Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/VGeLon2l-J5VuqrDagU_2htZUkY.roa
File: VGeLon2l-J5VuqrDagU_2htZUkY.roa (raw, json)
Hash identifier: kZW0t4pXh2/ajd3m0sBtPYxkjs/I3V5E9hVhEjT3lMk=
Subject key identifier: 54:67:8B:A2:7D:A5:F8:9E:55:BA:AA:C3:6A:05:3F:DA:1B:59:52:46
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0C9D
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/VGeLon2l-J5VuqrDagU_2htZUkY.roa
Signing time: Fri 23 May 2025 21:38:32 +0000
ROA not before: Fri 23 May 2025 21:38:32 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3229 (0xc9d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 23 21:38:32 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=54678BA27DA5F89E55BAAAC36A053FDA1B595246
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:1c:90:6a:33:c1:45:69:d2:d5:b1:8e:4f:cd:
d5:b2:f2:92:91:fc:10:7b:d5:b1:d9:61:dc:a6:31:
41:f5:20:1f:72:c0:6b:75:15:fb:97:9e:6a:7a:19:
a3:07:82:2b:23:2d:33:cc:9a:5f:5a:05:be:be:6e:
98:2a:20:e9:88:9c:cc:90:a5:2f:e0:f3:6b:69:46:
e5:fc:9c:86:57:24:da:52:c3:38:38:5c:cc:24:2a:
4e:94:5b:1b:1a:94:2a:80:a8:1b:a9:49:c2:73:bc:
fb:a5:10:bf:ea:06:df:ce:5e:b4:75:70:60:5e:be:
ef:ef:c7:e5:07:60:e6:7f:55:6b:fb:b8:bb:df:c4:
1d:0d:dc:8e:7f:c6:aa:b3:20:3b:da:2e:23:e6:06:
ee:11:a5:23:52:3b:91:54:f4:78:dc:d5:db:be:7c:
e5:04:2c:af:cc:81:a5:d7:9f:7f:9d:86:ed:35:f6:
ff:16:97:cf:6f:39:63:96:ad:cf:b9:56:1d:79:1a:
c4:be:c9:d9:da:67:d0:87:31:b2:3b:7f:18:61:79:
68:ae:4c:6d:17:eb:f5:a1:30:3b:39:b3:20:ac:71:
c1:e5:84:f3:b0:13:ce:c4:7e:3d:8d:e0:a0:e6:73:
a3:4a:a2:82:03:0b:cc:8d:99:24:fb:76:3f:80:41:
9a:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:67:8B:A2:7D:A5:F8:9E:55:BA:AA:C3:6A:05:3F:DA:1B:59:52:46
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/VGeLon2l-J5VuqrDagU_2htZUkY.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
91:10:a8:a5:cd:ad:50:57:57:cf:13:62:30:65:e3:fb:01:94:
10:49:13:0e:fe:ea:fe:6c:55:95:90:f5:16:df:0d:a9:b9:09:
4e:80:dc:70:e3:33:4a:02:47:9c:9c:e4:95:9a:2e:7a:ad:ba:
2d:27:1e:78:6b:27:a2:c9:dd:76:49:29:52:ad:c8:1f:87:82:
4b:6d:81:be:06:be:c5:82:2a:42:93:e2:8a:cd:af:02:7b:ca:
14:72:07:d2:fd:35:17:7e:c8:b3:99:65:ab:8b:1c:1d:6a:df:
b6:b8:24:61:73:40:27:1b:cc:f4:6b:70:65:73:97:66:46:f1:
81:35:7b:16:dc:42:f7:d7:02:51:b1:93:d2:b5:ba:66:24:88:
13:1d:8c:ce:4a:4b:be:42:e2:90:58:bb:47:79:1d:f7:80:6d:
23:f8:cc:f9:85:a1:90:ac:c1:d0:90:01:08:92:3b:da:d9:e1:
b3:f1:bc:53:d0:c8:a7:46:02:16:a2:c8:38:19:02:55:86:71:
82:bd:96:64:89:07:e0:6d:96:e3:f1:c3:48:f1:88:9f:f7:ef:
59:55:d4:6f:ea:52:5d:24:31:9b:f4:d3:af:a0:fc:52:f1:e4:
39:21:ca:ce:d3:1b:a8:4b:48:05:6e:9a:80:f3:f8:a0:91:82:
de:ca:cd:38
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICDJ0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MjMy
MTM4MzJaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDU0Njc4QkEyN0RBNUY4
OUU1NUJBQUFDMzZBMDUzRkRBMUI1OTUyNDYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDXHJBqM8FFadLVsY5PzdWy8pKR/BB71bHZYdymMUH1IB9ywGt1
FfuXnmp6GaMHgisjLTPMml9aBb6+bpgqIOmInMyQpS/g82tpRuX8nIZXJNpSwzg4
XMwkKk6UWxsalCqAqBupScJzvPulEL/qBt/OXrR1cGBevu/vx+UHYOZ/VWv7uLvf
xB0N3I5/xqqzIDvaLiPmBu4RpSNSO5FU9Hjc1du+fOUELK/MgaXXn3+dhu019v8W
l89vOWOWrc+5Vh15GsS+ydnaZ9CHMbI7fxhheWiuTG0X6/WhMDs5syCsccHlhPOw
E87Efj2N4KDmc6NKooIDC8yNmST7dj+AQZq9AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUVGeLon2l+J5VuqrDagU/2htZUkYwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9WR2VMb24ybC1KNVZ1cXJE
YWdVXzJodFpVa1kucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBAJEQqKXNrVBXV88TYjBl4/sBlBBJEw7+6v5s
VZWQ9RbfDam5CU6A3HDjM0oCR5yc5JWaLnqtui0nHnhrJ6LJ3XZJKVKtyB+Hgktt
gb4GvsWCKkKT4orNrwJ7yhRyB9L9NRd+yLOZZauLHB1q37a4JGFzQCcbzPRrcGVz
l2ZG8YE1exbcQvfXAlGxk9K1umYkiBMdjM5KS75C4pBYu0d5HfeAbSP4zPmFoZCs
wdCQAQiSO9rZ4bPxvFPQyKdGAhaiyDgZAlWGcYK9lmSJB+BtluPxw0jxiJ/371lV
1G/qUl0kMZv006+g/FLx5Dkhys7TG6hLSAVumoDz+KCRgt7KzTg=
-----END CERTIFICATE-----
Generated at Sat Jun 21 18:32:41 2025 by rpki-client