Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/IdVXKfBXybss7jRDndiESgo8kyw.roa
File: IdVXKfBXybss7jRDndiESgo8kyw.roa (raw, json)
Hash identifier: 4hWBe6oqDXg2+jzBmMq7P4n97BSjCFm/sai9qF/kkXQ=
Subject key identifier: 21:D5:57:29:F0:57:C9:BB:2C:EE:34:43:9D:D8:84:4A:0A:3C:93:2C
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: BD
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/IdVXKfBXybss7jRDndiESgo8kyw.roa
Signing time: Thu 08 May 2025 02:23:58 +0000
ROA not before: Thu 08 May 2025 02:23:58 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 189 (0xbd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 8 02:23:58 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=21D55729F057C9BB2CEE34439DD8844A0A3C932C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:b9:12:b5:f7:38:0a:f0:da:ae:03:70:a9:6b:
ad:87:31:a0:60:07:93:7a:67:6e:54:3d:a8:a4:fb:
87:b9:49:c6:19:f3:27:6b:04:ec:5f:30:c4:32:52:
23:e3:4c:c1:45:5b:cf:8b:59:0d:b7:b5:a3:52:6e:
b1:c4:9c:d6:8a:3b:a4:1a:2a:52:a3:1b:4a:f1:93:
c4:bd:33:3c:80:f8:4e:13:9b:8f:eb:84:e2:9d:d4:
88:9d:69:34:80:db:f5:06:6a:2f:a7:57:18:a3:89:
cc:25:72:e2:17:82:65:c0:99:f3:0e:4d:e5:4c:b6:
9e:4a:1e:d2:91:b6:97:c7:b9:c1:6f:72:14:37:a7:
e2:5b:e8:bb:78:76:23:0d:72:8d:04:17:d4:dc:ee:
b6:61:7a:51:20:f5:77:ff:98:ac:a4:19:da:07:c4:
8a:d9:e1:a9:c4:1d:75:87:f7:bc:a0:6a:80:66:83:
20:c8:5b:f1:d8:78:39:58:46:54:bb:0e:b6:8c:76:
92:66:fd:a4:b2:56:69:0e:55:1c:3c:8c:65:c6:38:
77:23:49:6f:43:ae:b1:6c:b5:27:5e:8a:27:40:b1:
f4:91:b1:ae:6e:45:fe:d4:7d:6e:75:0b:5f:22:5c:
40:ab:a5:9c:8a:5d:39:ff:f4:3c:76:9f:8c:cb:7b:
de:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:D5:57:29:F0:57:C9:BB:2C:EE:34:43:9D:D8:84:4A:0A:3C:93:2C
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/IdVXKfBXybss7jRDndiESgo8kyw.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
87:ef:9c:c5:b3:9d:88:82:92:1d:c1:fc:8d:64:28:bf:49:32:
23:19:88:5e:ce:b6:f1:ee:7a:bf:02:fe:0e:d1:8f:4a:82:76:
35:f2:ac:6d:08:f8:10:d9:8d:d2:52:eb:28:dc:38:f4:76:4c:
3c:f9:5d:47:54:95:77:75:2a:15:2b:09:61:b3:e9:34:e1:d9:
16:10:f8:5e:50:4f:d7:4b:bf:42:2b:d7:51:58:10:b4:87:bc:
e4:9d:a6:46:73:30:5d:24:f6:c2:17:24:70:e4:e1:e3:dd:62:
d7:4c:72:bb:45:74:2b:92:75:e4:06:49:b5:92:a2:4f:c9:29:
97:bd:e0:29:a5:6f:74:4c:79:c6:68:99:2b:c8:9f:05:03:41:
70:72:df:88:d2:1d:5c:2f:86:4b:43:88:22:fa:b9:91:97:6c:
55:81:25:df:a4:58:21:54:e7:1b:df:6b:30:eb:de:a4:c3:a1:
a7:89:10:df:b0:18:cd:62:56:92:25:78:b3:e8:b0:13:e9:5b:
c2:85:99:6f:b8:52:a1:bc:9b:3a:73:33:25:03:20:3b:29:ad:
c6:4f:fb:2f:35:f9:1b:19:2f:18:1e:78:34:7a:d3:5d:ee:59:
6e:0d:29:a1:67:a4:12:0d:f7:0f:3d:2c:ac:75:34:c4:a9:19:
44:5f:b8:38
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICAL0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MDgw
MjIzNThaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDIxRDU1NzI5RjA1N0M5
QkIyQ0VFMzQ0MzlERDg4NDRBMEEzQzkzMkMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDKuRK19zgK8NquA3Cpa62HMaBgB5N6Z25UPaik+4e5ScYZ8ydr
BOxfMMQyUiPjTMFFW8+LWQ23taNSbrHEnNaKO6QaKlKjG0rxk8S9MzyA+E4Tm4/r
hOKd1IidaTSA2/UGai+nVxijicwlcuIXgmXAmfMOTeVMtp5KHtKRtpfHucFvchQ3
p+Jb6Lt4diMNco0EF9Tc7rZhelEg9Xf/mKykGdoHxIrZ4anEHXWH97ygaoBmgyDI
W/HYeDlYRlS7DraMdpJm/aSyVmkOVRw8jGXGOHcjSW9DrrFstSdeiidAsfSRsa5u
Rf7UfW51C18iXECrpZyKXTn/9Dx2n4zLe941AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUIdVXKfBXybss7jRDndiESgo8kywwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9JZFZYS2ZCWHlic3M3alJE
bmRpRVNnbzhreXcucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBAIfvnMWznYiCkh3B/I1kKL9JMiMZiF7OtvHu
er8C/g7Rj0qCdjXyrG0I+BDZjdJS6yjcOPR2TDz5XUdUlXd1KhUrCWGz6TTh2RYQ
+F5QT9dLv0Ir11FYELSHvOSdpkZzMF0k9sIXJHDk4ePdYtdMcrtFdCuSdeQGSbWS
ok/JKZe94Cmlb3RMecZomSvInwUDQXBy34jSHVwvhktDiCL6uZGXbFWBJd+kWCFU
5xvfazDr3qTDoaeJEN+wGM1iVpIleLPosBPpW8KFmW+4UqG8mzpzMyUDIDsprcZP
+y81+RsZLxgeeDR6013uWW4NKaFnpBIN9w89LKx1NMSpGURfuDg=
-----END CERTIFICATE-----
Generated at Sat Jun 21 23:28:23 2025 by rpki-client