Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/beQeJNm-47Rj28QZtSeWNmkYZio.roa
File: beQeJNm-47Rj28QZtSeWNmkYZio.roa (raw, json)
Hash identifier: /WW3JW94zOqACh8UJnbRya5keteZML9Yo0Nivt7RVGE=
Subject key identifier: 6D:E4:1E:24:D9:BE:E3:B4:63:DB:C4:19:B5:27:96:36:69:18:66:2A
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0BD1
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/beQeJNm-47Rj28QZtSeWNmkYZio.roa
Signing time: Thu 22 May 2025 20:08:23 +0000
ROA not before: Thu 22 May 2025 20:08:23 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3025 (0xbd1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 22 20:08:23 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=6DE41E24D9BEE3B463DBC419B52796366918662A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:37:2b:61:55:a7:ef:ab:81:5a:76:2a:d6:f8:
b0:90:65:e9:b6:d3:c3:65:7c:a8:90:58:57:c7:69:
a4:f1:97:a6:b0:f2:8a:5e:8f:a7:ec:a6:94:56:95:
b4:92:f7:69:c8:91:ff:19:ab:73:ed:d7:74:1a:a6:
04:72:43:97:b0:36:d9:f5:6c:9f:5c:d3:7a:10:20:
30:fa:e6:b2:cc:e4:ba:55:27:ef:47:45:c8:a2:d0:
e1:36:69:a4:17:d1:dd:2a:27:a9:27:15:f5:0f:64:
a2:dd:c3:8b:5d:b0:de:49:6b:ea:e5:2e:f2:e5:37:
fb:8d:62:1c:a0:1f:7a:3a:10:70:2c:cf:28:3a:e6:
8d:3c:52:86:69:8f:5e:09:99:d0:0b:16:6e:93:b1:
6b:f1:3c:0b:06:64:9c:8e:b0:c3:d6:60:ac:5b:b1:
fa:5e:d1:cc:37:cb:33:74:07:64:ab:5a:80:7c:e8:
32:74:37:80:ed:c1:16:6d:93:9a:d9:26:f0:81:d0:
f5:84:e9:4d:07:72:20:17:a3:7c:50:0c:ef:c5:ee:
b1:43:9b:af:27:a3:54:39:47:18:ce:fd:f5:5b:a0:
04:b1:ed:ae:26:89:86:bc:19:93:11:c5:f4:76:c5:
8f:c4:4d:67:39:8f:95:27:bd:db:10:e2:ac:2d:e7:
71:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:E4:1E:24:D9:BE:E3:B4:63:DB:C4:19:B5:27:96:36:69:18:66:2A
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/beQeJNm-47Rj28QZtSeWNmkYZio.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
98:b6:fe:93:16:71:0b:ad:8f:37:88:16:68:c9:c1:80:1e:a9:
3c:75:43:44:91:c3:48:04:36:a0:ea:d0:95:48:66:4c:c0:c7:
46:9b:62:2b:8c:6a:39:e1:85:38:d0:c7:3c:ec:4d:d5:14:2f:
d6:21:7d:77:ab:4a:54:6e:21:63:91:18:29:69:0c:d2:2f:89:
e0:66:a5:62:1d:eb:20:94:82:42:20:87:af:a6:8d:a3:83:5e:
3d:1a:fc:74:70:db:77:32:e3:00:fd:dc:61:56:cd:4a:23:18:
bd:e1:77:70:67:c0:87:7e:b7:4b:ea:86:7f:d4:86:75:f7:93:
68:24:2e:d9:b9:cf:be:85:94:b3:66:70:6b:cb:90:b7:fb:a2:
ed:4f:43:9b:6a:f0:78:61:b2:a2:77:90:fa:a6:cb:18:6b:cd:
22:81:90:63:fe:ef:37:f2:75:9d:11:63:b1:39:70:d0:79:9a:
f3:1b:e9:a7:17:c1:b7:6d:20:93:3a:06:69:1b:ce:38:c5:cd:
6a:ca:97:56:c2:e1:da:9b:18:73:09:99:06:32:ac:49:7c:f9:
38:18:8f:c5:90:8d:02:a5:99:93:fb:c1:90:a8:6b:b7:19:df:
97:ae:da:63:a0:9e:c9:90:50:cc:18:5a:2d:1a:c0:3a:f0:6b:
2e:0f:8f:d6
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICC9EwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MjIy
MDA4MjNaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDZERTQxRTI0RDlCRUUz
QjQ2M0RCQzQxOUI1Mjc5NjM2NjkxODY2MkEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQChNythVafvq4FadirW+LCQZem208NlfKiQWFfHaaTxl6aw8ope
j6fsppRWlbSS92nIkf8Zq3Pt13QapgRyQ5ewNtn1bJ9c03oQIDD65rLM5LpVJ+9H
Rcii0OE2aaQX0d0qJ6knFfUPZKLdw4tdsN5Ja+rlLvLlN/uNYhygH3o6EHAszyg6
5o08UoZpj14JmdALFm6TsWvxPAsGZJyOsMPWYKxbsfpe0cw3yzN0B2SrWoB86DJ0
N4DtwRZtk5rZJvCB0PWE6U0HciAXo3xQDO/F7rFDm68no1Q5RxjO/fVboASx7a4m
iYa8GZMRxfR2xY/ETWc5j5UnvdsQ4qwt53HxAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUbeQeJNm+47Rj28QZtSeWNmkYZiowHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9iZVFlSk5tLTQ3UmoyOFFa
dFNlV05ta1laaW8ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBAJi2/pMWcQutjzeIFmjJwYAeqTx1Q0SRw0gE
NqDq0JVIZkzAx0abYiuMajnhhTjQxzzsTdUUL9YhfXerSlRuIWORGClpDNIvieBm
pWId6yCUgkIgh6+mjaODXj0a/HRw23cy4wD93GFWzUojGL3hd3BnwId+t0vqhn/U
hnX3k2gkLtm5z76FlLNmcGvLkLf7ou1PQ5tq8HhhsqJ3kPqmyxhrzSKBkGP+7zfy
dZ0RY7E5cNB5mvMb6acXwbdtIJM6BmkbzjjFzWrKl1bC4dqbGHMJmQYyrEl8+TgY
j8WQjQKlmZP7wZCoa7cZ35eu2mOgnsmQUMwYWi0awDrway4Pj9Y=
-----END CERTIFICATE-----
Generated at Sun Jun 22 03:56:28 2025 by rpki-client