Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/GIimNb_9i7FJkQeWTFWr_MDCJsw.roa
File: GIimNb_9i7FJkQeWTFWr_MDCJsw.roa (raw, json)
Hash identifier: sFShfXSeZv7a5ec3ZysQE+FBlAp1lcWEgu2MU5bij28=
Subject key identifier: 18:88:A6:35:BF:FD:8B:B1:49:91:07:96:4C:55:AB:FC:C0:C2:26:CC
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 093D
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/GIimNb_9i7FJkQeWTFWr_MDCJsw.roa
Signing time: Mon 19 May 2025 09:38:10 +0000
ROA not before: Mon 19 May 2025 09:38:10 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2365 (0x93d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 19 09:38:10 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=1888A635BFFD8BB1499107964C55ABFCC0C226CC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:99:48:9f:92:9a:1f:08:72:4b:ed:e8:16:37:
eb:8b:38:e6:35:2c:2d:03:1b:91:aa:79:94:bf:2e:
30:67:81:9f:ea:15:1e:ed:a6:c1:9f:3d:27:f9:af:
6f:76:29:86:b8:ae:0b:bc:9b:0d:ee:77:41:a1:66:
41:fa:4b:be:35:4d:f2:0c:c0:c8:fb:3a:88:8d:76:
66:77:af:c1:fd:90:88:a8:40:45:5e:57:92:f7:8e:
4f:eb:2b:63:cc:8b:f1:47:84:28:b0:28:16:bd:18:
c9:31:10:64:ba:a7:c9:3c:11:e5:21:94:a4:f9:a0:
a0:85:d0:ba:08:74:3a:45:c3:4a:e2:18:6e:cf:85:
bc:d2:32:f4:d5:a1:64:fc:18:5a:df:29:a6:69:72:
4a:84:a8:cd:5b:96:15:7a:2c:b0:39:1c:21:1d:28:
ea:00:5a:db:c4:50:0c:5d:9b:b8:a6:37:98:b1:5c:
10:0d:3c:88:55:da:3b:9d:97:18:2d:b4:81:e8:8a:
10:93:4a:37:2f:96:83:2c:fa:1c:2d:8f:96:10:35:
17:0d:16:97:92:5d:ca:58:53:01:97:fc:f2:27:c7:
be:1b:97:6a:0c:8d:7c:0c:08:1f:fd:08:4d:8f:15:
de:6b:f2:c8:e6:4a:e7:97:f2:d3:a4:4c:5e:15:f6:
0a:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:88:A6:35:BF:FD:8B:B1:49:91:07:96:4C:55:AB:FC:C0:C2:26:CC
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/GIimNb_9i7FJkQeWTFWr_MDCJsw.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
6b:19:7d:21:01:e5:6f:e2:5b:36:a2:6c:a7:38:f5:5b:46:81:
bb:e3:75:62:fc:e4:94:cb:2c:8d:7d:ef:97:cc:02:32:24:dd:
37:6e:95:9e:fa:dc:66:2c:6b:29:74:79:a1:8a:e8:fb:51:23:
13:fd:1a:4f:91:15:35:37:bb:1b:a4:21:af:dd:79:fa:52:1a:
ee:46:33:37:59:ff:19:08:e3:86:36:b6:b6:e0:e1:2f:31:1b:
12:c8:da:91:70:bc:d6:41:b0:cc:45:bb:12:fb:66:cc:6f:01:
2a:55:25:a5:25:0d:8d:e1:bb:1a:97:49:15:92:bf:9d:d4:79:
e5:be:18:03:25:79:c8:6d:e0:49:eb:34:32:70:09:36:b9:8b:
7b:e1:15:2e:0f:f4:34:b1:e6:4b:74:29:3a:6b:cb:c1:83:4a:
29:b2:df:b7:55:12:b5:bd:35:61:97:51:a0:d3:be:f7:4c:31:
e1:5b:6e:9b:36:4e:57:4a:ab:62:0a:9f:1b:c5:94:19:71:15:
66:c5:59:27:8f:db:58:a4:db:9d:03:f5:3c:12:17:f6:fb:fb:
6b:80:c9:dc:1d:a2:e1:c4:11:6f:3d:15:c2:e3:31:1e:d8:7c:
02:3f:c0:49:b3:2e:cb:74:7d:45:34:14:94:82:d3:2b:ef:ba:
ca:82:39:89
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICCT0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTkw
OTM4MTBaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDE4ODhBNjM1QkZGRDhC
QjE0OTkxMDc5NjRDNTVBQkZDQzBDMjI2Q0MwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDHmUifkpofCHJL7egWN+uLOOY1LC0DG5GqeZS/LjBngZ/qFR7t
psGfPSf5r292KYa4rgu8mw3ud0GhZkH6S741TfIMwMj7OoiNdmZ3r8H9kIioQEVe
V5L3jk/rK2PMi/FHhCiwKBa9GMkxEGS6p8k8EeUhlKT5oKCF0LoIdDpFw0riGG7P
hbzSMvTVoWT8GFrfKaZpckqEqM1blhV6LLA5HCEdKOoAWtvEUAxdm7imN5ixXBAN
PIhV2judlxgttIHoihCTSjcvloMs+hwtj5YQNRcNFpeSXcpYUwGX/PInx74bl2oM
jXwMCB/9CE2PFd5r8sjmSueX8tOkTF4V9grnAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUGIimNb/9i7FJkQeWTFWr/MDCJswwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9HSWltTmJfOWk3RkprUWVX
VEZXcl9NRENKc3cucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBAGsZfSEB5W/iWzaibKc49VtGgbvjdWL85JTL
LI1975fMAjIk3TdulZ763GYsayl0eaGK6PtRIxP9Gk+RFTU3uxukIa/defpSGu5G
MzdZ/xkI44Y2trbg4S8xGxLI2pFwvNZBsMxFuxL7ZsxvASpVJaUlDY3huxqXSRWS
v53UeeW+GAMlecht4EnrNDJwCTa5i3vhFS4P9DSx5kt0KTpry8GDSimy37dVErW9
NWGXUaDTvvdMMeFbbps2TldKq2IKnxvFlBlxFWbFWSeP21ik250D9TwSF/b7+2uA
ydwdouHEEW89FcLjMR7YfAI/wEmzLst0fUU0FJSC0yvvusqCOYk=
-----END CERTIFICATE-----
Generated at Sat Jun 21 20:24:00 2025 by rpki-client