Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/h50seUudku79hlC6U6kpx1_hvkw.roa
File: h50seUudku79hlC6U6kpx1_hvkw.roa (raw, json)
Hash identifier: TuThEBXttGu8LodMFtQ5KijsoC+3/TDuTAXF2vj7axs=
Subject key identifier: 87:9D:2C:79:4B:9D:92:EE:FD:86:50:BA:53:A9:29:C7:5F:E1:BE:4C
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 087D
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/h50seUudku79hlC6U6kpx1_hvkw.roa
Signing time: Sun 18 May 2025 09:38:08 +0000
ROA not before: Sun 18 May 2025 09:38:08 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2173 (0x87d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 18 09:38:08 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=879D2C794B9D92EEFD8650BA53A929C75FE1BE4C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:1a:c3:22:50:d3:33:cb:9d:a4:18:41:49:ee:
0d:41:88:de:b2:3c:23:6d:69:b1:80:57:a0:04:4c:
80:41:66:5f:de:85:ed:e0:e8:f7:25:eb:72:0c:03:
d9:8d:81:46:fe:d7:ff:62:bf:0a:89:0b:38:0d:c8:
10:9b:c6:04:a5:ee:9e:b7:fd:5a:0d:57:e2:92:66:
a9:3d:1f:06:68:c8:b1:f3:bc:72:2a:f1:2c:25:94:
e6:9e:18:a3:ad:cc:75:e1:b0:37:96:65:fa:13:f3:
de:d7:43:ea:1b:b6:91:c7:ca:b0:8b:ab:e4:29:57:
9b:74:06:37:25:ba:5b:f0:df:51:ee:e0:90:19:85:
03:26:f5:35:61:49:37:f7:bc:42:1d:60:33:18:53:
f9:c6:fc:1f:69:3e:4b:20:c7:15:58:e0:b3:cb:b2:
27:99:84:cd:41:f1:28:30:6b:8c:54:f3:e7:6b:f3:
ba:7c:93:56:9d:eb:7f:49:68:3e:7f:dc:52:53:e7:
2b:11:9a:a0:f8:59:88:3f:2e:a2:7e:a3:70:9d:d7:
42:dc:0e:e8:76:3c:f2:b9:1c:a8:2e:7e:a4:37:43:
2d:c1:ed:d9:79:1c:aa:8e:c2:77:9d:9b:43:d0:eb:
99:ba:f7:02:6d:f0:f2:67:1b:52:e8:77:07:e0:39:
f6:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:9D:2C:79:4B:9D:92:EE:FD:86:50:BA:53:A9:29:C7:5F:E1:BE:4C
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/h50seUudku79hlC6U6kpx1_hvkw.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
43:e0:3f:f3:d9:3a:b1:4d:bc:5e:64:00:18:84:d1:f2:9b:e1:
cf:98:6b:24:3b:28:f1:9d:7d:e4:77:5f:cd:65:dd:19:73:7b:
78:2d:24:9e:ae:cc:d5:3e:dc:5d:77:8a:bc:74:61:da:19:dd:
37:6a:97:80:6b:f3:77:5f:6c:66:80:8f:66:0e:9f:5e:ae:9e:
0c:53:3a:7a:db:49:e3:46:55:64:13:5d:ed:07:11:09:d1:61:
05:0a:ae:9f:8e:d9:f1:14:ae:5a:f2:ca:b0:bf:8f:29:49:30:
ee:17:58:71:30:aa:81:be:e7:73:eb:59:6f:c3:cd:05:75:11:
57:73:06:7d:a7:a1:47:1a:7a:81:2c:85:df:c1:44:05:ad:aa:
63:da:c5:e9:76:48:3a:29:67:d6:fe:8f:1e:06:41:27:a6:89:
d5:12:da:3b:26:03:31:b0:92:e7:77:05:42:3f:47:2f:da:72:
f1:09:08:97:3b:2d:d1:d9:bc:86:9d:c5:68:f9:5b:b2:c2:cc:
0d:9e:bd:eb:ce:8d:30:73:d1:2b:c3:24:58:db:85:1d:00:6b:
35:40:d0:1f:b1:68:33:1d:26:a4:33:7f:e4:fe:35:6d:e5:13:
e4:c2:76:7d:ad:a1:4a:79:60:88:27:4a:10:41:30:b4:4a:50:
61:94:61:0a
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICCH0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTgw
OTM4MDhaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDg3OUQyQzc5NEI5RDky
RUVGRDg2NTBCQTUzQTkyOUM3NUZFMUJFNEMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCmGsMiUNMzy52kGEFJ7g1BiN6yPCNtabGAV6AETIBBZl/ehe3g
6Pcl63IMA9mNgUb+1/9ivwqJCzgNyBCbxgSl7p63/VoNV+KSZqk9HwZoyLHzvHIq
8SwllOaeGKOtzHXhsDeWZfoT897XQ+obtpHHyrCLq+QpV5t0Bjclulvw31Hu4JAZ
hQMm9TVhSTf3vEIdYDMYU/nG/B9pPksgxxVY4LPLsieZhM1B8Sgwa4xU8+dr87p8
k1ad639JaD5/3FJT5ysRmqD4WYg/LqJ+o3Cd10LcDuh2PPK5HKgufqQ3Qy3B7dl5
HKqOwnedm0PQ65m69wJt8PJnG1LodwfgOfYhAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUh50seUudku79hlC6U6kpx1/hvkwwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9oNTBzZVV1ZGt1NzlobEM2
VTZrcHgxX2h2a3cucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBAEPgP/PZOrFNvF5kABiE0fKb4c+YayQ7KPGd
feR3X81l3Rlze3gtJJ6uzNU+3F13irx0YdoZ3Tdql4Br83dfbGaAj2YOn16ungxT
OnrbSeNGVWQTXe0HEQnRYQUKrp+O2fEUrlryyrC/jylJMO4XWHEwqoG+53PrWW/D
zQV1EVdzBn2noUcaeoEshd/BRAWtqmPaxel2SDopZ9b+jx4GQSemidUS2jsmAzGw
kud3BUI/Ry/acvEJCJc7LdHZvIadxWj5W7LCzA2evevOjTBz0SvDJFjbhR0AazVA
0B+xaDMdJqQzf+T+NW3lE+TCdn2toUp5YIgnShBBMLRKUGGUYQo=
-----END CERTIFICATE-----
Generated at Sun Jun 22 18:10:56 2025 by rpki-client