEV0PVUiA//+/wpktzKbJ2VylKI0vzYdGoGRR8
uj4xzS6cH83Dwvbdk8/OWQkOx6/lfe/RgNRsaRh3z34B6cFqLl3FJxaakfOK1tJW
VabsG8yE77CC9AyA0LDhTYcdv/MliP1GveqCX9b5cPgGzMJyjInzA5CE3UrDZp2y
H19uKYWfDNiWSqxJ+0NiO3oG2zlQqvunu2C2yLhR7TCo5Y66ZEydwLMRA7QnNvX0
g7uHwphWTBYRNWN771y4YQC/sDuSbaokzIbp4QmvuI7uWSItwHoGfRXHXpEzU1JX
g7QFyZJEcH1d9aL7g0biEaJGzTDoAGOWhp13AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQU5DLAdvylzR3yz77L8RPtkwMydQAwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni81RExBZHZ5bHpSM3l6NzdM
OFJQdGt3TXlkUUEucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBAGNfaFO8E3XGq26aMKQY8M+vjHnPXvrRiJTH
cIOJH7jDm7awjWs1lXehOEg9lnvs+qKMvoNEAyF3l7u17LApPe/1APTuRGr5qGP+
pDexMeCT8bvvoeJJOEe6c5pWiMFlYgi8+G1VeoXk1nEpKYrXNXjkVHOZRRh19LOV
o+BFbSr0ZnX8TXHaYBzHNd2dvPvN8WaLlUnzds/7GqqXhrU2kqBjgZQngYjZDvWC
SnpzR5bCxhdW70DqRJ/YYocm+lFVrhd5Fqv6OsAO8nJaXvmMGg5aZsBMqxfgUH6W
Vqqz3wRGJOAhp/cSS8ZfJMGOgA2gsv8pXqbFls++HuLCzrPzIPk=
-----END CERTIFICATE-----
Generated at Sat Jun 21 12:00:22 2025 by rpki-client