Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/-RUIw5LKNV27s4-5ep-lszjiucI.roa
File: -RUIw5LKNV27s4-5ep-lszjiucI.roa (raw, json)
Hash identifier: FaYqzJbelcQxgSuGRIuEQG7/BCLfq27NSm/rk5Yk/PU=
Subject key identifier: F9:15:08:C3:92:CA:35:5D:BB:B3:8F:B9:7A:9F:A5:B3:38:E2:B9:C2
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 1C91
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/-RUIw5LKNV27s4-5ep-lszjiucI.roa
Signing time: Sat 14 Jun 2025 04:09:55 +0000
ROA not before: Sat 14 Jun 2025 04:09:55 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7313 (0x1c91)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 14 04:09:55 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=F91508C392CA355DBBB38FB97A9FA5B338E2B9C2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:2d:b0:88:51:60:0f:6a:c8:0d:12:e4:b9:01:
9b:cb:1a:10:cf:1f:c1:20:d1:53:f2:3b:57:a8:6b:
3e:ba:92:1c:92:7b:24:58:02:6d:d9:24:25:87:88:
f4:70:23:ff:e6:45:3a:a1:f9:ab:b6:ea:77:22:fa:
84:01:23:c7:97:08:4f:ec:dd:91:47:a7:4a:f4:18:
42:42:7b:9f:d5:2f:a1:9a:1f:c0:91:4c:b7:6b:2f:
95:37:59:c4:ea:bf:df:95:5a:35:c4:b0:ee:35:12:
75:b6:90:08:92:68:09:64:99:e0:87:6b:aa:e5:1a:
60:30:54:57:5e:2b:ee:0a:d1:d5:36:13:66:7c:85:
a7:7c:4c:07:4b:25:75:a1:70:d2:ac:a9:76:0f:8f:
01:20:9d:bc:7a:53:03:e0:e3:fd:90:33:b1:fa:df:
6d:fc:27:9d:52:47:11:54:c9:0b:1a:ee:28:b8:7d:
f6:2a:5b:90:e1:23:c2:b8:9d:8e:ad:71:55:5e:31:
d4:c9:a8:88:fb:fa:0d:d9:3e:de:e8:b2:7c:7b:c5:
19:30:a6:40:87:14:df:74:58:d4:a9:8d:20:77:b2:
98:4c:0f:e0:a3:0e:cb:7a:59:74:1c:81:23:18:af:
c0:c8:e3:5c:63:01:2f:de:ae:e7:64:27:2a:f2:04:
0c:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:15:08:C3:92:CA:35:5D:BB:B3:8F:B9:7A:9F:A5:B3:38:E2:B9:C2
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/-RUIw5LKNV27s4-5ep-lszjiucI.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
14:92:72:f8:1b:0b:da:b1:c4:93:10:12:5c:45:82:59:17:a5:
a3:0c:11:e2:26:5f:8d:1b:39:39:ef:0b:7c:45:4b:f6:7c:6c:
89:0d:b8:0a:b7:6d:da:dc:6d:ed:39:76:c9:47:f7:79:db:54:
ae:4b:c9:16:8c:11:69:ea:60:23:32:96:a1:3e:ad:c4:58:44:
81:66:73:c6:88:0b:d9:98:45:83:bd:9c:21:f3:5c:cb:01:b6:
3f:d2:69:84:dc:02:f6:95:7a:59:03:3f:aa:43:19:82:c4:01:
8d:d9:f1:ed:90:c1:3b:ba:40:e5:37:39:0c:8a:9f:e4:86:a8:
33:bb:f4:70:98:51:0b:75:83:aa:c4:86:1c:3b:70:50:f2:5e:
8c:a2:83:d9:c7:1d:bd:1e:3b:ac:67:22:57:19:11:36:94:c4:
90:3a:35:1e:19:1c:0b:75:6b:81:ef:2d:59:2b:d9:ca:8b:77:
08:5e:27:3e:a8:0a:1e:55:27:13:9c:1b:8e:a0:8f:87:9f:be:
e1:c4:be:e1:7c:12:13:da:68:47:7f:17:cb:d0:6b:14:49:6b:
8c:84:77:9b:cb:e8:77:21:ab:bd:7e:87:3b:48:08:15:81:83:
87:00:96:e7:0b:ff:e2:87:86:fa:40:97:1a:74:67:6e:84:99:
23:bb:02:df
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICHJEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MTQw
NDA5NTVaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEY5MTUwOEMzOTJDQTM1
NURCQkIzOEZCOTdBOUZBNUIzMzhFMkI5QzIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDELbCIUWAPasgNEuS5AZvLGhDPH8Eg0VPyO1eoaz66khySeyRY
Am3ZJCWHiPRwI//mRTqh+au26nci+oQBI8eXCE/s3ZFHp0r0GEJCe5/VL6GaH8CR
TLdrL5U3WcTqv9+VWjXEsO41EnW2kAiSaAlkmeCHa6rlGmAwVFdeK+4K0dU2E2Z8
had8TAdLJXWhcNKsqXYPjwEgnbx6UwPg4/2QM7H63238J51SRxFUyQsa7ii4ffYq
W5DhI8K4nY6tcVVeMdTJqIj7+g3ZPt7osnx7xRkwpkCHFN90WNSpjSB3sphMD+Cj
Dst6WXQcgSMYr8DI41xjAS/erudkJyryBAwjAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQU+RUIw5LKNV27s4+5ep+lszjiucIwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni8tUlVJdzVMS05WMjdzNC01
ZXAtbHN6aml1Y0kucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBABSScvgbC9qxxJMQElxFglkXpaMMEeImX40b
OTnvC3xFS/Z8bIkNuAq3bdrcbe05dslH93nbVK5LyRaMEWnqYCMylqE+rcRYRIFm
c8aIC9mYRYO9nCHzXMsBtj/SaYTcAvaVelkDP6pDGYLEAY3Z8e2QwTu6QOU3OQyK
n+SGqDO79HCYUQt1g6rEhhw7cFDyXoyig9nHHb0eO6xnIlcZETaUxJA6NR4ZHAt1
a4HvLVkr2cqLdwheJz6oCh5VJxOcG46gj4efvuHEvuF8EhPaaEd/F8vQaxRJa4yE
d5vL6Hchq71+hztICBWBg4cAlucL/+KHhvpAlxp0Z26EmSO7At8=
-----END CERTIFICATE-----
Generated at Sat Jun 21 13:46:26 2025 by rpki-client