Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/wYo1EWfEQt4-q3G1GSvHbf3v7W4.roa
File: wYo1EWfEQt4-q3G1GSvHbf3v7W4.roa (raw, json)
Hash identifier: VMIs26fXsyHqqAn/kWbxNpd8BChBgRwYCLPX9jNhoQU=
Subject key identifier: C1:8A:35:11:67:C4:42:DE:3E:AB:71:B5:19:2B:C7:6D:FD:EF:ED:6E
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0495
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/wYo1EWfEQt4-q3G1GSvHbf3v7W4.roa
Signing time: Tue 13 May 2025 04:38:01 +0000
ROA not before: Tue 13 May 2025 04:38:01 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1173 (0x495)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 13 04:38:01 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=C18A351167C442DE3EAB71B5192BC76DFDEFED6E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:19:a1:e7:37:53:6f:55:c7:6c:0a:64:a2:3d:
2d:98:8e:34:2f:8b:ac:87:61:6b:37:33:b3:70:cb:
82:9f:d0:af:77:32:3c:7c:d9:00:2b:c0:e2:72:e9:
6d:a0:6a:1d:c3:39:90:ea:44:80:61:48:37:53:16:
4e:a4:90:08:6d:e0:69:2f:d5:e3:f7:dc:02:28:de:
1f:82:30:50:1a:d4:aa:46:20:0c:64:1d:c4:e3:e5:
e1:31:88:6b:25:39:8b:22:d9:b4:30:f6:8e:9a:dc:
6e:2d:9c:cf:c9:ef:d0:53:ad:fb:a0:d2:e3:fc:f8:
06:17:d0:d7:a8:a4:ee:1d:fa:cd:3d:1b:6f:68:4e:
a2:cf:83:64:7b:1a:ac:12:8d:fd:5e:cc:3b:4f:ac:
6a:6f:67:ef:d8:74:c9:d4:7e:f0:c8:bd:a8:a2:2f:
e8:d0:2d:da:05:45:39:34:c3:56:ba:62:91:16:d8:
d6:28:85:c8:0f:a5:d4:6d:c1:f9:a6:96:34:63:10:
75:89:d0:38:4e:0b:8f:b3:b2:71:12:63:e2:eb:19:
d5:3c:ce:b5:44:74:41:cc:0c:59:6d:ed:eb:1e:38:
95:0e:5d:7b:ad:bb:d8:10:c2:97:96:9b:b5:3e:bd:
b8:d1:ff:4c:c2:9e:d0:60:0f:e5:d3:f6:34:d6:ca:
de:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:8A:35:11:67:C4:42:DE:3E:AB:71:B5:19:2B:C7:6D:FD:EF:ED:6E
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/wYo1EWfEQt4-q3G1GSvHbf3v7W4.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
4d:b3:b7:ea:26:e4:3c:8d:db:50:09:b5:6c:98:f9:ab:3b:7a:
8a:1d:a5:85:e1:15:3b:6e:b0:9e:e9:ef:38:56:bb:f2:f8:7e:
32:60:98:af:e1:d8:d7:61:fe:d1:a0:c7:7e:27:4b:2b:3d:32:
9f:d8:a1:84:c0:4e:9c:00:73:ba:ac:0e:0e:45:b9:35:e8:a9:
c5:c5:07:70:fd:d8:62:d3:03:e6:67:86:79:d1:49:13:1c:6b:
c0:c2:2d:12:92:95:bc:3f:7b:23:21:1f:1a:c5:15:c6:29:6a:
6d:ee:4d:d0:63:6b:a3:55:da:2f:ff:07:1c:ed:1b:2b:f0:89:
72:04:a3:e5:98:e9:50:19:b7:2d:2f:53:fa:fe:85:f5:59:0a:
35:c9:7e:9e:f7:62:7b:eb:fc:a5:08:5b:02:f3:41:38:d1:bd:
e4:f7:8f:3e:8c:e8:af:9b:fc:02:53:a0:13:5c:cf:fa:8f:d7:
7c:08:bd:b8:b6:f0:e3:f4:bf:b7:26:9c:3b:09:ac:00:7a:74:
22:e5:8c:c3:b6:53:0f:0f:d3:c4:51:ec:56:65:57:b4:b0:31:
c4:e2:4c:c2:a1:cf:be:66:62:4f:60:e7:70:61:8f:e0:4d:b8:
d9:62:b0:c8:d4:38:df:99:ff:29:9e:2e:9a:66:cd:e5:b0:9b:
a6:99:50:34
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICBJUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTMw
NDM4MDFaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEMxOEEzNTExNjdDNDQy
REUzRUFCNzFCNTE5MkJDNzZERkRFRkVENkUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCqGaHnN1NvVcdsCmSiPS2YjjQvi6yHYWs3M7Nwy4Kf0K93Mjx8
2QArwOJy6W2gah3DOZDqRIBhSDdTFk6kkAht4Gkv1eP33AIo3h+CMFAa1KpGIAxk
HcTj5eExiGslOYsi2bQw9o6a3G4tnM/J79BTrfug0uP8+AYX0NeopO4d+s09G29o
TqLPg2R7GqwSjf1ezDtPrGpvZ+/YdMnUfvDIvaiiL+jQLdoFRTk0w1a6YpEW2NYo
hcgPpdRtwfmmljRjEHWJ0DhOC4+zsnESY+LrGdU8zrVEdEHMDFlt7eseOJUOXXut
u9gQwpeWm7U+vbjR/0zCntBgD+XT9jTWyt5DAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUwYo1EWfEQt4+q3G1GSvHbf3v7W4wHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni93WW8xRVdmRVF0NC1xM0cx
R1N2SGJmM3Y3VzQucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBAE2zt+om5DyN21AJtWyY+as7eoodpYXhFTtu
sJ7p7zhWu/L4fjJgmK/h2Ndh/tGgx34nSys9Mp/YoYTATpwAc7qsDg5FuTXoqcXF
B3D92GLTA+ZnhnnRSRMca8DCLRKSlbw/eyMhHxrFFcYpam3uTdBja6NV2i//Bxzt
GyvwiXIEo+WY6VAZty0vU/r+hfVZCjXJfp73Ynvr/KUIWwLzQTjRveT3jz6M6K+b
/AJToBNcz/qP13wIvbi28OP0v7cmnDsJrAB6dCLljMO2Uw8P08RR7FZlV7SwMcTi
TMKhz75mYk9g53Bhj+BNuNlisMjUON+Z/ymeLppmzeWwm6aZUDQ=
-----END CERTIFICATE-----
Generated at Sun Jun 15 09:26:15 2025 by rpki-client