Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/toHVGDIJGBmBs0sKLkkfA0kTsP8.roa
File: toHVGDIJGBmBs0sKLkkfA0kTsP8.roa (raw, json)
Hash identifier: OaYkAuXrHLcvuywKJrd0DYXBSj+s60xbCTOerte77h4=
Subject key identifier: B6:81:D5:18:32:09:18:19:81:B3:4B:0A:2E:49:1F:03:49:13:B0:FF
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 14E1
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/toHVGDIJGBmBs0sKLkkfA0kTsP8.roa
Signing time: Tue 03 Jun 2025 22:09:18 +0000
ROA not before: Tue 03 Jun 2025 22:09:18 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5345 (0x14e1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 3 22:09:18 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=B681D5183209181981B34B0A2E491F034913B0FF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:7b:56:b7:5f:b4:cb:46:84:8e:f1:49:31:f5:
20:43:ee:b6:40:47:1f:fb:6b:82:62:b9:67:05:ab:
e4:5f:12:ea:13:7b:48:1b:8a:47:5a:f7:3f:65:a8:
27:83:34:e4:2f:c3:88:47:35:ad:18:37:a0:1f:18:
5d:a5:23:9d:f6:87:88:28:12:c0:4c:70:bf:cf:0e:
58:18:19:3a:3d:b0:3c:4c:53:da:06:14:99:31:69:
65:e9:78:06:cf:1c:60:2a:68:6a:ba:51:74:17:0b:
47:8e:cf:31:6c:ab:9e:01:c1:7d:b4:82:05:9f:4a:
7a:f1:96:71:ff:07:0f:a8:0f:5d:b3:29:bb:c3:4d:
b2:e5:5f:9c:2a:29:67:74:dd:3e:c3:a5:b3:bc:9a:
7f:72:eb:73:3b:d6:8c:ad:85:ef:90:9f:6a:2a:36:
01:72:3c:4f:d7:08:e7:0e:6b:85:22:ca:ae:69:0d:
d8:bc:ce:ea:60:3f:c2:31:5b:b8:be:e7:01:56:f8:
55:42:8c:48:94:82:ff:c6:b8:49:28:a2:90:fc:da:
fa:7a:cf:cf:ef:25:c4:d7:da:a4:f5:a6:5f:91:59:
49:d7:8c:eb:d7:92:92:9d:c7:70:7e:19:0f:8a:aa:
d4:a9:58:2d:ee:7f:34:96:0a:dd:89:a9:47:29:b7:
60:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:81:D5:18:32:09:18:19:81:B3:4B:0A:2E:49:1F:03:49:13:B0:FF
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/toHVGDIJGBmBs0sKLkkfA0kTsP8.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
9d:23:2b:4b:b3:a7:e2:da:10:39:b9:b0:e4:6c:49:6a:94:76:
07:33:20:25:8b:79:45:1b:3a:94:2b:c8:95:7c:28:71:f8:c8:
bd:ab:ec:54:8c:99:da:fa:52:11:cd:d3:84:77:40:71:a7:6b:
08:19:cc:cd:79:ed:ab:68:8c:dd:39:9b:19:12:ea:0c:3a:10:
45:d7:7b:18:67:62:b8:55:6a:61:f3:c4:b2:88:48:f4:74:e9:
1d:8b:c7:09:ef:3a:2e:40:14:fd:80:5f:d3:70:a7:93:f9:d1:
49:c9:75:1a:48:2b:14:d0:4c:75:00:da:2e:70:2e:dc:80:ed:
e4:41:ce:cf:cf:1e:62:63:9c:39:c8:f1:57:e7:83:b9:1c:45:
cb:31:8e:40:70:48:9d:08:ff:1c:a1:e9:f9:a3:b7:e2:bd:bf:
02:b1:68:1d:b6:2c:87:30:d0:9d:e0:87:09:08:04:c6:d2:b6:
d2:00:71:d1:14:12:bf:dc:d1:3e:09:05:91:5f:5c:f7:00:16:
a2:81:d7:47:a9:a6:48:52:fe:ed:a1:f3:9f:33:80:26:76:61:
54:06:fa:de:45:b8:07:4d:e8:fb:e7:91:1b:b4:fe:65:4b:38:
fa:57:f5:f6:bb:c0:e5:6d:12:c8:7c:eb:2d:29:d8:71:08:21:
36:2e:c3:c0
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICFOEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MDMy
MjA5MThaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEI2ODFENTE4MzIwOTE4
MTk4MUIzNEIwQTJFNDkxRjAzNDkxM0IwRkYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCre1a3X7TLRoSO8Ukx9SBD7rZARx/7a4JiuWcFq+RfEuoTe0gb
ikda9z9lqCeDNOQvw4hHNa0YN6AfGF2lI532h4goEsBMcL/PDlgYGTo9sDxMU9oG
FJkxaWXpeAbPHGAqaGq6UXQXC0eOzzFsq54BwX20ggWfSnrxlnH/Bw+oD12zKbvD
TbLlX5wqKWd03T7DpbO8mn9y63M71oythe+Qn2oqNgFyPE/XCOcOa4Uiyq5pDdi8
zupgP8IxW7i+5wFW+FVCjEiUgv/GuEkoopD82vp6z8/vJcTX2qT1pl+RWUnXjOvX
kpKdx3B+GQ+KqtSpWC3ufzSWCt2JqUcpt2DBAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUtoHVGDIJGBmBs0sKLkkfA0kTsP8wHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni90b0hWR0RJSkdCbUJzMHNL
TGtrZkEwa1RzUDgucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBAJ0jK0uzp+LaEDm5sORsSWqUdgczICWLeUUb
OpQryJV8KHH4yL2r7FSMmdr6UhHN04R3QHGnawgZzM157atojN05mxkS6gw6EEXX
exhnYrhVamHzxLKISPR06R2LxwnvOi5AFP2AX9Nwp5P50UnJdRpIKxTQTHUA2i5w
LtyA7eRBzs/PHmJjnDnI8Vfng7kcRcsxjkBwSJ0I/xyh6fmjt+K9vwKxaB22LIcw
0J3ghwkIBMbSttIAcdEUEr/c0T4JBZFfXPcAFqKB10eppkhS/u2h858zgCZ2YVQG
+t5FuAdN6PvnkRu0/mVLOPpX9fa7wOVtEsh86y0p2HEIITYuw8A=
-----END CERTIFICATE-----
Generated at Sat Jun 21 16:55:25 2025 by rpki-client