Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/kgWOclo8doyfJkKnBSi_WT4M0eA.roa
File: kgWOclo8doyfJkKnBSi_WT4M0eA.roa (raw, json)
Hash identifier: KXYjwKJ3OpNXVzaIM+ejIgrIHUIR2SSgYN8yddO/shk=
Subject key identifier: 92:05:8E:72:5A:3C:76:8C:9F:26:42:A7:05:28:BF:59:3E:0C:D1:E0
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0101
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/kgWOclo8doyfJkKnBSi_WT4M0eA.roa
Signing time: Thu 08 May 2025 10:08:06 +0000
ROA not before: Thu 08 May 2025 10:08:06 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 257 (0x101)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 8 10:08:06 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=92058E725A3C768C9F2642A70528BF593E0CD1E0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:fb:6e:19:a2:67:b8:7e:dd:43:bc:da:3c:9e:
27:d1:8b:c4:0d:90:27:bf:7d:ff:fb:cd:21:ca:c3:
f9:24:e4:b1:af:0b:34:45:16:0c:4a:63:85:db:e6:
80:25:e9:4f:0e:3c:73:69:db:99:30:59:64:22:65:
82:a2:97:66:a3:50:63:af:c8:07:34:83:61:66:87:
4e:6b:32:58:48:d0:c1:e1:d1:80:93:01:57:9d:97:
39:c5:66:19:dc:29:2c:ca:7f:fc:97:01:b4:92:1b:
a3:49:2c:b9:ec:63:03:eb:25:09:56:17:c4:c8:4a:
28:f0:31:b8:8c:f5:33:47:84:65:34:be:68:e0:13:
c1:20:e5:8c:8c:b3:24:af:93:7a:99:8c:42:b5:39:
ae:9a:cb:6d:04:9a:7d:17:4d:51:00:80:9d:8c:68:
fb:68:56:b6:82:d9:2e:39:68:52:76:cd:df:44:2e:
75:0a:ac:10:8a:98:de:6c:52:47:6c:81:87:ed:b2:
84:32:20:2c:74:13:26:9b:d8:a8:6c:4d:02:ff:ae:
b1:29:16:31:a1:1d:fc:1b:53:e7:d2:cc:79:99:62:
df:86:b2:e1:4c:c4:b4:7a:61:7e:dd:f1:8f:ee:27:
48:e9:f8:6b:7e:0d:8e:6c:7f:39:b6:9a:cd:5b:6d:
c1:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:05:8E:72:5A:3C:76:8C:9F:26:42:A7:05:28:BF:59:3E:0C:D1:E0
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/kgWOclo8doyfJkKnBSi_WT4M0eA.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
b0:10:31:c9:7f:87:9e:23:3d:a1:cf:2b:16:b6:bf:a7:b7:48:
91:0c:e3:1c:be:56:4e:8c:9f:45:14:8d:fc:7e:e8:4a:2e:ca:
49:e8:bb:f0:01:7d:62:8a:70:07:c0:7e:19:63:35:6f:52:8d:
2f:24:ff:e9:e0:3f:ed:fd:5e:ba:33:75:94:5e:5a:4d:c0:a1:
2f:87:f4:0a:74:79:d1:69:87:53:ed:87:28:06:11:6a:d4:ab:
b4:29:d8:84:b0:d4:35:cb:23:1b:b0:45:f1:6f:9b:94:9b:48:
f3:ae:c2:ce:d7:70:a9:e8:b7:2c:4e:0d:12:dc:53:23:a0:7e:
6f:1a:fb:ce:20:c5:01:85:2b:15:cc:01:a3:e5:d0:df:33:81:
df:3c:b6:ba:b2:17:e1:3f:1c:c9:ba:f1:e7:b8:54:7f:a0:0f:
e2:0e:47:de:9a:06:b4:50:2c:38:a6:47:85:c6:28:41:c7:76:
35:e7:fc:d2:0d:b0:55:63:a5:38:01:4f:3e:02:18:8b:8a:83:
83:d9:9a:b7:73:da:ce:42:98:a2:fa:6b:c4:54:24:de:dd:3e:
2a:46:0f:c1:60:df:80:22:dd:ab:8a:fd:84:08:ff:72:88:c2:
a1:ef:de:67:41:15:1e:db:13:96:c3:c4:16:d4:4b:e4:71:30:
41:80:8b:a5
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICAQEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MDgx
MDA4MDZaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDkyMDU4RTcyNUEzQzc2
OEM5RjI2NDJBNzA1MjhCRjU5M0UwQ0QxRTAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC/+24Zome4ft1DvNo8nifRi8QNkCe/ff/7zSHKw/kk5LGvCzRF
FgxKY4Xb5oAl6U8OPHNp25kwWWQiZYKil2ajUGOvyAc0g2Fmh05rMlhI0MHh0YCT
AVedlznFZhncKSzKf/yXAbSSG6NJLLnsYwPrJQlWF8TISijwMbiM9TNHhGU0vmjg
E8Eg5YyMsySvk3qZjEK1Oa6ay20Emn0XTVEAgJ2MaPtoVraC2S45aFJ2zd9ELnUK
rBCKmN5sUkdsgYftsoQyICx0Eyab2KhsTQL/rrEpFjGhHfwbU+fSzHmZYt+GsuFM
xLR6YX7d8Y/uJ0jp+Gt+DY5sfzm2ms1bbcHtAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUkgWOclo8doyfJkKnBSi/WT4M0eAwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9rZ1dPY2xvOGRveWZKa0tu
QlNpX1dUNE0wZUEucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBALAQMcl/h54jPaHPKxa2v6e3SJEM4xy+Vk6M
n0UUjfx+6Eouyknou/ABfWKKcAfAfhljNW9SjS8k/+ngP+39XrozdZReWk3AoS+H
9Ap0edFph1PthygGEWrUq7Qp2ISw1DXLIxuwRfFvm5SbSPOuws7XcKnotyxODRLc
UyOgfm8a+84gxQGFKxXMAaPl0N8zgd88trqyF+E/HMm68ee4VH+gD+IOR96aBrRQ
LDimR4XGKEHHdjXn/NINsFVjpTgBTz4CGIuKg4PZmrdz2s5CmKL6a8RUJN7dPipG
D8Fg34Ai3auK/YQI/3KIwqHv3mdBFR7bE5bDxBbUS+RxMEGAi6U=
-----END CERTIFICATE-----
Generated at Sun Jun 22 10:50:26 2025 by rpki-client