Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/-Q0t8uBzYLanitWZJ_xD9dPFQNM.roa
File: -Q0t8uBzYLanitWZJ_xD9dPFQNM.roa (raw, json)
Hash identifier: IGI6vFrdjJf3vHViXXUH9VbfqSQmWIUF/N6xyJZw1oQ=
Subject key identifier: F9:0D:2D:F2:E0:73:60:B6:A7:8A:D5:99:27:FC:43:F5:D3:C5:40:D3
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 1595
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/-Q0t8uBzYLanitWZJ_xD9dPFQNM.roa
Signing time: Wed 04 Jun 2025 20:39:22 +0000
ROA not before: Wed 04 Jun 2025 20:39:22 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5525 (0x1595)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 4 20:39:22 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=F90D2DF2E07360B6A78AD59927FC43F5D3C540D3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:b2:b0:9c:ac:11:e9:77:94:9e:a7:fb:99:69:
91:9b:01:56:2f:66:20:e8:70:48:af:8d:d2:73:11:
23:10:4c:ee:b9:64:29:05:88:0c:30:53:8e:71:e5:
29:18:15:c7:da:88:bc:43:7b:94:d0:e9:4a:91:fc:
68:ee:a3:b4:8c:46:07:c4:09:85:8b:36:9d:6a:2d:
0b:32:14:f9:79:d7:30:10:8f:a7:17:8e:37:ae:6a:
21:a2:a5:6b:57:75:5c:1e:16:3e:ad:4f:ff:88:c0:
bd:33:9e:bf:8b:ab:0a:1e:a6:52:36:56:1f:42:f3:
45:2f:4e:85:b6:bb:70:fc:b8:c3:6d:47:2a:20:5f:
19:cb:d2:ef:1b:25:a6:14:9b:55:6a:10:bf:4f:de:
96:ff:19:89:74:e7:9e:d5:47:a5:d3:b1:ea:d6:5e:
ff:a3:30:e4:c8:28:d8:2c:15:38:08:a1:ef:56:b0:
80:30:a2:98:22:71:75:a8:5e:83:9f:e7:80:1e:ee:
e9:91:43:b1:3a:18:5e:b4:2f:2a:c6:80:d9:d5:ec:
d3:51:4b:77:9a:7b:7c:0b:f2:b1:41:e0:75:33:27:
65:29:98:0a:98:93:ec:f8:9e:ce:3f:26:8f:db:a7:
0a:13:14:18:dc:16:c2:9e:ea:3d:b9:c1:01:ad:7c:
25:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:0D:2D:F2:E0:73:60:B6:A7:8A:D5:99:27:FC:43:F5:D3:C5:40:D3
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/-Q0t8uBzYLanitWZJ_xD9dPFQNM.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
92:85:39:1a:19:f0:62:aa:e6:9e:f5:9c:1d:49:94:dd:70:12:
94:f4:07:54:e0:81:c4:5c:75:4b:eb:9b:86:bb:3a:36:f9:ef:
93:df:38:40:07:cd:82:07:84:d7:d6:d5:b9:9f:da:21:9f:27:
61:85:25:43:eb:4e:33:f4:01:71:6b:e4:21:d6:fa:b7:28:1d:
36:ab:6c:ef:e0:92:1d:6f:b3:97:7e:ea:de:72:54:6c:be:23:
bc:46:27:cc:60:99:dd:6d:92:4f:c9:2a:9d:b8:70:0b:1e:95:
91:fa:2f:52:a3:ac:52:72:ae:c1:04:3e:0a:c8:a1:36:22:ba:
30:aa:04:4b:9d:43:82:4b:f5:67:37:68:e9:34:ff:79:ff:0d:
21:1d:9c:9f:d4:1a:28:c4:0f:82:fc:88:24:68:4b:ab:88:85:
ee:de:e2:c1:02:8c:e4:d0:12:2c:ec:ea:d4:e2:52:fd:ae:c2:
37:27:00:49:9d:12:be:c7:8b:0d:92:62:9b:54:ac:8c:a2:bb:
09:a8:db:2a:04:80:b0:a2:b2:86:f1:c8:9a:8f:b5:2f:9c:be:
00:b6:70:4b:e4:f1:43:a0:a0:7f:42:cb:a5:4d:f0:e4:b9:ed:
03:f8:90:85:27:a4:c8:cf:92:1d:12:66:06:14:d0:12:0d:c8:
ab:b6:ac:bd
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICFZUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MDQy
MDM5MjJaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEY5MEQyREYyRTA3MzYw
QjZBNzhBRDU5OTI3RkM0M0Y1RDNDNTQwRDMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCusrCcrBHpd5Sep/uZaZGbAVYvZiDocEivjdJzESMQTO65ZCkF
iAwwU45x5SkYFcfaiLxDe5TQ6UqR/Gjuo7SMRgfECYWLNp1qLQsyFPl51zAQj6cX
jjeuaiGipWtXdVweFj6tT/+IwL0znr+LqwoeplI2Vh9C80UvToW2u3D8uMNtRyog
XxnL0u8bJaYUm1VqEL9P3pb/GYl0557VR6XTserWXv+jMOTIKNgsFTgIoe9WsIAw
opgicXWoXoOf54Ae7umRQ7E6GF60LyrGgNnV7NNRS3eae3wL8rFB4HUzJ2UpmAqY
k+z4ns4/Jo/bpwoTFBjcFsKe6j25wQGtfCWTAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQU+Q0t8uBzYLanitWZJ/xD9dPFQNMwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni8tUTB0OHVCellMYW5pdFda
Sl94RDlkUEZRTk0ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBAJKFORoZ8GKq5p71nB1JlN1wEpT0B1TggcRc
dUvrm4a7Ojb575PfOEAHzYIHhNfW1bmf2iGfJ2GFJUPrTjP0AXFr5CHW+rcoHTar
bO/gkh1vs5d+6t5yVGy+I7xGJ8xgmd1tkk/JKp24cAselZH6L1KjrFJyrsEEPgrI
oTYiujCqBEudQ4JL9Wc3aOk0/3n/DSEdnJ/UGijED4L8iCRoS6uIhe7e4sECjOTQ
Eizs6tTiUv2uwjcnAEmdEr7Hiw2SYptUrIyiuwmo2yoEgLCisobxyJqPtS+cvgC2
cEvk8UOgoH9Cy6VN8OS57QP4kIUnpMjPkh0SZgYU0BINyKu2rL0=
-----END CERTIFICATE-----
Generated at Sat Jun 21 16:50:16 2025 by rpki-client