Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/S3UjcBCRN2G9giv0xj7vsb9fgpM.roa
File: S3UjcBCRN2G9giv0xj7vsb9fgpM.roa (raw, json)
Hash identifier: S84xfQyCmn3hyO6MDAPTnLS/YoElbz8JAM/gyzsMbNo=
Subject key identifier: 4B:75:23:70:10:91:37:61:BD:82:2B:F4:C6:3E:EF:B1:BF:5F:82:93
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0865
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/S3UjcBCRN2G9giv0xj7vsb9fgpM.roa
Signing time: Sun 18 May 2025 06:38:09 +0000
ROA not before: Sun 18 May 2025 06:38:09 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2149 (0x865)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 18 06:38:09 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=4B75237010913761BD822BF4C63EEFB1BF5F8293
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:ee:b5:82:23:db:ce:35:af:eb:b6:80:d7:73:
dc:ca:a0:61:b2:d1:5a:5d:cb:1f:5d:c7:a4:7b:b9:
46:0b:ce:89:59:68:72:8d:fe:6a:95:68:69:93:cf:
bb:c3:4c:de:97:f1:61:10:42:1e:81:17:bc:a5:7a:
04:0e:f7:44:b6:05:99:72:27:a6:6a:01:18:85:d0:
d3:75:35:38:aa:32:19:b3:fa:df:1a:a2:08:0a:82:
48:e1:b0:25:2e:b1:fc:9f:18:19:cd:9f:a0:d8:c1:
f6:24:4a:e3:6e:8d:4f:15:de:b3:b1:63:37:cf:1a:
93:93:a4:9e:63:34:12:b3:29:8f:8f:ba:df:c1:13:
05:cd:49:1d:bd:9d:64:17:3f:9e:9d:97:d4:0e:16:
21:9a:2e:cb:e9:e2:cb:3a:22:71:51:28:50:95:21:
95:8f:6c:df:f1:0c:0a:bb:a0:66:a9:4a:e9:0d:e1:
44:fe:33:6d:e4:e8:cb:df:48:fa:8d:6f:a7:eb:3f:
72:9a:44:f5:ff:b3:fb:39:e7:6a:54:28:da:5f:39:
3a:13:9e:86:67:83:b6:9f:a6:87:59:ee:68:3e:8a:
86:41:b7:da:98:49:34:3c:15:7d:59:9c:02:e2:c5:
59:2d:b0:b2:54:ba:41:68:ca:e6:aa:62:33:07:88:
75:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:75:23:70:10:91:37:61:BD:82:2B:F4:C6:3E:EF:B1:BF:5F:82:93
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/S3UjcBCRN2G9giv0xj7vsb9fgpM.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
06:fd:80:73:36:56:e7:a6:76:9a:f2:14:34:4f:c3:71:d7:f9:
ce:51:10:99:85:16:55:9f:95:8c:e3:78:01:0b:25:7b:86:1e:
6e:4c:93:72:ea:09:da:fd:b9:b0:d6:04:82:f8:b8:2e:b3:3d:
d9:50:35:af:57:17:63:b9:c3:a4:ba:95:aa:41:b0:b0:ad:15:
3c:d5:14:b4:ab:ff:34:c6:24:cf:c0:36:99:2b:08:3b:f5:61:
2d:27:8d:c8:27:f0:15:62:0c:37:d1:19:d8:42:38:8e:50:cd:
ce:91:fd:6f:25:be:86:eb:93:d0:23:5b:5f:f4:b0:0e:b5:ac:
c1:0f:14:d1:74:f8:3c:4d:dc:bf:1b:02:a7:b1:86:6a:cb:a7:
6c:2a:a5:64:18:46:3c:ed:88:9c:a4:a8:ed:af:32:09:19:fd:
48:60:f6:75:ab:d0:7a:db:e8:a5:1d:44:c7:0f:f6:8b:82:1f:
06:47:8d:6c:dd:8d:cd:28:6f:b3:ff:27:86:e6:1c:0c:11:67:
8e:d2:9e:cc:12:09:fa:70:80:9a:09:9f:de:a8:5b:a3:5b:68:
3d:54:b4:42:9c:5a:1f:6a:00:22:fe:90:b8:57:77:db:2a:fc:
98:31:45:e2:10:0f:47:f7:42:9c:d1:4f:97:2c:4c:32:3c:5a:
22:56:8a:57
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICCGUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTgw
NjM4MDlaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDRCNzUyMzcwMTA5MTM3
NjFCRDgyMkJGNEM2M0VFRkIxQkY1RjgyOTMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCw7rWCI9vONa/rtoDXc9zKoGGy0Vpdyx9dx6R7uUYLzolZaHKN
/mqVaGmTz7vDTN6X8WEQQh6BF7ylegQO90S2BZlyJ6ZqARiF0NN1NTiqMhmz+t8a
oggKgkjhsCUusfyfGBnNn6DYwfYkSuNujU8V3rOxYzfPGpOTpJ5jNBKzKY+Put/B
EwXNSR29nWQXP56dl9QOFiGaLsvp4ss6InFRKFCVIZWPbN/xDAq7oGapSukN4UT+
M23k6MvfSPqNb6frP3KaRPX/s/s552pUKNpfOToTnoZng7afpodZ7mg+ioZBt9qY
STQ8FX1ZnALixVktsLJUukFoyuaqYjMHiHVfAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUS3UjcBCRN2G9giv0xj7vsb9fgpMwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9TM1VqY0JDUk4yRzlnaXYw
eGo3dnNiOWZncE0ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBAAb9gHM2VuemdpryFDRPw3HX+c5REJmFFlWf
lYzjeAELJXuGHm5Mk3LqCdr9ubDWBIL4uC6zPdlQNa9XF2O5w6S6lapBsLCtFTzV
FLSr/zTGJM/ANpkrCDv1YS0njcgn8BViDDfRGdhCOI5Qzc6R/W8lvobrk9AjW1/0
sA61rMEPFNF0+DxN3L8bAqexhmrLp2wqpWQYRjztiJykqO2vMgkZ/Uhg9nWr0Hrb
6KUdRMcP9ouCHwZHjWzdjc0ob7P/J4bmHAwRZ47SnswSCfpwgJoJn96oW6NbaD1U
tEKcWh9qACL+kLhXd9sq/JgxReIQD0f3QpzRT5csTDI8WiJWilc=
-----END CERTIFICATE-----
Generated at Sat Jun 21 01:54:49 2025 by rpki-client