Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/XMad0ggOMGzmpCGDyO3L4c9zweU.roa
File: XMad0ggOMGzmpCGDyO3L4c9zweU.roa (raw, json)
Hash identifier: J4njT4kljWGW61dnd1jUvZZhq/bXhJ4FnmRYR/rC/J0=
Subject key identifier: 5C:C6:9D:D2:08:0E:30:6C:E6:A4:21:83:C8:ED:CB:E1:CF:73:C1:E5
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 08CD
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/XMad0ggOMGzmpCGDyO3L4c9zweU.roa
Signing time: Sun 18 May 2025 19:38:11 +0000
ROA not before: Sun 18 May 2025 19:38:11 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2253 (0x8cd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 18 19:38:11 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=5CC69DD2080E306CE6A42183C8EDCBE1CF73C1E5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:05:c5:6c:d3:40:2b:b4:da:58:fc:4d:05:6b:
c0:d1:7c:83:13:4d:5a:c2:45:b6:38:02:00:13:e3:
69:74:15:85:6f:55:be:fd:d3:ea:8d:b0:d4:63:64:
58:03:89:0e:fd:af:f0:22:83:1e:a5:5f:5a:71:b2:
a0:71:64:de:fe:e2:e0:f1:39:a7:2c:cd:f0:76:26:
07:58:6e:69:50:1a:e7:ad:1f:c9:16:5b:9b:6e:74:
a2:d9:83:78:ba:50:c2:59:9b:06:43:cc:ab:f2:61:
74:1e:c6:84:c7:e5:96:70:24:20:fe:fa:79:d9:d1:
51:19:68:04:c9:4c:55:74:7d:5d:eb:cc:fc:9e:1e:
3f:c1:4f:21:c5:77:63:d7:d5:b2:53:f3:ec:08:3d:
c9:1c:0c:92:4a:86:63:a8:c0:0d:04:c9:ee:39:3f:
6e:c4:b0:5b:fe:64:ec:82:17:48:72:11:5e:ad:ab:
74:e7:96:83:0f:e0:f6:b6:d3:06:3c:01:3c:60:73:
fe:15:38:cc:70:04:b5:43:87:91:7e:cd:d8:3d:f1:
ea:d0:9d:19:81:f1:80:09:d4:64:17:0c:69:38:4a:
cc:31:16:2d:30:c4:d5:b1:5d:00:f6:36:d5:9c:09:
80:6a:6d:57:e9:54:43:16:0d:45:47:35:23:8b:94:
ba:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:C6:9D:D2:08:0E:30:6C:E6:A4:21:83:C8:ED:CB:E1:CF:73:C1:E5
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/XMad0ggOMGzmpCGDyO3L4c9zweU.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
41:13:7a:ff:38:0a:1f:8c:25:2d:50:c7:51:80:af:cd:df:e7:
71:66:25:2c:dc:47:39:7a:33:a4:8c:db:ae:77:c8:55:7b:9c:
1d:90:71:aa:db:6e:7e:6f:c6:0f:5a:8d:c9:4e:90:19:10:01:
f7:14:47:b5:2e:06:22:da:c0:d4:41:43:96:4b:95:f4:a6:91:
3d:98:82:3b:a4:b2:a3:47:c0:cc:3b:5a:e7:cc:bb:09:0a:30:
75:e1:ce:6e:16:ed:b4:43:66:dc:4f:cf:27:eb:4d:68:9f:a0:
1c:2b:14:d6:91:8a:bd:d5:2b:f0:bf:96:76:fd:0d:0b:bc:8a:
97:c1:bd:0b:8e:2f:49:34:64:8b:2b:3c:18:e1:77:f0:73:34:
3a:09:70:10:a5:8f:3d:47:16:85:92:9e:91:06:80:f5:cb:e9:
86:5f:36:07:25:2a:8b:d4:f1:18:70:d1:bd:b8:86:58:6d:01:
1e:29:eb:3b:75:1b:de:58:d4:fb:fd:b1:c0:29:24:28:9d:a7:
01:44:e7:06:42:bb:cc:b8:d1:d4:36:39:51:18:ea:fa:f1:6a:
dc:ca:25:5d:7f:05:21:f1:31:93:fe:42:b4:59:50:92:25:5b:
87:db:ad:c4:c8:5b:e4:53:57:fb:1a:76:5f:64:b9:50:9e:c2:
9a:7e:d6:9f
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICCM0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTgx
OTM4MTFaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDVDQzY5REQyMDgwRTMw
NkNFNkE0MjE4M0M4RURDQkUxQ0Y3M0MxRTUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCdBcVs00ArtNpY/E0Fa8DRfIMTTVrCRbY4AgAT42l0FYVvVb79
0+qNsNRjZFgDiQ79r/Aigx6lX1pxsqBxZN7+4uDxOacszfB2JgdYbmlQGuetH8kW
W5tudKLZg3i6UMJZmwZDzKvyYXQexoTH5ZZwJCD++nnZ0VEZaATJTFV0fV3rzPye
Hj/BTyHFd2PX1bJT8+wIPckcDJJKhmOowA0Eye45P27EsFv+ZOyCF0hyEV6tq3Tn
loMP4Pa20wY8ATxgc/4VOMxwBLVDh5F+zdg98erQnRmB8YAJ1GQXDGk4SswxFi0w
xNWxXQD2NtWcCYBqbVfpVEMWDUVHNSOLlLpTAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUXMad0ggOMGzmpCGDyO3L4c9zweUwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9YTWFkMGdnT01Hem1wQ0dE
eU8zTDRjOXp3ZVUucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBAEETev84Ch+MJS1Qx1GAr83f53FmJSzcRzl6
M6SM2653yFV7nB2Qcarbbn5vxg9ajclOkBkQAfcUR7UuBiLawNRBQ5ZLlfSmkT2Y
gjuksqNHwMw7WufMuwkKMHXhzm4W7bRDZtxPzyfrTWifoBwrFNaRir3VK/C/lnb9
DQu8ipfBvQuOL0k0ZIsrPBjhd/BzNDoJcBCljz1HFoWSnpEGgPXL6YZfNgclKovU
8Rhw0b24hlhtAR4p6zt1G95Y1Pv9scApJCidpwFE5wZCu8y40dQ2OVEY6vrxatzK
JV1/BSHxMZP+QrRZUJIlW4fbrcTIW+RTV/sadl9kuVCewpp+1p8=
-----END CERTIFICATE-----
Generated at Sun Jun 22 06:22:35 2025 by rpki-client