Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/_Uaj3rmWEItly1K70Wnpz1KrceA.roa
File: _Uaj3rmWEItly1K70Wnpz1KrceA.roa (raw, json)
Hash identifier: wmXpTs74MgKPgpWMXhGAfj6tLc+7sooxkOMRquKskM4=
Subject key identifier: FD:46:A3:DE:B9:96:10:8B:65:CB:52:BB:D1:69:E9:CF:52:AB:71:E0
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0F0D
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/_Uaj3rmWEItly1K70Wnpz1KrceA.roa
Signing time: Tue 27 May 2025 03:38:46 +0000
ROA not before: Tue 27 May 2025 03:38:46 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3853 (0xf0d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 27 03:38:46 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=FD46A3DEB996108B65CB52BBD169E9CF52AB71E0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:a0:32:90:e5:c9:bb:5b:7e:85:82:21:2d:79:
fe:c3:92:00:aa:ca:64:be:9d:ec:6f:be:85:2a:7a:
af:e0:6a:de:0a:83:53:70:18:e2:9d:ce:4a:67:d2:
a9:00:2d:f5:d0:44:a4:70:03:9b:db:44:e9:90:b0:
1e:be:1f:0a:b9:64:94:62:f4:0d:24:eb:63:dd:60:
75:73:b6:b1:74:c7:8e:15:3b:25:c3:7a:79:b6:f1:
ca:5b:4d:8e:20:c5:5a:86:b1:99:59:c8:a0:b9:c9:
80:3a:83:a0:76:4a:22:d2:62:86:e1:b4:90:ca:05:
21:e9:03:45:51:0a:92:d9:86:df:86:97:7f:80:8b:
63:bb:b5:ed:09:15:5c:f5:c5:00:76:5f:a2:50:66:
54:dc:55:54:04:3c:b2:f0:ce:84:b5:da:8d:0c:29:
92:23:b1:bb:4d:77:f9:96:af:4f:de:54:23:ac:b7:
15:50:c6:2a:c7:62:28:d4:fa:26:80:fd:fa:22:15:
a2:3c:22:27:cd:3b:a3:31:a9:a5:b2:f9:f0:59:8d:
02:8b:d4:73:fe:c7:11:2e:2c:e2:19:96:af:99:35:
6f:c0:30:48:61:1a:1c:13:fe:69:c2:74:1c:4d:87:
55:84:8f:22:ae:19:13:9b:b2:60:0c:a9:cf:f3:ad:
0e:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:46:A3:DE:B9:96:10:8B:65:CB:52:BB:D1:69:E9:CF:52:AB:71:E0
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/_Uaj3rmWEItly1K70Wnpz1KrceA.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
92:7d:9e:a3:12:43:dd:13:40:65:0d:66:1f:81:dd:f6:38:79:
21:05:13:50:1b:7e:92:9c:d3:c8:80:26:fd:ea:67:cd:1b:fb:
6a:f8:1a:c2:35:ee:8b:5a:01:c6:7e:c8:d7:ea:b5:2f:16:be:
39:f4:32:69:16:fd:85:11:fe:52:1f:b4:a2:7f:87:dc:43:67:
c7:70:e3:59:c1:89:4d:73:1c:03:cc:c6:ae:96:30:d1:a5:c1:
f3:1c:b8:dd:42:33:01:92:62:31:23:8f:50:6b:59:fa:c1:d6:
7a:a3:dc:7b:f6:56:1b:22:40:b1:18:0f:ea:a4:9f:7a:b5:b8:
43:f4:12:28:a1:95:79:48:ae:c8:85:71:8b:0a:c5:6d:96:57:
9f:14:0c:e2:c4:4b:81:a3:0d:f6:6d:a9:0d:0b:39:f5:6b:87:
79:6d:b0:c4:66:57:27:e8:82:92:82:51:55:58:2d:ea:97:3b:
eb:a1:81:2f:30:4f:75:a7:cf:24:b3:4e:82:3e:b1:12:ad:0d:
39:ff:68:80:32:22:f7:17:89:76:c6:e9:dc:1b:9b:a7:48:19:
60:51:0d:c8:50:fe:ce:98:16:89:bd:9b:05:5a:95:9f:44:2c:
8a:17:0d:98:71:bf:3d:5b:54:7b:bc:a0:18:8e:ea:83:05:84:
3e:20:99:78
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICDw0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1Mjcw
MzM4NDZaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEZENDZBM0RFQjk5NjEw
OEI2NUNCNTJCQkQxNjlFOUNGNTJBQjcxRTAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCzoDKQ5cm7W36FgiEtef7DkgCqymS+nexvvoUqeq/gat4Kg1Nw
GOKdzkpn0qkALfXQRKRwA5vbROmQsB6+Hwq5ZJRi9A0k62PdYHVztrF0x44VOyXD
enm28cpbTY4gxVqGsZlZyKC5yYA6g6B2SiLSYobhtJDKBSHpA0VRCpLZht+Gl3+A
i2O7te0JFVz1xQB2X6JQZlTcVVQEPLLwzoS12o0MKZIjsbtNd/mWr0/eVCOstxVQ
xirHYijU+iaA/foiFaI8IifNO6MxqaWy+fBZjQKL1HP+xxEuLOIZlq+ZNW/AMEhh
GhwT/mnCdBxNh1WEjyKuGRObsmAMqc/zrQ7zAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQU/Uaj3rmWEItly1K70Wnpz1KrceAwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9fVWFqM3JtV0VJdGx5MUs3
MFducHoxS3JjZUEucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBAJJ9nqMSQ90TQGUNZh+B3fY4eSEFE1AbfpKc
08iAJv3qZ80b+2r4GsI17otaAcZ+yNfqtS8Wvjn0MmkW/YUR/lIftKJ/h9xDZ8dw
41nBiU1zHAPMxq6WMNGlwfMcuN1CMwGSYjEjj1BrWfrB1nqj3Hv2VhsiQLEYD+qk
n3q1uEP0EiihlXlIrsiFcYsKxW2WV58UDOLES4GjDfZtqQ0LOfVrh3ltsMRmVyfo
gpKCUVVYLeqXO+uhgS8wT3WnzySzToI+sRKtDTn/aIAyIvcXiXbG6dwbm6dIGWBR
DchQ/s6YFom9mwValZ9ELIoXDZhxvz1bVHu8oBiO6oMFhD4gmXg=
-----END CERTIFICATE-----
Generated at Sun Jun 22 00:38:29 2025 by rpki-client