Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/hF5eleyv0tQY3cVOrmXuPjIHbDI.roa
File: hF5eleyv0tQY3cVOrmXuPjIHbDI.roa (raw, json)
Hash identifier: k6l1jCgCc2kWs+gevdK1RIEX6Wwu+mHwH2RhMNSPyAY=
Subject key identifier: 84:5E:5E:95:EC:AF:D2:D4:18:DD:C5:4E:AE:65:EE:3E:32:07:6C:32
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 1459
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/hF5eleyv0tQY3cVOrmXuPjIHbDI.roa
Signing time: Tue 03 Jun 2025 05:09:23 +0000
ROA not before: Tue 03 Jun 2025 05:09:23 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5209 (0x1459)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 3 05:09:23 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=845E5E95ECAFD2D418DDC54EAE65EE3E32076C32
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:b4:9e:11:df:be:99:da:ed:c2:a8:85:8f:dc:
12:94:95:ff:72:1e:13:2c:45:47:3a:85:d6:67:68:
d8:14:fa:13:30:8a:f4:03:b4:12:d1:09:e1:6f:3d:
c3:25:cc:c8:0c:21:2f:1a:19:92:a6:9d:f9:44:9b:
a5:d9:ff:3d:f6:2f:65:ce:df:9b:24:b0:7f:92:42:
bb:bb:44:e2:16:fd:64:7f:ba:c0:d9:10:f1:26:d2:
cd:5e:a4:f6:b7:6b:f9:35:15:1e:70:0d:29:9c:f0:
3d:d7:9c:ed:aa:b6:9d:cb:e8:fe:58:d0:78:df:e3:
d1:01:30:52:60:69:50:39:1a:27:2d:bc:ee:f1:20:
6b:b5:00:13:e1:7c:11:17:b7:d3:77:e7:97:93:3b:
7a:e1:e4:79:cb:3c:78:60:89:25:4b:5e:df:6a:8c:
39:a6:e2:8b:7f:0d:04:cd:af:b1:84:96:73:cb:36:
2a:73:9c:5e:62:a8:09:eb:73:92:55:ef:1a:92:91:
a7:97:88:95:d1:a9:61:29:33:28:81:be:19:8d:b3:
30:7b:b8:ad:85:9d:59:58:0d:58:ea:2e:bf:e7:05:
59:97:63:54:be:5c:6b:f0:c8:fe:42:cf:b9:60:7d:
66:6c:04:25:18:57:61:b4:99:ed:2a:b5:60:f9:8b:
26:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:5E:5E:95:EC:AF:D2:D4:18:DD:C5:4E:AE:65:EE:3E:32:07:6C:32
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/hF5eleyv0tQY3cVOrmXuPjIHbDI.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
1b:4a:90:a1:93:ae:aa:98:06:cf:cd:c1:db:34:e8:62:4c:8e:
69:03:30:e6:84:4e:b4:5e:d9:e3:0a:ca:b0:90:48:ce:05:d6:
af:96:7a:e7:56:3f:7c:99:7c:b0:b5:a9:86:fd:4e:fc:b3:bc:
ea:9d:b7:04:92:9b:3f:65:31:61:0a:d8:f1:55:84:1e:35:69:
ad:7c:bc:f7:2d:e3:31:d6:56:97:15:18:bd:ad:8f:95:76:fb:
49:0b:c2:2f:95:46:8c:97:09:0b:77:04:1a:29:7d:05:c5:e9:
ad:3e:c1:93:dc:08:fc:59:39:f8:50:cb:4f:6d:ae:2d:64:d7:
47:28:34:74:61:f8:de:6d:8f:47:54:ff:a3:4f:e8:51:6a:c8:
7a:22:72:91:6b:5e:81:4f:25:6f:3a:fd:2b:3d:69:c0:33:d1:
e2:aa:5f:00:dd:ce:f2:d6:e7:d2:1c:b9:af:fe:ce:e7:58:c5:
64:b0:cf:c1:e8:41:36:7b:d8:e4:14:bc:2f:f3:95:95:1d:24:
e4:5e:59:ef:f5:d2:1d:c8:26:94:31:5b:c8:8e:a4:31:91:51:
39:c3:65:3a:56:89:9e:9e:50:fc:ee:9c:88:ce:9b:03:05:74:
0f:48:11:23:bd:65:b0:86:cd:bf:ef:d9:a1:e4:78:d0:a9:80:
22:9e:48:9b
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICFFkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MDMw
NTA5MjNaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDg0NUU1RTk1RUNBRkQy
RDQxOEREQzU0RUFFNjVFRTNFMzIwNzZDMzIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCmtJ4R376Z2u3CqIWP3BKUlf9yHhMsRUc6hdZnaNgU+hMwivQD
tBLRCeFvPcMlzMgMIS8aGZKmnflEm6XZ/z32L2XO35sksH+SQru7ROIW/WR/usDZ
EPEm0s1epPa3a/k1FR5wDSmc8D3XnO2qtp3L6P5Y0Hjf49EBMFJgaVA5GictvO7x
IGu1ABPhfBEXt9N355eTO3rh5HnLPHhgiSVLXt9qjDmm4ot/DQTNr7GElnPLNipz
nF5iqAnrc5JV7xqSkaeXiJXRqWEpMyiBvhmNszB7uK2FnVlYDVjqLr/nBVmXY1S+
XGvwyP5Cz7lgfWZsBCUYV2G0me0qtWD5iybxAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUhF5eleyv0tQY3cVOrmXuPjIHbDIwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9oRjVlbGV5djB0UVkzY1ZP
cm1YdVBqSUhiREkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBABtKkKGTrqqYBs/Nwds06GJMjmkDMOaETrRe
2eMKyrCQSM4F1q+WeudWP3yZfLC1qYb9TvyzvOqdtwSSmz9lMWEK2PFVhB41aa18
vPct4zHWVpcVGL2tj5V2+0kLwi+VRoyXCQt3BBopfQXF6a0+wZPcCPxZOfhQy09t
ri1k10coNHRh+N5tj0dU/6NP6FFqyHoicpFrXoFPJW86/Ss9acAz0eKqXwDdzvLW
59Icua/+zudYxWSwz8HoQTZ72OQUvC/zlZUdJOReWe/10h3IJpQxW8iOpDGRUTnD
ZTpWiZ6eUPzunIjOmwMFdA9IESO9ZbCGzb/v2aHkeNCpgCKeSJs=
-----END CERTIFICATE-----
Generated at Sat Jun 21 16:23:47 2025 by rpki-client