Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/VsTe8JsoJ3yX0fFi2ZZAfK8ZRao.roa
File: VsTe8JsoJ3yX0fFi2ZZAfK8ZRao.roa (raw, json)
Hash identifier: qBNZ81n0A10XXFFk8OzXUTa8wrr0xCXohsXY4SFE55I=
Subject key identifier: 56:C4:DE:F0:9B:28:27:7C:97:D1:F1:62:D9:96:40:7C:AF:19:45:AA
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 038D
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/VsTe8JsoJ3yX0fFi2ZZAfK8ZRao.roa
Signing time: Sun 11 May 2025 19:37:55 +0000
ROA not before: Sun 11 May 2025 19:37:55 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 909 (0x38d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 11 19:37:55 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=56C4DEF09B28277C97D1F162D996407CAF1945AA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:d1:62:7e:b7:23:ff:11:c2:a9:4c:b1:d8:a2:
17:56:94:e1:5a:7c:ce:a2:a3:f9:81:cd:60:30:03:
3a:f0:3f:ed:96:75:95:fd:ad:8b:d0:2a:ff:cf:60:
db:20:9d:46:ad:fb:55:0f:95:3e:81:7c:71:90:08:
9c:99:75:0c:af:14:05:ee:38:ba:2e:8d:bb:a7:70:
07:d4:31:ce:ae:1b:28:27:34:f6:ce:1d:bd:19:a2:
1b:cf:28:72:1d:7b:a1:f7:13:68:30:7c:b0:f7:2f:
40:18:1b:dc:70:1b:95:d4:4d:12:67:ea:fa:9f:f2:
97:69:f0:0c:33:ae:3b:63:a6:fc:b0:64:f1:31:26:
d5:9b:a8:94:25:3f:59:89:e9:ec:00:c2:01:c1:fa:
57:c5:2a:fe:80:f1:3f:50:b7:bd:2e:de:ae:cd:2b:
68:8a:a4:f3:d7:77:fc:dc:f6:ca:55:62:cb:9a:1c:
c6:dd:6a:08:0b:86:fb:73:98:ee:da:c9:f7:5c:78:
09:2b:b6:d4:06:5c:cf:35:f4:03:a3:f3:a7:8e:df:
18:20:34:32:ea:aa:d2:f9:83:ad:f0:af:5e:b3:a7:
86:99:d6:07:35:bc:f3:30:76:f1:79:31:f0:23:f2:
6d:8d:f4:7b:20:6b:7c:54:ee:dc:aa:a0:77:f3:38:
30:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:C4:DE:F0:9B:28:27:7C:97:D1:F1:62:D9:96:40:7C:AF:19:45:AA
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/VsTe8JsoJ3yX0fFi2ZZAfK8ZRao.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
aa:5d:46:49:75:a2:e4:16:91:90:2f:57:3c:f1:8d:6d:eb:f8:
ec:86:bc:b6:bc:14:cb:62:0f:e8:1f:03:f6:06:16:de:cf:c4:
da:1a:24:97:ca:c2:c8:26:55:14:8a:03:5e:12:48:76:b4:49:
bc:33:7b:6b:70:4a:9a:aa:ac:ac:74:3e:e7:87:bc:4e:19:b6:
16:29:cd:96:20:20:c8:19:c0:20:ba:c3:a3:27:c9:f0:38:cb:
b1:9d:f7:26:0d:e5:68:ca:68:66:24:d7:f7:60:e8:6f:0a:80:
bc:8e:d7:89:fe:2f:94:62:ae:46:3d:e7:a7:5b:42:05:24:70:
da:36:f4:1c:81:0c:91:86:f8:d6:ff:7e:38:c3:15:32:27:1c:
f6:d7:ce:75:06:85:f0:7a:5f:7a:68:e0:88:58:29:2e:0d:d1:
3b:96:3f:21:13:5c:89:74:c9:3f:82:0c:99:9e:f7:8a:7a:1c:
9f:fc:41:94:6c:3f:25:e7:c7:2f:db:60:d1:9e:2b:76:ab:82:
7f:4d:a0:b3:02:27:6a:11:dc:16:cd:a3:92:b4:44:52:5a:32:
88:f7:4c:6a:f1:b2:93:62:d5:1b:8b:10:b6:45:1f:70:a7:5f:
83:ce:ff:71:46:4f:1b:95:fc:d1:7a:1d:a1:39:c1:09:43:c0:
46:8e:d3:5b
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICA40wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTEx
OTM3NTVaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDU2QzRERUYwOUIyODI3
N0M5N0QxRjE2MkQ5OTY0MDdDQUYxOTQ1QUEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCv0WJ+tyP/EcKpTLHYohdWlOFafM6io/mBzWAwAzrwP+2WdZX9
rYvQKv/PYNsgnUat+1UPlT6BfHGQCJyZdQyvFAXuOLoujbuncAfUMc6uGygnNPbO
Hb0ZohvPKHIde6H3E2gwfLD3L0AYG9xwG5XUTRJn6vqf8pdp8AwzrjtjpvywZPEx
JtWbqJQlP1mJ6ewAwgHB+lfFKv6A8T9Qt70u3q7NK2iKpPPXd/zc9spVYsuaHMbd
aggLhvtzmO7ayfdceAkrttQGXM819AOj86eO3xggNDLqqtL5g63wr16zp4aZ1gc1
vPMwdvF5MfAj8m2N9Hsga3xU7tyqoHfzODCxAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUVsTe8JsoJ3yX0fFi2ZZAfK8ZRaowHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9Wc1RlOEpzb0ozeVgwZkZp
MlpaQWZLOFpSYW8ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBAKpdRkl1ouQWkZAvVzzxjW3r+OyGvLa8FMti
D+gfA/YGFt7PxNoaJJfKwsgmVRSKA14SSHa0Sbwze2twSpqqrKx0PueHvE4ZthYp
zZYgIMgZwCC6w6MnyfA4y7Gd9yYN5WjKaGYk1/dg6G8KgLyO14n+L5RirkY956db
QgUkcNo29ByBDJGG+Nb/fjjDFTInHPbXznUGhfB6X3po4IhYKS4N0TuWPyETXIl0
yT+CDJme94p6HJ/8QZRsPyXnxy/bYNGeK3argn9NoLMCJ2oR3BbNo5K0RFJaMoj3
TGrxspNi1RuLELZFH3CnX4PO/3FGTxuV/NF6HaE5wQlDwEaO01s=
-----END CERTIFICATE-----
Generated at Sat Jun 21 02:34:03 2025 by rpki-client