Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/u4fuNuN__tQkTjNrm_AvXHQ0loc.roa
File: u4fuNuN__tQkTjNrm_AvXHQ0loc.roa (raw, json)
Hash identifier: wsf8cyyntX7jUkEw3NcyaOIJFklsYEq3fnWGFCLXX9U=
Subject key identifier: BB:87:EE:36:E3:7F:FE:D4:24:4E:33:6B:9B:F0:2F:5C:74:34:96:87
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 036D
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/u4fuNuN__tQkTjNrm_AvXHQ0loc.roa
Signing time: Sun 11 May 2025 15:37:52 +0000
ROA not before: Sun 11 May 2025 15:37:52 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 877 (0x36d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 11 15:37:52 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=BB87EE36E37FFED4244E336B9BF02F5C74349687
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:e2:45:7e:25:de:bc:55:d4:7d:83:ab:0c:3d:
41:37:f7:dc:13:a5:09:8e:9e:70:e9:e5:3c:5b:6d:
ed:87:13:3c:24:27:96:66:2d:9d:b5:28:79:04:db:
a2:e9:65:4b:3b:4a:d1:d3:81:cf:56:04:f7:05:2a:
c7:b7:3d:2f:6e:ed:6d:f1:e5:93:22:0f:95:2d:35:
45:bd:22:36:40:8d:f2:6c:03:fe:f3:1a:74:78:26:
6d:4d:5b:a0:e8:a2:2f:61:ba:4a:d7:5a:2d:d9:8d:
b6:0a:9d:6b:e0:ef:18:e1:1f:be:ef:d5:13:40:18:
fb:66:4f:97:38:7a:21:4b:a6:b7:17:8b:34:d3:41:
2b:3c:f5:a1:ad:f1:d0:9b:dc:93:08:c7:1c:1a:18:
13:f9:50:15:06:f0:53:d0:0e:23:32:dc:18:94:cc:
ad:a4:55:e5:72:c2:d9:bf:77:31:fe:0f:12:9a:54:
73:d5:7e:16:e7:19:5d:8e:70:d4:fb:a3:eb:49:f2:
6c:da:13:3c:56:b5:ac:99:3c:a6:c9:82:18:63:94:
21:70:f6:33:46:d4:12:df:53:b4:fc:31:dc:4a:8a:
14:e7:bf:ed:f8:42:3e:0f:2d:af:3c:28:d6:35:46:
7f:19:78:88:20:28:ca:02:ee:ee:b2:45:12:a8:11:
cc:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:87:EE:36:E3:7F:FE:D4:24:4E:33:6B:9B:F0:2F:5C:74:34:96:87
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/u4fuNuN__tQkTjNrm_AvXHQ0loc.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
59:77:fd:a5:72:a8:fb:b8:90:91:ad:40:33:07:e7:d0:8d:ff:
71:43:96:08:95:72:f8:00:0f:af:f9:42:a3:f4:86:08:c1:9f:
01:f6:49:0f:0e:e5:cc:eb:ef:59:17:6e:2b:d2:ee:ad:71:f9:
c2:2e:30:cc:16:4c:df:82:cd:7f:0f:33:e4:fd:e5:01:61:35:
8f:e8:fe:3d:ab:b6:94:67:14:c1:fc:bb:4f:ce:3d:c3:1d:3b:
4c:94:1f:bd:75:ea:27:f2:e0:74:bf:92:d6:c1:71:eb:6b:08:
9f:38:30:e3:07:da:7f:46:99:5e:d5:af:52:10:f0:72:46:90:
7d:c9:1b:24:0f:a8:40:8c:d3:27:5e:1b:ba:e8:25:f9:31:6f:
99:4e:af:9d:7c:98:63:9a:a4:18:8d:97:56:6e:a5:74:b7:bb:
04:e1:09:7e:3a:db:00:86:3e:26:28:85:39:ba:38:e5:d3:92:
44:5a:52:ec:d0:61:3e:f5:b4:9d:2a:04:64:bf:36:bd:9b:4c:
b8:f1:42:59:22:3d:4d:12:c5:71:e0:ae:53:28:e1:a8:c5:2f:
67:6d:a9:87:ac:93:96:61:d9:04:24:90:90:18:ee:25:cd:7a:
75:57:94:19:ff:0e:a5:20:2d:c2:94:d1:1f:99:9c:d8:e1:9c:
a3:8b:bb:32
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICA20wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTEx
NTM3NTJaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEJCODdFRTM2RTM3RkZF
RDQyNDRFMzM2QjlCRjAyRjVDNzQzNDk2ODcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDi4kV+Jd68VdR9g6sMPUE399wTpQmOnnDp5Txbbe2HEzwkJ5Zm
LZ21KHkE26LpZUs7StHTgc9WBPcFKse3PS9u7W3x5ZMiD5UtNUW9IjZAjfJsA/7z
GnR4Jm1NW6Dooi9hukrXWi3ZjbYKnWvg7xjhH77v1RNAGPtmT5c4eiFLprcXizTT
QSs89aGt8dCb3JMIxxwaGBP5UBUG8FPQDiMy3BiUzK2kVeVywtm/dzH+DxKaVHPV
fhbnGV2OcNT7o+tJ8mzaEzxWtayZPKbJghhjlCFw9jNG1BLfU7T8MdxKihTnv+34
Qj4PLa88KNY1Rn8ZeIggKMoC7u6yRRKoEcyxAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUu4fuNuN//tQkTjNrm/AvXHQ0locwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni91NGZ1TnVOX190UWtUak5y
bV9BdlhIUTBsb2Mucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBAFl3/aVyqPu4kJGtQDMH59CN/3FDlgiVcvgA
D6/5QqP0hgjBnwH2SQ8O5czr71kXbivS7q1x+cIuMMwWTN+CzX8PM+T95QFhNY/o
/j2rtpRnFMH8u0/OPcMdO0yUH7116ify4HS/ktbBcetrCJ84MOMH2n9GmV7Vr1IQ
8HJGkH3JGyQPqECM0ydeG7roJfkxb5lOr518mGOapBiNl1ZupXS3uwThCX462wCG
PiYohTm6OOXTkkRaUuzQYT71tJ0qBGS/Nr2bTLjxQlkiPU0SxXHgrlMo4ajFL2dt
qYesk5Zh2QQkkJAY7iXNenVXlBn/DqUgLcKU0R+ZnNjhnKOLuzI=
-----END CERTIFICATE-----
Generated at Sun Jun 22 01:06:22 2025 by rpki-client