Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/-ZAvRB2OY9fT5iCnmRCO5DBBUvA.roa
File: -ZAvRB2OY9fT5iCnmRCO5DBBUvA.roa (raw, json)
Hash identifier: 5n8RRW6eg8P4GZt8WhpD9PY2t9ulG+UkjQtjYk1DTQ0=
Subject key identifier: F9:90:2F:44:1D:8E:63:D7:D3:E6:20:A7:99:10:8E:E4:30:41:52:F0
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 04E5
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/-ZAvRB2OY9fT5iCnmRCO5DBBUvA.roa
Signing time: Tue 13 May 2025 14:37:59 +0000
ROA not before: Tue 13 May 2025 14:37:59 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1253 (0x4e5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 13 14:37:59 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=F9902F441D8E63D7D3E620A799108EE4304152F0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:8c:d6:24:04:5a:e8:4c:c0:e7:96:2d:87:c3:
65:c0:6d:90:4a:0b:df:d7:85:12:41:eb:a0:a6:e2:
40:71:c1:a5:a0:d4:5f:42:52:44:6c:7d:70:32:13:
06:ec:e0:b7:57:6e:5d:9e:fd:c4:0c:fd:54:9d:97:
04:19:27:39:7b:c6:d1:55:95:48:97:f9:17:0d:fe:
1e:50:3c:12:56:07:59:ae:88:77:b1:9f:18:4c:ae:
3b:ea:69:df:f9:59:0b:d3:39:1a:7e:c8:ca:85:9f:
fe:6d:a2:d5:6f:9e:76:47:b9:47:80:68:e1:ac:50:
ca:63:c8:48:91:91:9f:67:75:4d:b5:48:d3:00:85:
5e:48:20:14:46:40:72:18:88:95:10:10:bb:aa:f2:
6d:dd:24:1a:44:bb:2a:f6:6a:7f:1b:2e:15:e6:ba:
bc:76:a2:34:07:3d:80:8c:8b:a4:7d:74:a7:ca:35:
cd:ac:f3:02:b8:1f:1d:c3:08:2a:c2:83:72:c6:11:
1e:28:23:2b:fc:b4:1e:42:05:a5:bf:06:cd:76:76:
af:b2:0c:ae:b2:73:75:55:dc:7f:6d:3a:8d:18:5b:
41:8d:d4:65:1d:cb:1b:2d:44:f0:5e:de:67:5b:7a:
98:7b:dd:dd:ab:1f:4a:73:48:71:f6:59:c8:1b:c5:
4b:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:90:2F:44:1D:8E:63:D7:D3:E6:20:A7:99:10:8E:E4:30:41:52:F0
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/-ZAvRB2OY9fT5iCnmRCO5DBBUvA.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
07:29:09:23:b2:e5:8c:8e:31:f3:a0:98:29:1a:c0:43:ee:e8:
c9:f0:05:50:f9:94:b0:68:8b:25:b5:8c:81:f5:aa:8b:27:77:
f1:87:ec:6a:48:3a:da:aa:bb:b9:a1:f6:3d:c2:66:84:70:d6:
c6:9a:71:8f:dc:2b:1f:62:f4:41:ea:46:a6:5a:0f:b0:e3:5c:
99:37:2a:8d:51:e4:35:bb:29:1a:aa:63:b6:f0:43:5d:cf:0c:
0b:a7:0e:64:b3:65:f0:25:36:77:c7:a8:b1:c3:78:7d:c4:7d:
98:01:84:f5:5a:c5:93:74:90:02:ad:0c:c5:0f:e9:d6:76:f1:
e2:74:16:d8:b2:6a:20:55:e1:03:6f:dd:92:9a:7d:52:5e:d3:
5b:9f:43:67:ac:9c:ca:fb:0f:7f:82:4a:cc:7d:7e:6b:36:3d:
1b:0f:9f:0d:59:66:cd:11:92:a1:c7:10:e5:51:09:c1:54:9f:
cd:78:94:5f:99:f8:c1:3b:92:06:1e:b9:47:53:53:9e:f1:4a:
e5:54:04:22:77:28:e9:98:0c:50:07:9a:10:20:8f:3c:0a:04:
ab:bc:12:e6:90:83:57:f8:a7:18:c9:7b:15:34:22:1a:15:ed:
73:ba:36:f4:c2:99:26:09:b1:c7:84:6c:2f:7b:00:c8:8e:c3:
55:46:c5:40
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICBOUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTMx
NDM3NTlaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEY5OTAyRjQ0MUQ4RTYz
RDdEM0U2MjBBNzk5MTA4RUU0MzA0MTUyRjAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDTjNYkBFroTMDnli2Hw2XAbZBKC9/XhRJB66Cm4kBxwaWg1F9C
UkRsfXAyEwbs4LdXbl2e/cQM/VSdlwQZJzl7xtFVlUiX+RcN/h5QPBJWB1muiHex
nxhMrjvqad/5WQvTORp+yMqFn/5totVvnnZHuUeAaOGsUMpjyEiRkZ9ndU21SNMA
hV5IIBRGQHIYiJUQELuq8m3dJBpEuyr2an8bLhXmurx2ojQHPYCMi6R9dKfKNc2s
8wK4Hx3DCCrCg3LGER4oIyv8tB5CBaW/Bs12dq+yDK6yc3VV3H9tOo0YW0GN1GUd
yxstRPBe3mdbeph73d2rH0pzSHH2WcgbxUsPAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQU+ZAvRB2OY9fT5iCnmRCO5DBBUvAwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni8tWkF2UkIyT1k5ZlQ1aUNu
bVJDTzVEQkJVdkEucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBAAcpCSOy5YyOMfOgmCkawEPu6MnwBVD5lLBo
iyW1jIH1qosnd/GH7GpIOtqqu7mh9j3CZoRw1saacY/cKx9i9EHqRqZaD7DjXJk3
Ko1R5DW7KRqqY7bwQ13PDAunDmSzZfAlNnfHqLHDeH3EfZgBhPVaxZN0kAKtDMUP
6dZ28eJ0FtiyaiBV4QNv3ZKafVJe01ufQ2esnMr7D3+CSsx9fms2PRsPnw1ZZs0R
kqHHEOVRCcFUn814lF+Z+ME7kgYeuUdTU57xSuVUBCJ3KOmYDFAHmhAgjzwKBKu8
EuaQg1f4pxjJexU0IhoV7XO6NvTCmSYJsceEbC97AMiOw1VGxUA=
-----END CERTIFICATE-----
Generated at Fri Jun 20 19:28:10 2025 by rpki-client