Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/YW5Z2wQELpUz_Ibt4HwzMUE_WVk.roa
File: YW5Z2wQELpUz_Ibt4HwzMUE_WVk.roa (raw, json)
Hash identifier: f5gkVuH5j5X8SFUTDx/abZandniivFl9zmgXu7Nwg0A=
Subject key identifier: 61:6E:59:DB:04:04:2E:95:33:FC:86:ED:E0:7C:33:31:41:3F:59:59
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0B71
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/YW5Z2wQELpUz_Ibt4HwzMUE_WVk.roa
Signing time: Thu 22 May 2025 08:08:22 +0000
ROA not before: Thu 22 May 2025 08:08:22 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2929 (0xb71)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 22 08:08:22 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=616E59DB04042E9533FC86EDE07C3331413F5959
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:a5:58:b2:e2:f0:00:d0:6b:e2:ba:d7:b1:86:
cc:52:09:5a:90:43:6c:f1:f6:8a:64:81:3d:13:f0:
5b:c3:74:a9:57:2a:7f:73:e8:c0:fc:a0:e4:c1:0e:
f7:01:ff:7d:1f:c4:25:29:8f:7b:76:de:01:50:3c:
8e:bc:27:39:29:5f:cb:ad:8f:0a:ba:14:4f:16:c7:
e2:ea:3d:68:61:a5:0c:d9:ea:7a:65:cc:20:84:de:
7a:5f:04:1b:bc:4a:11:37:79:ef:4f:21:be:f1:f3:
68:b8:a0:6e:36:09:7c:09:0a:35:08:f8:84:96:86:
90:50:c0:a9:2d:9d:a1:0a:7b:f0:49:84:b0:fa:33:
5b:ab:93:a3:fb:1c:32:79:9f:0f:83:41:ee:4b:b0:
d4:41:5f:ee:41:64:29:84:1e:9a:b2:8a:93:26:f0:
dc:9a:b9:9a:c8:43:ba:fe:8f:fb:49:89:60:32:76:
37:cf:08:88:7a:9f:b5:2d:bf:cd:9b:d0:7d:e8:55:
26:fe:7b:27:6b:72:31:1f:27:69:aa:ad:9f:26:21:
67:5f:d1:1d:d3:86:ac:b0:d3:a7:f5:d3:0c:de:08:
84:be:13:b3:56:58:c7:f2:a0:b2:ed:35:92:1f:ff:
14:41:f9:f8:5a:41:b6:49:a2:e2:2d:0f:5e:e7:88:
06:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:6E:59:DB:04:04:2E:95:33:FC:86:ED:E0:7C:33:31:41:3F:59:59
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/YW5Z2wQELpUz_Ibt4HwzMUE_WVk.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
2c:56:6f:12:75:06:e3:13:ac:ab:7b:d2:85:2e:fa:cc:47:9e:
f6:e3:8b:87:43:f5:c2:26:72:0b:55:e1:fb:5b:2d:d4:14:e8:
75:89:90:b0:f8:39:e2:c8:1d:0b:aa:aa:e9:1f:b2:b1:ed:2c:
7b:1c:09:8c:f9:dd:31:8c:62:a4:bd:11:12:d1:0c:4b:8f:2c:
31:ba:48:c7:9a:e9:eb:6f:37:c1:5a:6a:df:64:eb:0b:15:5b:
c3:3e:0d:62:e1:f3:64:af:d4:d6:48:b3:5b:34:12:26:11:27:
55:ff:86:ad:d8:59:09:6a:b6:c9:60:15:ab:76:a3:49:a5:1b:
61:14:3a:08:d5:23:95:c6:ea:29:40:ad:3f:d9:12:e3:e7:49:
5d:6d:93:e0:63:e1:88:ac:56:0b:53:82:00:f8:62:ac:03:2a:
8d:0d:5e:f3:ac:b2:d7:00:1e:af:3e:42:56:1d:1f:27:d3:9c:
05:bf:e8:2c:fc:d0:3b:d9:8c:f8:53:eb:93:18:4d:23:0a:63:
49:1b:c2:7b:15:25:ea:c3:f7:4c:52:85:87:0b:f7:9e:fa:25:
89:74:34:b8:1b:70:19:e2:d5:ae:88:e1:cc:c1:f3:31:21:3e:
27:db:45:7d:3e:4f:0d:51:c5:bd:68:92:aa:0a:15:46:ed:6d:
5c:15:2b:c5
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICC3EwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MjIw
ODA4MjJaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDYxNkU1OURCMDQwNDJF
OTUzM0ZDODZFREUwN0MzMzMxNDEzRjU5NTkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCupViy4vAA0GviutexhsxSCVqQQ2zx9opkgT0T8FvDdKlXKn9z
6MD8oOTBDvcB/30fxCUpj3t23gFQPI68JzkpX8utjwq6FE8Wx+LqPWhhpQzZ6npl
zCCE3npfBBu8ShE3ee9PIb7x82i4oG42CXwJCjUI+ISWhpBQwKktnaEKe/BJhLD6
M1urk6P7HDJ5nw+DQe5LsNRBX+5BZCmEHpqyipMm8NyauZrIQ7r+j/tJiWAydjfP
CIh6n7Utv82b0H3oVSb+eydrcjEfJ2mqrZ8mIWdf0R3Thqyw06f10wzeCIS+E7NW
WMfyoLLtNZIf/xRB+fhaQbZJouItD17niAYJAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUYW5Z2wQELpUz/Ibt4HwzMUE/WVkwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9ZVzVaMndRRUxwVXpfSWJ0
NEh3ek1VRV9XVmsucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBACxWbxJ1BuMTrKt70oUu+sxHnvbji4dD9cIm
cgtV4ftbLdQU6HWJkLD4OeLIHQuqqukfsrHtLHscCYz53TGMYqS9ERLRDEuPLDG6
SMea6etvN8Faat9k6wsVW8M+DWLh82Sv1NZIs1s0EiYRJ1X/hq3YWQlqtslgFat2
o0mlG2EUOgjVI5XG6ilArT/ZEuPnSV1tk+Bj4YisVgtTggD4YqwDKo0NXvOsstcA
Hq8+QlYdHyfTnAW/6Cz80DvZjPhT65MYTSMKY0kbwnsVJerD90xShYcL9576JYl0
NLgbcBni1a6I4czB8zEhPifbRX0+Tw1Rxb1okqoKFUbtbVwVK8U=
-----END CERTIFICATE-----
Generated at Fri Jun 20 20:52:04 2025 by rpki-client