Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/xM41XY4ra00GYxfMOE1EhGyrYCA.roa
File: xM41XY4ra00GYxfMOE1EhGyrYCA.roa (raw, json)
Hash identifier: snSTwqCfjoXND+XKcRgWRouQW8xJQrdt71lUBuiZupQ=
Subject key identifier: C4:CE:35:5D:8E:2B:6B:4D:06:63:17:CC:38:4D:44:84:6C:AB:60:20
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0259
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/xM41XY4ra00GYxfMOE1EhGyrYCA.roa
Signing time: Sat 10 May 2025 05:08:22 +0000
ROA not before: Sat 10 May 2025 05:08:22 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 601 (0x259)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 10 05:08:22 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=C4CE355D8E2B6B4D066317CC384D44846CAB6020
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:de:70:e2:04:72:13:83:d7:08:94:29:70:f9:
31:af:00:3a:4c:72:a5:eb:90:f6:3b:60:76:3c:6b:
2f:9f:01:7c:e7:3b:98:3f:54:f4:76:3a:69:dd:d8:
cc:cd:a2:bd:1d:01:bd:cd:7f:b7:47:fb:2e:53:5a:
a4:f1:ce:0f:97:c5:34:4b:44:ac:df:ae:60:ef:b0:
4f:a2:d0:4a:ba:b5:50:5e:bb:dd:2a:45:9f:38:a4:
45:2e:43:30:2e:4c:2a:29:20:09:18:0e:df:b4:37:
3a:d1:44:8d:7f:f8:ef:36:87:2f:f8:51:fc:b8:65:
a8:51:d0:72:61:c6:8d:c7:26:ea:a3:9a:7c:bd:8b:
0f:f5:16:38:3c:5c:19:69:db:ab:a0:8a:17:e4:4e:
64:b9:22:60:a3:8b:d1:1f:00:d2:55:c5:bb:4c:d1:
0f:c0:92:64:22:3f:e9:87:04:8d:96:4b:82:35:c2:
cd:47:dc:dd:fa:bb:a9:bd:11:13:3b:9c:7f:f6:c1:
06:9d:62:60:85:a6:55:c4:e3:26:e2:04:9b:47:d5:
f1:17:6a:d3:07:a2:5e:b8:f8:3a:b6:77:c0:81:80:
46:72:25:86:10:ba:0e:e0:cc:9b:7d:27:ef:c4:1f:
64:0a:0a:a9:c5:e3:35:ae:cb:02:a8:61:bf:80:b1:
b6:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:CE:35:5D:8E:2B:6B:4D:06:63:17:CC:38:4D:44:84:6C:AB:60:20
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/xM41XY4ra00GYxfMOE1EhGyrYCA.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
17:0d:b0:19:0b:ed:dd:e6:e8:9b:9c:e9:8f:40:88:2f:95:2c:
6e:93:9d:e3:ea:bb:a0:fc:f1:03:75:4d:99:f4:25:c5:2c:c8:
16:20:1e:17:e8:b8:22:80:6c:0c:d5:2f:4f:91:34:8d:8e:63:
26:59:fc:35:5f:b3:dc:11:12:f5:d6:69:44:24:e4:45:3b:bc:
bb:63:65:f2:41:6b:4e:ba:e9:46:89:d0:f3:33:9b:c3:17:5e:
d3:80:54:82:44:f8:2b:5d:3b:c2:af:0a:21:9b:f3:74:4a:6d:
cb:31:0e:1d:e4:f2:ff:78:ed:b1:83:cf:0e:94:1f:b3:96:0f:
33:e4:09:7a:5f:9c:f4:5c:05:4a:da:55:93:6c:aa:3b:9e:52:
c8:bf:2b:ae:a6:48:6b:74:56:21:29:08:68:f5:29:72:14:f0:
34:2d:bd:c7:0d:65:2b:c4:68:bc:74:28:ad:e5:00:9c:a4:6a:
c4:2a:84:2e:83:89:df:84:fd:3f:51:b5:c5:cc:91:20:d2:3f:
c7:81:a0:89:c2:97:b2:6b:e7:13:2f:2e:a9:43:97:b1:b5:50:
bd:dd:04:32:78:b4:d8:28:64:3e:52:94:c8:19:15:3f:76:b6:
bf:10:8c:b6:51:71:9d:f1:34:81:c4:f2:e9:53:d1:ed:2a:08:
75:ef:7e:d4
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICAlkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTAw
NTA4MjJaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEM0Q0UzNTVEOEUyQjZC
NEQwNjYzMTdDQzM4NEQ0NDg0NkNBQjYwMjAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC03nDiBHITg9cIlClw+TGvADpMcqXrkPY7YHY8ay+fAXznO5g/
VPR2Omnd2MzNor0dAb3Nf7dH+y5TWqTxzg+XxTRLRKzfrmDvsE+i0Eq6tVBeu90q
RZ84pEUuQzAuTCopIAkYDt+0NzrRRI1/+O82hy/4Ufy4ZahR0HJhxo3HJuqjmny9
iw/1Fjg8XBlp26ugihfkTmS5ImCji9EfANJVxbtM0Q/AkmQiP+mHBI2WS4I1ws1H
3N36u6m9ERM7nH/2wQadYmCFplXE4ybiBJtH1fEXatMHol64+Dq2d8CBgEZyJYYQ
ug7gzJt9J+/EH2QKCqnF4zWuywKoYb+AsbbVAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUxM41XY4ra00GYxfMOE1EhGyrYCAwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni94TTQxWFk0cmEwMEdZeGZN
T0UxRWhHeXJZQ0Eucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBABcNsBkL7d3m6Juc6Y9AiC+VLG6TnePqu6D8
8QN1TZn0JcUsyBYgHhfouCKAbAzVL0+RNI2OYyZZ/DVfs9wREvXWaUQk5EU7vLtj
ZfJBa0666UaJ0PMzm8MXXtOAVIJE+CtdO8KvCiGb83RKbcsxDh3k8v947bGDzw6U
H7OWDzPkCXpfnPRcBUraVZNsqjueUsi/K66mSGt0ViEpCGj1KXIU8DQtvccNZSvE
aLx0KK3lAJykasQqhC6Did+E/T9RtcXMkSDSP8eBoInCl7Jr5xMvLqlDl7G1UL3d
BDJ4tNgoZD5SlMgZFT92tr8QjLZRcZ3xNIHE8ulT0e0qCHXvftQ=
-----END CERTIFICATE-----
Generated at Sun Jun 22 00:49:21 2025 by rpki-client