Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/BVFM64xUBguegvrkYece87qS8dw.roa
File: BVFM64xUBguegvrkYece87qS8dw.roa (raw, json)
Hash identifier: kdWmRq91rnSxZUVyO+vOKbMOF/mDQOsXbeeu+gASZy4=
Subject key identifier: 05:51:4C:EB:8C:54:06:0B:9E:82:FA:E4:61:E7:1E:F3:BA:92:F1:DC
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 08E1
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/BVFM64xUBguegvrkYece87qS8dw.roa
Signing time: Sun 18 May 2025 22:08:08 +0000
ROA not before: Sun 18 May 2025 22:08:08 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2273 (0x8e1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 18 22:08:08 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=05514CEB8C54060B9E82FAE461E71EF3BA92F1DC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:75:32:ac:13:aa:f3:9d:64:01:45:71:5e:cb:
8b:17:70:79:22:38:5d:2c:d1:6f:15:c8:78:d9:5d:
cf:2a:68:c8:07:30:6d:53:30:95:08:ce:ac:19:41:
e5:91:9c:3f:b5:d9:f6:20:a2:9b:07:d5:c7:3c:7d:
c2:15:1f:51:0a:0b:5e:53:91:29:05:82:22:ba:66:
a2:42:85:54:00:7a:cf:c7:ca:14:9e:1a:15:7e:32:
6c:36:6d:52:63:45:ee:6c:b9:b3:c6:b2:a6:46:97:
65:fe:02:c1:0b:a6:a2:2e:dc:cf:c0:b2:42:64:67:
cf:e9:ff:81:a2:5b:0f:61:bb:dc:90:ce:d5:2e:30:
44:08:69:cb:8b:83:6c:70:ba:b7:5b:39:37:37:7a:
7b:9c:0f:57:bd:53:65:09:08:8a:c9:0c:59:ea:d7:
b0:6c:6d:6b:76:96:63:3a:e0:33:b4:84:a2:18:82:
18:c4:66:3e:9e:18:a9:e2:f8:2c:67:3c:cf:6f:8e:
cd:ef:20:03:0a:b3:02:1e:2d:df:54:22:41:7d:2f:
72:31:3b:df:97:ac:58:e7:5d:91:a0:a3:2e:90:67:
20:22:a5:3f:73:31:ce:ba:17:ae:89:7b:e6:12:fb:
3c:4b:44:a0:c4:d1:17:38:28:55:ec:ff:ef:a5:20:
b3:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:51:4C:EB:8C:54:06:0B:9E:82:FA:E4:61:E7:1E:F3:BA:92:F1:DC
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/BVFM64xUBguegvrkYece87qS8dw.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
70:59:7e:06:6d:65:6b:92:58:af:b7:55:1c:2d:f4:6c:b8:86:
23:d8:66:8f:f5:14:75:98:b2:6e:3b:05:b8:5b:83:26:bf:0f:
5a:14:90:7d:f2:ed:7b:dc:5d:68:f0:20:ee:c3:92:f2:69:d4:
67:bd:4e:30:32:f3:5d:1a:4d:3b:66:19:6f:18:8e:58:9e:5f:
bc:4c:57:43:ad:7c:41:32:54:72:f8:d6:78:d7:66:1b:44:2e:
00:4b:4d:b1:5d:d0:4c:84:7c:fc:fb:f9:09:80:b4:4f:3e:e7:
f2:87:f4:8f:1c:56:12:5a:88:d0:44:d9:fc:a2:ea:9e:d6:2f:
37:ed:e7:e8:cc:fd:f3:11:c6:70:03:d0:bb:0d:8b:f2:60:6b:
0f:db:e4:8b:42:c0:76:10:6b:91:5a:46:54:a2:ae:6f:79:ad:
6e:bd:a8:0b:4b:9b:38:2f:e3:1a:e2:43:cf:9d:83:be:69:32:
b7:7f:fb:5e:cc:14:f6:d1:26:c8:e9:93:2c:1c:f6:70:c1:c6:
f5:bf:fe:ab:61:1d:ff:48:b4:59:f1:6a:2c:0e:62:e9:ad:a4:
e6:d4:fe:2a:c6:33:3d:a8:99:fe:ec:f2:88:f5:3b:99:5e:26:
b3:48:bc:04:28:ce:f5:eb:f8:c1:b5:ab:ad:cd:e3:0f:5f:eb:
1c:3d:f9:ee
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICCOEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTgy
MjA4MDhaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDA1NTE0Q0VCOEM1NDA2
MEI5RTgyRkFFNDYxRTcxRUYzQkE5MkYxREMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDFdTKsE6rznWQBRXFey4sXcHkiOF0s0W8VyHjZXc8qaMgHMG1T
MJUIzqwZQeWRnD+12fYgopsH1cc8fcIVH1EKC15TkSkFgiK6ZqJChVQAes/HyhSe
GhV+Mmw2bVJjRe5subPGsqZGl2X+AsELpqIu3M/AskJkZ8/p/4GiWw9hu9yQztUu
MEQIacuLg2xwurdbOTc3enucD1e9U2UJCIrJDFnq17BsbWt2lmM64DO0hKIYghjE
Zj6eGKni+CxnPM9vjs3vIAMKswIeLd9UIkF9L3IxO9+XrFjnXZGgoy6QZyAipT9z
Mc66F66Je+YS+zxLRKDE0Rc4KFXs/++lILMPAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUBVFM64xUBguegvrkYece87qS8dwwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9CVkZNNjR4VUJndWVndnJr
WWVjZTg3cVM4ZHcucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBAHBZfgZtZWuSWK+3VRwt9Gy4hiPYZo/1FHWY
sm47Bbhbgya/D1oUkH3y7XvcXWjwIO7DkvJp1Ge9TjAy810aTTtmGW8YjlieX7xM
V0OtfEEyVHL41njXZhtELgBLTbFd0EyEfPz7+QmAtE8+5/KH9I8cVhJaiNBE2fyi
6p7WLzft5+jM/fMRxnAD0LsNi/Jgaw/b5ItCwHYQa5FaRlSirm95rW69qAtLmzgv
4xriQ8+dg75pMrd/+17MFPbRJsjpkywc9nDBxvW//qthHf9ItFnxaiwOYumtpObU
/irGMz2omf7s8oj1O5leJrNIvAQozvXr+MG1q63N4w9f6xw9+e4=
-----END CERTIFICATE-----
Generated at Sat Jun 21 15:29:30 2025 by rpki-client