Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/mPBtVLF57PmSb5EKtooYFKJKQbQ.roa
File: mPBtVLF57PmSb5EKtooYFKJKQbQ.roa (raw, json)
Hash identifier: sxmbxQjmcv0pwhdYZp9gsSbhwys+JAV/xVjYNSkM3T8=
Subject key identifier: 98:F0:6D:54:B1:79:EC:F9:92:6F:91:0A:B6:8A:18:14:A2:4A:41:B4
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0A89
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/mPBtVLF57PmSb5EKtooYFKJKQbQ.roa
Signing time: Wed 21 May 2025 03:08:22 +0000
ROA not before: Wed 21 May 2025 03:08:22 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2697 (0xa89)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 21 03:08:22 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=98F06D54B179ECF9926F910AB68A1814A24A41B4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:ac:ef:39:1f:b3:a0:ff:ef:63:23:d0:8e:57:
e1:5f:c1:5e:b0:06:9b:d3:bd:cd:f1:22:f6:c2:b9:
79:34:cd:1b:48:fb:f6:3d:8d:dd:40:7e:e7:24:31:
89:31:25:3e:03:f4:5b:13:6f:75:cd:bf:34:d0:cc:
fd:13:1b:f3:ce:e4:a4:61:42:cb:17:a9:44:46:fb:
a9:2a:46:f2:d1:05:6e:27:41:14:c1:41:80:02:44:
af:f1:ff:74:23:35:08:2f:ee:30:63:84:56:a9:dd:
e3:3e:70:d8:60:54:3f:ef:d8:47:48:0d:3a:59:71:
c7:ad:60:eb:e3:14:1f:bc:2a:56:98:50:28:91:5c:
d2:81:52:18:10:dc:9c:3f:cf:7b:12:cd:78:c3:fc:
00:5a:28:dc:de:be:7e:8d:e1:be:05:11:79:26:30:
7f:3c:eb:b4:7c:17:05:46:5c:7e:50:56:41:5e:5a:
e8:4f:90:c5:ec:77:c2:3d:8d:2e:04:d4:e7:c8:fa:
18:89:34:83:38:2f:97:02:c9:8f:87:cb:49:d1:be:
1d:bd:83:cd:12:3f:a0:6a:fb:52:fd:a6:88:af:68:
d1:1e:f7:4e:44:6c:5d:a5:a2:b7:cd:5e:fd:5f:9c:
76:df:24:4f:0f:c6:b6:d7:5f:6d:2f:ae:01:21:47:
46:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:F0:6D:54:B1:79:EC:F9:92:6F:91:0A:B6:8A:18:14:A2:4A:41:B4
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/mPBtVLF57PmSb5EKtooYFKJKQbQ.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
7e:b4:1c:17:fb:62:66:b3:53:1f:fa:ea:76:3a:5f:6c:db:b2:
56:d9:e7:39:24:2d:82:85:85:b2:05:f1:5b:a4:c5:05:7a:96:
4b:6f:73:03:e9:4c:27:04:54:18:6c:2c:3f:2b:48:02:11:77:
ce:fc:52:ab:6a:ef:33:7e:32:dc:15:11:ee:52:78:52:f6:7c:
c3:b9:04:91:0b:20:0e:50:1a:0e:78:7e:0d:d4:3b:25:ea:77:
c5:b4:9e:04:47:ec:be:82:06:83:d3:09:01:58:f0:4c:fb:6a:
1f:f2:d8:a5:25:a4:41:17:cf:17:e6:fc:60:53:02:09:bf:fd:
61:91:b5:b6:12:0a:d3:dd:6c:0b:2d:99:76:ed:03:de:33:a2:
f9:a2:1d:f4:b3:91:c0:b9:46:33:32:c0:6d:15:ca:a5:e3:57:
30:3f:3f:d8:2c:fc:8a:99:f4:42:ba:29:a2:92:35:56:13:ab:
ae:b0:2c:e9:42:4f:36:40:05:39:c6:ed:b4:63:5f:77:db:61:
d4:8c:0c:d0:94:b8:49:2f:aa:1f:6f:1e:fd:2e:d2:bf:c5:91:
93:36:aa:1a:ad:ff:68:4c:4a:a2:45:9b:02:ad:1f:52:17:71:
86:f4:6c:63:ff:e2:20:4d:c1:a8:37:7a:4d:5e:18:53:5a:ce:
9b:7c:a9:8e
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICCokwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MjEw
MzA4MjJaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDk4RjA2RDU0QjE3OUVD
Rjk5MjZGOTEwQUI2OEExODE0QTI0QTQxQjQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCyrO85H7Og/+9jI9COV+FfwV6wBpvTvc3xIvbCuXk0zRtI+/Y9
jd1AfuckMYkxJT4D9FsTb3XNvzTQzP0TG/PO5KRhQssXqURG+6kqRvLRBW4nQRTB
QYACRK/x/3QjNQgv7jBjhFap3eM+cNhgVD/v2EdIDTpZccetYOvjFB+8KlaYUCiR
XNKBUhgQ3Jw/z3sSzXjD/ABaKNzevn6N4b4FEXkmMH8867R8FwVGXH5QVkFeWuhP
kMXsd8I9jS4E1OfI+hiJNIM4L5cCyY+Hy0nRvh29g80SP6Bq+1L9poivaNEe905E
bF2lorfNXv1fnHbfJE8PxrbXX20vrgEhR0anAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUmPBtVLF57PmSb5EKtooYFKJKQbQwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9tUEJ0VkxGNTdQbVNiNUVL
dG9vWUZLSktRYlEucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBAH60HBf7YmazUx/66nY6X2zbslbZ5zkkLYKF
hbIF8VukxQV6lktvcwPpTCcEVBhsLD8rSAIRd878Uqtq7zN+MtwVEe5SeFL2fMO5
BJELIA5QGg54fg3UOyXqd8W0ngRH7L6CBoPTCQFY8Ez7ah/y2KUlpEEXzxfm/GBT
Agm//WGRtbYSCtPdbAstmXbtA94zovmiHfSzkcC5RjMywG0VyqXjVzA/P9gs/IqZ
9EK6KaKSNVYTq66wLOlCTzZABTnG7bRjX3fbYdSMDNCUuEkvqh9vHv0u0r/FkZM2
qhqt/2hMSqJFmwKtH1IXcYb0bGP/4iBNwag3ek1eGFNazpt8qY4=
-----END CERTIFICATE-----
Generated at Sat Jun 21 06:44:57 2025 by rpki-client