Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/ycWHtcv6E28CfE27bQiQeX8aUc0.roa
File: ycWHtcv6E28CfE27bQiQeX8aUc0.roa (raw, json)
Hash identifier: jHcTg+MprHirP7r88tSHye9n4nXTu988dD8Ng/hjImQ=
Subject key identifier: C9:C5:87:B5:CB:FA:13:6F:02:7C:4D:BB:6D:08:90:79:7F:1A:51:CD
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 1449
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/ycWHtcv6E28CfE27bQiQeX8aUc0.roa
Signing time: Tue 03 Jun 2025 03:09:15 +0000
ROA not before: Tue 03 Jun 2025 03:09:15 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5193 (0x1449)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 3 03:09:15 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=C9C587B5CBFA136F027C4DBB6D0890797F1A51CD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:ea:25:2d:b9:2f:cf:71:af:8c:4a:89:e0:d9:
bd:80:38:7d:0d:32:48:9c:7e:8c:29:42:6d:7b:eb:
d8:17:af:a3:2a:52:5a:2c:11:99:a6:86:be:0e:b0:
02:23:40:59:83:fc:d6:ec:cb:50:50:68:00:e1:8e:
dd:03:54:77:38:49:b1:7b:26:06:bd:5f:f5:82:ff:
40:bf:77:8d:c1:86:33:fc:41:ac:94:db:fa:fc:39:
81:6d:b6:b9:c3:86:02:69:3b:ab:a8:d0:a5:14:84:
2a:b4:76:68:4d:a3:85:e3:96:f5:bd:27:5c:68:79:
f2:95:39:5d:ba:55:71:8c:06:40:6a:e6:d9:ea:a6:
5c:05:25:5a:37:2c:0f:ad:0d:c9:44:32:67:6f:41:
f5:c5:67:93:d1:b6:a6:0a:15:dc:95:f1:2d:ac:50:
e1:50:e9:cb:1f:b7:85:d5:5f:3f:5f:19:50:a4:bc:
79:27:63:df:3a:f9:ae:cc:75:f2:44:b1:a3:fd:5f:
cb:65:86:7c:37:58:a8:af:ac:45:3f:d0:d9:3a:77:
f0:9d:50:16:a4:79:ba:79:b8:44:cb:bb:df:d0:30:
b2:fc:35:d1:c3:ff:88:5f:56:f6:c8:90:77:53:a5:
1e:6c:65:28:5a:74:3e:ab:12:4d:4a:4c:af:05:d4:
9f:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:C5:87:B5:CB:FA:13:6F:02:7C:4D:BB:6D:08:90:79:7F:1A:51:CD
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/ycWHtcv6E28CfE27bQiQeX8aUc0.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
72:83:2a:de:42:cb:d4:30:60:18:88:24:19:3a:cd:3d:d6:ec:
6d:9f:63:5b:39:6a:d8:e0:19:ed:f1:aa:6d:7c:59:fa:cd:40:
e8:31:91:76:8e:b6:12:ab:e4:68:e9:a0:59:b3:03:ee:31:62:
0e:95:c0:5a:5f:bc:a8:26:42:94:e4:b3:ab:23:6c:5d:70:17:
ee:19:cb:c8:f6:e0:0b:7c:7f:40:4d:be:47:ee:a9:48:eb:76:
4b:c8:6c:9a:c4:68:e6:c9:83:e2:9d:06:1b:15:72:7d:a0:13:
06:7f:d7:3f:c3:55:67:ca:bc:15:0f:f5:7c:2b:89:08:d8:0d:
19:dd:ff:5b:10:e2:da:93:15:0b:8f:96:e9:70:b1:19:ce:c6:
40:12:82:cc:32:48:61:cd:c3:cc:c3:6e:9e:d3:b6:2d:8d:41:
e8:ee:0e:b7:4c:83:b3:e0:38:38:62:b0:75:84:59:05:5b:51:
d5:bf:21:ba:3f:fd:72:f1:6e:f4:11:24:89:e8:29:86:8c:a5:
d8:cf:b9:10:38:b2:04:67:a8:70:2d:2a:2d:b6:00:e5:eb:d8:
c7:95:37:64:51:7a:88:15:40:44:4b:bc:6b:4b:6c:e6:82:2b:
50:7e:c9:d3:e8:c4:3f:9c:e0:e8:dd:da:28:b3:e5:05:ce:8b:
ec:b1:bf:97
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICFEkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MDMw
MzA5MTVaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEM5QzU4N0I1Q0JGQTEz
NkYwMjdDNERCQjZEMDg5MDc5N0YxQTUxQ0QwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDV6iUtuS/Pca+MSong2b2AOH0NMkicfowpQm1769gXr6MqUlos
EZmmhr4OsAIjQFmD/Nbsy1BQaADhjt0DVHc4SbF7Jga9X/WC/0C/d43BhjP8QayU
2/r8OYFttrnDhgJpO6uo0KUUhCq0dmhNo4XjlvW9J1xoefKVOV26VXGMBkBq5tnq
plwFJVo3LA+tDclEMmdvQfXFZ5PRtqYKFdyV8S2sUOFQ6csft4XVXz9fGVCkvHkn
Y986+a7MdfJEsaP9X8tlhnw3WKivrEU/0Nk6d/CdUBakebp5uETLu9/QMLL8NdHD
/4hfVvbIkHdTpR5sZShadD6rEk1KTK8F1J8rAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUycWHtcv6E28CfE27bQiQeX8aUc0wHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni95Y1dIdGN2NkUyOENmRTI3
YlFpUWVYOGFVYzAucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBAHKDKt5Cy9QwYBiIJBk6zT3W7G2fY1s5atjg
Ge3xqm18WfrNQOgxkXaOthKr5GjpoFmzA+4xYg6VwFpfvKgmQpTks6sjbF1wF+4Z
y8j24At8f0BNvkfuqUjrdkvIbJrEaObJg+KdBhsVcn2gEwZ/1z/DVWfKvBUP9Xwr
iQjYDRnd/1sQ4tqTFQuPlulwsRnOxkASgswySGHNw8zDbp7Tti2NQejuDrdMg7Pg
ODhisHWEWQVbUdW/Ibo//XLxbvQRJInoKYaMpdjPuRA4sgRnqHAtKi22AOXr2MeV
N2RReogVQERLvGtLbOaCK1B+ydPoxD+c4Ojd2iiz5QXOi+yxv5c=
-----END CERTIFICATE-----
Generated at Sun Jun 22 13:31:03 2025 by rpki-client