Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/HAfw79rixe9LC2eZaoEvx6-nE1M.roa
File: HAfw79rixe9LC2eZaoEvx6-nE1M.roa (raw, json)
Hash identifier: wiWwCd1pssJvXEgecgIogxFilxwZuSl8xQ5edttcR1M=
Subject key identifier: 1C:07:F0:EF:DA:E2:C5:EF:4B:0B:67:99:6A:81:2F:C7:AF:A7:13:53
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0C55
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/HAfw79rixe9LC2eZaoEvx6-nE1M.roa
Signing time: Fri 23 May 2025 12:38:26 +0000
ROA not before: Fri 23 May 2025 12:38:26 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3157 (0xc55)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 23 12:38:26 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=1C07F0EFDAE2C5EF4B0B67996A812FC7AFA71353
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:08:9f:0c:05:b0:a6:e2:01:35:a8:24:b3:f2:
98:73:ff:25:ef:96:96:8e:37:99:5f:ca:a7:db:70:
c0:cd:9b:23:80:0a:68:6f:11:72:43:b0:3d:65:8e:
56:6b:17:e7:09:9d:50:d6:68:0c:70:f9:9b:0c:20:
33:4a:d8:44:2e:81:29:40:1f:61:ca:e9:8d:75:df:
ac:e8:dd:0e:b7:86:43:e8:e7:3e:15:41:9e:af:97:
ad:87:0f:78:a5:c1:05:11:57:3c:17:99:e5:8b:14:
64:21:97:4f:f7:c7:e6:c4:09:55:5b:49:b9:f4:5a:
bd:84:f0:73:28:dc:85:49:eb:13:9e:c4:66:5b:66:
f9:ad:cc:82:47:d0:8f:e5:46:5d:52:94:34:18:78:
65:f8:1d:61:04:4b:a5:dd:0e:56:f2:3d:83:72:5c:
e1:fc:28:98:e3:17:2b:5d:8c:27:9d:e9:ab:f2:87:
a3:a7:2b:bf:2f:b0:ed:ef:0f:ea:43:fa:da:af:b5:
d8:58:3f:fa:0e:c6:98:b9:40:bc:d3:01:77:ae:5d:
f9:b7:2a:cc:2c:65:7a:5c:71:a5:03:56:d5:d0:a3:
56:e7:2d:df:1c:ad:c1:64:c3:ca:cf:82:40:90:9f:
b9:99:28:33:57:3f:be:a6:4d:15:62:43:c2:2a:b9:
99:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:07:F0:EF:DA:E2:C5:EF:4B:0B:67:99:6A:81:2F:C7:AF:A7:13:53
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/HAfw79rixe9LC2eZaoEvx6-nE1M.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
1d:13:61:e8:c8:f3:f8:67:6a:61:70:7e:ee:92:ee:59:83:a9:
52:85:b4:77:dc:e8:d1:a6:57:70:bb:d2:29:e2:94:8f:8e:fc:
62:85:13:03:03:c3:16:c8:cb:64:66:19:3f:61:b7:e5:e3:42:
e0:15:af:62:6b:36:36:54:11:cd:b5:dc:4d:44:8b:2e:43:dd:
ed:9c:64:1e:af:c5:51:27:e1:19:6a:9f:6f:2d:ac:8c:b7:5c:
d6:4a:70:a9:c4:84:83:5e:dc:21:44:e9:57:eb:20:52:cc:c0:
b1:aa:82:bb:37:74:81:bf:e6:ce:5e:e9:ed:f3:b9:aa:76:30:
7e:dd:31:e1:3a:e5:6c:ec:a9:02:d1:31:5c:42:92:4b:0d:39:
78:44:18:76:65:69:41:b9:24:c5:6f:f3:fa:56:e3:2b:7b:97:
63:ea:79:68:bb:48:66:db:aa:fc:ba:b6:8f:e8:7c:e0:7b:60:
83:9f:0a:01:34:4d:ea:d5:2d:83:16:e7:c7:0c:03:b5:d0:67:
cc:56:99:0c:9a:d2:80:f9:8e:b7:f3:33:9d:80:52:27:3b:35:
cf:6c:a2:c0:8c:ca:f4:62:20:3d:e3:49:66:be:70:df:c1:7c:
50:2f:d2:e4:13:c6:0f:f0:03:c7:92:b4:f7:9d:e4:77:1f:ce:
01:ea:39:16
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICDFUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MjMx
MjM4MjZaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDFDMDdGMEVGREFFMkM1
RUY0QjBCNjc5OTZBODEyRkM3QUZBNzEzNTMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDhCJ8MBbCm4gE1qCSz8phz/yXvlpaON5lfyqfbcMDNmyOACmhv
EXJDsD1ljlZrF+cJnVDWaAxw+ZsMIDNK2EQugSlAH2HK6Y1136zo3Q63hkPo5z4V
QZ6vl62HD3ilwQURVzwXmeWLFGQhl0/3x+bECVVbSbn0Wr2E8HMo3IVJ6xOexGZb
ZvmtzIJH0I/lRl1SlDQYeGX4HWEES6XdDlbyPYNyXOH8KJjjFytdjCed6avyh6On
K78vsO3vD+pD+tqvtdhYP/oOxpi5QLzTAXeuXfm3KswsZXpccaUDVtXQo1bnLd8c
rcFkw8rPgkCQn7mZKDNXP76mTRViQ8IquZkJAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUHAfw79rixe9LC2eZaoEvx6+nE1MwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9IQWZ3NzlyaXhlOUxDMmVa
YW9Fdng2LW5FMU0ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBAB0TYejI8/hnamFwfu6S7lmDqVKFtHfc6NGm
V3C70inilI+O/GKFEwMDwxbIy2RmGT9ht+XjQuAVr2JrNjZUEc213E1Eiy5D3e2c
ZB6vxVEn4Rlqn28trIy3XNZKcKnEhINe3CFE6VfrIFLMwLGqgrs3dIG/5s5e6e3z
uap2MH7dMeE65WzsqQLRMVxCkksNOXhEGHZlaUG5JMVv8/pW4yt7l2PqeWi7SGbb
qvy6to/ofOB7YIOfCgE0TerVLYMW58cMA7XQZ8xWmQya0oD5jrfzM52AUic7Nc9s
osCMyvRiID3jSWa+cN/BfFAv0uQTxg/wA8eStPed5HcfzgHqORY=
-----END CERTIFICATE-----
Generated at Sat Jun 21 18:35:09 2025 by rpki-client