Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/0aQOblTTR5P2Py0bdmqWUqXx0K4.roa
File: 0aQOblTTR5P2Py0bdmqWUqXx0K4.roa (raw, json)
Hash identifier: RvTNI4CI3cTjZ+v8B8iZ2OWNRmIlLbHgwTrQ2APwiJo=
Subject key identifier: D1:A4:0E:6E:54:D3:47:93:F6:3F:2D:1B:76:6A:96:52:A5:F1:D0:AE
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 13A9
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/0aQOblTTR5P2Py0bdmqWUqXx0K4.roa
Signing time: Mon 02 Jun 2025 07:09:12 +0000
ROA not before: Mon 02 Jun 2025 07:09:12 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5033 (0x13a9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 2 07:09:12 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=D1A40E6E54D34793F63F2D1B766A9652A5F1D0AE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:27:8d:94:7b:06:d7:3a:af:a0:d2:0e:9a:34:
61:7e:04:69:7f:57:d5:10:16:48:84:29:26:a6:2b:
fa:6e:7a:4f:7f:82:bc:6a:dd:35:e1:01:18:8f:19:
62:31:4e:cc:6a:27:66:c6:ea:2c:e5:54:9d:5d:19:
21:ee:21:10:cf:15:4b:10:58:05:df:b7:b8:df:67:
f2:e7:30:41:27:7c:de:04:5c:32:65:6d:59:cf:3e:
ff:0c:3c:77:f6:ee:27:e9:0f:2c:72:25:2a:be:38:
b7:b1:61:5a:ef:f2:5e:e7:20:05:1c:72:e5:3e:11:
34:a7:b2:85:c0:6b:1f:6a:aa:b9:64:3b:e7:f8:cf:
92:c8:15:9e:83:de:de:88:9b:86:7c:bd:ed:4c:09:
d9:f5:8f:da:c1:2b:39:93:5e:27:a7:f3:a5:e3:94:
de:f9:5e:e9:93:7e:6b:08:3a:12:5c:09:07:1e:ea:
ed:38:15:9f:fb:fe:0f:a6:6a:42:44:c3:33:08:9c:
66:de:39:a4:d4:6a:0c:0e:89:3d:d9:ee:e4:32:b4:
cf:be:fa:10:d0:f8:9a:83:94:ae:76:ff:8b:72:a3:
2a:aa:02:61:8d:3c:70:58:06:4d:54:15:f0:30:0d:
d3:57:67:18:49:1a:52:2a:69:2b:b0:8c:b7:49:09:
1f:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:A4:0E:6E:54:D3:47:93:F6:3F:2D:1B:76:6A:96:52:A5:F1:D0:AE
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/0aQOblTTR5P2Py0bdmqWUqXx0K4.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
6e:d2:91:ee:95:96:ef:7f:8c:5a:d9:32:07:93:d9:e0:56:2d:
ac:ad:24:d1:26:3e:12:07:d7:52:ab:9c:39:f2:f0:c8:17:3d:
05:30:66:e9:d7:c9:35:ae:23:b6:04:f8:8d:58:d7:13:b7:3a:
51:87:17:3d:b7:5d:77:48:56:6c:3c:ca:45:89:20:05:41:b5:
13:c4:e7:d2:db:9c:87:4e:da:cf:c7:ae:9e:f9:76:b0:74:ad:
86:8e:cd:fb:0d:3c:59:8b:a4:4c:b7:f2:55:37:b4:4e:40:42:
74:eb:2f:3f:72:6d:04:b9:4f:d3:a4:7d:9e:76:29:d0:3f:23:
b6:0b:7b:5d:06:e6:a8:77:6a:b5:be:4c:48:81:53:aa:23:c5:
e5:cc:69:50:35:be:3b:98:aa:bc:3e:44:94:6f:b5:7c:7d:17:
c7:61:76:92:97:83:1e:a6:28:45:e9:2d:ba:fc:c3:fa:36:52:
8e:d0:a7:2a:98:db:4c:c6:7b:f3:ff:17:10:14:7f:14:1a:f3:
20:91:8b:27:60:24:bc:bb:4c:d3:0e:1b:c0:3b:ca:67:06:34:
65:25:f8:ca:20:3a:52:65:aa:69:4a:cf:cf:96:f4:7d:64:ff:
46:b5:b3:44:08:e0:d6:2f:19:4d:54:f7:73:35:01:99:bf:e1:
e5:5f:68:02
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICE6kwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MDIw
NzA5MTJaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEQxQTQwRTZFNTREMzQ3
OTNGNjNGMkQxQjc2NkE5NjUyQTVGMUQwQUUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC7J42UewbXOq+g0g6aNGF+BGl/V9UQFkiEKSamK/puek9/grxq
3TXhARiPGWIxTsxqJ2bG6izlVJ1dGSHuIRDPFUsQWAXft7jfZ/LnMEEnfN4EXDJl
bVnPPv8MPHf27ifpDyxyJSq+OLexYVrv8l7nIAUccuU+ETSnsoXAax9qqrlkO+f4
z5LIFZ6D3t6Im4Z8ve1MCdn1j9rBKzmTXien86XjlN75XumTfmsIOhJcCQce6u04
FZ/7/g+makJEwzMInGbeOaTUagwOiT3Z7uQytM+++hDQ+JqDlK52/4tyoyqqAmGN
PHBYBk1UFfAwDdNXZxhJGlIqaSuwjLdJCR/lAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQU0aQOblTTR5P2Py0bdmqWUqXx0K4wHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni8wYVFPYmxUVFI1UDJQeTBi
ZG1xV1VxWHgwSzQucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBAG7Ske6Vlu9/jFrZMgeT2eBWLaytJNEmPhIH
11KrnDny8MgXPQUwZunXyTWuI7YE+I1Y1xO3OlGHFz23XXdIVmw8ykWJIAVBtRPE
59LbnIdO2s/Hrp75drB0rYaOzfsNPFmLpEy38lU3tE5AQnTrLz9ybQS5T9OkfZ52
KdA/I7YLe10G5qh3arW+TEiBU6ojxeXMaVA1vjuYqrw+RJRvtXx9F8dhdpKXgx6m
KEXpLbr8w/o2Uo7QpyqY20zGe/P/FxAUfxQa8yCRiydgJLy7TNMOG8A7ymcGNGUl
+MogOlJlqmlKz8+W9H1k/0a1s0QI4NYvGU1U93M1AZm/4eVfaAI=
-----END CERTIFICATE-----
Generated at Sun Jun 15 09:25:52 2025 by rpki-client