Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/uDAywkyRNDqMYGHs870nUWfoLQ0.roa
File: uDAywkyRNDqMYGHs870nUWfoLQ0.roa (raw, json)
Hash identifier: m+9n+O/elebedXaTJOU9Y7TgpFle2rbe1U1bze6jUDc=
Subject key identifier: B8:30:32:C2:4C:91:34:3A:8C:60:61:EC:F3:BD:27:51:67:E8:2D:0D
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 1565
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/uDAywkyRNDqMYGHs870nUWfoLQ0.roa
Signing time: Wed 04 Jun 2025 14:39:22 +0000
ROA not before: Wed 04 Jun 2025 14:39:22 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5477 (0x1565)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 4 14:39:22 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=B83032C24C91343A8C6061ECF3BD275167E82D0D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:c3:49:d0:3d:14:d0:8a:5d:f7:03:da:dc:0e:
b1:15:32:1e:37:1d:d0:5b:72:51:89:f9:d7:a8:33:
ef:2c:d3:72:31:c2:95:fa:e8:72:62:e6:ff:09:22:
34:eb:61:4c:f9:dd:b9:bd:dd:b6:f0:7d:81:74:24:
fb:ab:26:f9:f0:88:ef:30:c4:12:4b:58:97:c5:15:
29:05:d3:50:42:a4:72:92:53:be:af:83:84:f8:23:
50:da:77:21:3d:b7:d5:eb:5e:a7:58:d1:74:ae:d7:
06:54:47:53:7d:47:88:6a:b2:f7:96:49:e9:32:cf:
61:9f:38:e8:fe:b2:ff:8b:61:67:e5:9c:d3:54:53:
ce:dd:b5:44:11:e5:af:25:e8:0e:c3:d8:9e:c6:25:
dc:90:28:6e:3f:16:17:e0:92:e8:9c:3c:16:52:23:
44:ae:81:3d:26:78:f7:64:03:03:af:f3:2a:be:2d:
a1:69:4e:73:13:ef:50:2d:02:bb:8c:20:59:33:9f:
f3:3f:8c:dc:35:21:eb:6e:d7:ed:ed:db:d0:75:cb:
2b:33:64:7c:34:7f:08:97:fd:d7:a6:03:f6:5f:53:
bc:3e:28:d7:57:98:21:18:cb:5b:6e:04:03:52:45:
34:54:fe:3c:c2:37:95:41:3c:bb:b5:79:3d:bf:11:
6c:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:30:32:C2:4C:91:34:3A:8C:60:61:EC:F3:BD:27:51:67:E8:2D:0D
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/uDAywkyRNDqMYGHs870nUWfoLQ0.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
4a:f5:0d:82:50:fd:08:b3:cd:8d:24:34:35:6a:6d:05:c3:6a:
ea:4a:67:2c:8d:27:12:58:c0:e2:54:89:01:00:9f:fa:8d:d2:
f6:dc:aa:47:95:b0:73:b1:74:72:76:a4:9d:50:dc:28:40:1c:
76:d3:d3:86:c1:60:9c:5b:a0:6f:0f:e8:b5:7d:6f:b3:c1:df:
89:38:de:dd:aa:46:14:a7:d2:63:4f:c9:94:85:4a:06:78:47:
64:3b:75:01:30:8c:bd:9f:28:14:d8:50:b4:94:13:35:00:fd:
22:96:db:63:2e:6f:4b:34:e6:16:59:c1:f3:53:9d:50:84:1d:
4c:07:10:86:1a:62:15:24:98:63:4f:5c:11:6d:c8:ab:c6:cd:
7f:1e:26:e4:77:57:ce:d5:ef:93:89:42:a2:a1:ac:8e:95:13:
3d:a0:61:96:3d:72:63:d8:f8:e0:bf:dc:78:20:3f:84:69:e1:
6b:2b:e3:b1:77:15:bf:4c:85:01:fe:c4:cf:f9:71:4d:1a:59:
63:8b:ba:a1:42:65:0e:c5:39:a6:54:df:cc:13:19:99:50:91:
45:9c:75:ca:4c:0b:5d:99:26:29:2c:b0:58:de:0d:db:72:75:
21:f2:01:84:6b:ce:99:ef:3e:1e:95:32:4e:22:c2:9c:19:3b:
1e:e0:72:21
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICFWUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MDQx
NDM5MjJaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEI4MzAzMkMyNEM5MTM0
M0E4QzYwNjFFQ0YzQkQyNzUxNjdFODJEMEQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDTw0nQPRTQil33A9rcDrEVMh43HdBbclGJ+deoM+8s03IxwpX6
6HJi5v8JIjTrYUz53bm93bbwfYF0JPurJvnwiO8wxBJLWJfFFSkF01BCpHKSU76v
g4T4I1DadyE9t9XrXqdY0XSu1wZUR1N9R4hqsveWSekyz2GfOOj+sv+LYWflnNNU
U87dtUQR5a8l6A7D2J7GJdyQKG4/FhfgkuicPBZSI0SugT0mePdkAwOv8yq+LaFp
TnMT71AtAruMIFkzn/M/jNw1Ietu1+3t29B1yyszZHw0fwiX/demA/ZfU7w+KNdX
mCEYy1tuBANSRTRU/jzCN5VBPLu1eT2/EWxjAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUuDAywkyRNDqMYGHs870nUWfoLQ0wHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni91REF5d2t5Uk5EcU1ZR0hz
ODcwblVXZm9MUTAucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBAEr1DYJQ/QizzY0kNDVqbQXDaupKZyyNJxJY
wOJUiQEAn/qN0vbcqkeVsHOxdHJ2pJ1Q3ChAHHbT04bBYJxboG8P6LV9b7PB34k4
3t2qRhSn0mNPyZSFSgZ4R2Q7dQEwjL2fKBTYULSUEzUA/SKW22Mub0s05hZZwfNT
nVCEHUwHEIYaYhUkmGNPXBFtyKvGzX8eJuR3V87V75OJQqKhrI6VEz2gYZY9cmPY
+OC/3HggP4Rp4Wsr47F3Fb9MhQH+xM/5cU0aWWOLuqFCZQ7FOaZU38wTGZlQkUWc
dcpMC12ZJikssFjeDdtydSHyAYRrzpnvPh6VMk4iwpwZOx7gciE=
-----END CERTIFICATE-----
Generated at Sun Jun 22 22:44:58 2025 by rpki-client