Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/-ZzxwSbISi1zCFqcjeIVf3-UaPM.roa
File: -ZzxwSbISi1zCFqcjeIVf3-UaPM.roa (raw, json)
Hash identifier: 0aGi++oV6Q1ksJZThLZNXLbGnqQMtbWbGJCh3zbSgjY=
Subject key identifier: F9:9C:F1:C1:26:C8:4A:2D:73:08:5A:9C:8D:E2:15:7F:7F:94:68:F3
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 17A9
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/-ZzxwSbISi1zCFqcjeIVf3-UaPM.roa
Signing time: Sat 07 Jun 2025 15:09:29 +0000
ROA not before: Sat 07 Jun 2025 15:09:29 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6057 (0x17a9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 7 15:09:29 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=F99CF1C126C84A2D73085A9C8DE2157F7F9468F3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:ed:84:6e:8c:a6:01:bf:f6:d2:e1:85:cc:07:
b9:c9:e0:79:ed:cf:ce:25:ca:50:e8:1c:4b:9b:8b:
c2:cf:88:54:95:eb:69:b7:59:31:cc:c7:35:ea:76:
40:62:44:7d:98:bb:e0:e6:c0:fd:b3:a6:d0:d8:94:
ae:41:dc:9b:96:dd:50:a3:51:c0:70:33:a8:b7:55:
ff:b6:82:71:61:d7:3c:51:ce:2d:13:49:5e:0b:ac:
50:f7:fd:e2:27:f6:53:85:d0:44:0b:d5:b6:da:fe:
88:72:1e:49:78:03:7b:5c:0d:67:7a:5e:d0:13:7d:
17:e5:62:e9:72:7c:1b:82:de:b1:f6:ab:03:e0:23:
82:14:c2:7d:38:14:81:69:4f:36:7e:27:70:f0:a2:
9e:ab:f2:75:92:b8:33:a1:f2:7a:fe:8d:67:d1:e7:
53:53:5e:89:28:c7:c4:51:db:a9:99:6e:f1:05:16:
59:40:2d:d9:93:17:68:f8:0a:a2:07:ce:71:cb:30:
3f:aa:f1:de:ca:38:7c:44:3f:72:3a:9e:57:92:84:
e0:4f:97:d1:93:12:0e:b3:e1:37:a0:a0:c9:71:ea:
4d:72:a4:58:04:16:ba:1a:f7:69:d6:8a:f2:c9:7e:
f2:34:e4:77:87:3c:45:ba:0f:f1:22:c4:bc:62:2f:
01:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:9C:F1:C1:26:C8:4A:2D:73:08:5A:9C:8D:E2:15:7F:7F:94:68:F3
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/-ZzxwSbISi1zCFqcjeIVf3-UaPM.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
8b:25:04:8f:26:c1:54:58:38:2b:40:06:5d:0e:84:ef:f0:63:
af:f9:79:78:e1:80:a4:bd:ad:46:6f:d7:a2:74:d3:e0:5f:9a:
01:19:c7:3a:ba:06:d5:a1:77:28:03:d4:ea:c3:66:ee:9e:ff:
53:ff:e1:da:7e:f1:ff:c4:a5:46:11:9e:48:17:41:73:99:f0:
36:6f:71:e3:46:0d:95:94:46:3e:b7:5b:e8:28:b5:0a:d1:ad:
5a:8e:e3:24:5d:53:06:77:4a:bc:e4:10:60:9a:c9:f0:4f:e7:
d9:88:8a:25:06:08:3b:ad:b1:ad:a0:20:99:96:d2:4b:75:ea:
ee:80:1f:bf:9c:8a:2c:ad:ba:a4:ee:2e:03:a7:7c:ef:a4:25:
99:5f:c1:b9:cf:1c:8c:80:93:30:8f:ac:22:71:b1:0a:8a:23:
cb:44:bc:71:1b:d3:38:65:fb:60:03:a9:49:0b:85:f8:6c:62:
5a:3a:5e:9b:74:72:aa:64:35:07:08:55:c4:02:39:7c:a4:26:
4b:fd:5e:fd:0e:0c:88:e3:66:be:8c:cc:44:2f:b1:17:07:82:
f5:6c:35:22:56:bd:d7:49:2f:80:d8:30:47:0e:8f:b1:31:89:
bc:74:0b:34:9e:c5:06:7f:c9:0d:04:c8:c9:e8:99:94:bb:61:
6b:a0:9a:6c
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICF6kwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MDcx
NTA5MjlaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEY5OUNGMUMxMjZDODRB
MkQ3MzA4NUE5QzhERTIxNTdGN0Y5NDY4RjMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCg7YRujKYBv/bS4YXMB7nJ4Hntz84lylDoHEubi8LPiFSV62m3
WTHMxzXqdkBiRH2Yu+DmwP2zptDYlK5B3JuW3VCjUcBwM6i3Vf+2gnFh1zxRzi0T
SV4LrFD3/eIn9lOF0EQL1bba/ohyHkl4A3tcDWd6XtATfRflYulyfBuC3rH2qwPg
I4IUwn04FIFpTzZ+J3Dwop6r8nWSuDOh8nr+jWfR51NTXokox8RR26mZbvEFFllA
LdmTF2j4CqIHznHLMD+q8d7KOHxEP3I6nleShOBPl9GTEg6z4TegoMlx6k1ypFgE
Froa92nWivLJfvI05HeHPEW6D/EixLxiLwG3AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQU+ZzxwSbISi1zCFqcjeIVf3+UaPMwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni8tWnp4d1NiSVNpMXpDRnFj
amVJVmYzLVVhUE0ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBAIslBI8mwVRYOCtABl0OhO/wY6/5eXjhgKS9
rUZv16J00+BfmgEZxzq6BtWhdygD1OrDZu6e/1P/4dp+8f/EpUYRnkgXQXOZ8DZv
ceNGDZWURj63W+gotQrRrVqO4yRdUwZ3SrzkEGCayfBP59mIiiUGCDutsa2gIJmW
0kt16u6AH7+ciiytuqTuLgOnfO+kJZlfwbnPHIyAkzCPrCJxsQqKI8tEvHEb0zhl
+2ADqUkLhfhsYlo6Xpt0cqpkNQcIVcQCOXykJkv9Xv0ODIjjZr6MzEQvsRcHgvVs
NSJWvddJL4DYMEcOj7Exibx0CzSexQZ/yQ0EyMnomZS7YWugmmw=
-----END CERTIFICATE-----
Generated at Sun Jun 22 02:20:32 2025 by rpki-client