Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/0j_5RAFBiOZcmDlPa7pbS4VS9A0.roa
File: 0j_5RAFBiOZcmDlPa7pbS4VS9A0.roa (raw, json)
Hash identifier: CNaZPCLjYX38BZ2FBnfyzcupakx4MVVncukNnO2O5iQ=
Subject key identifier: D2:3F:F9:44:01:41:88:E6:5C:98:39:4F:6B:BA:5B:4B:85:52:F4:0D
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 14BD
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/0j_5RAFBiOZcmDlPa7pbS4VS9A0.roa
Signing time: Tue 03 Jun 2025 17:39:19 +0000
ROA not before: Tue 03 Jun 2025 17:39:19 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5309 (0x14bd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 3 17:39:19 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=D23FF944014188E65C98394F6BBA5B4B8552F40D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:e2:49:cb:eb:7a:2b:9c:55:e6:77:c2:a0:fa:
ab:e2:5f:45:1e:3b:c6:0e:d0:51:bc:df:90:a0:fd:
1d:f8:96:d9:ba:c5:bd:6b:ba:49:4e:0c:6f:aa:eb:
53:60:61:f9:b6:85:06:fe:a8:a9:bc:01:ce:bb:44:
f9:39:49:02:d0:41:85:fa:ff:d1:82:5a:f5:2b:0b:
53:d4:a5:14:eb:42:ee:e0:fe:aa:bf:11:a9:a3:23:
ae:f0:8a:3f:d1:67:90:0d:8b:e5:81:19:4e:27:07:
b0:79:18:48:6a:cf:cc:4d:31:94:1d:65:c9:90:d9:
ec:32:ec:cd:d4:06:ae:cc:b6:8e:e3:cd:59:28:94:
51:34:41:0f:61:ae:56:46:3a:22:e8:9e:a5:f6:80:
42:2a:c9:5b:57:f4:f8:f8:53:2e:8e:c5:97:ca:f1:
37:c6:cf:26:c6:bb:34:30:5c:81:73:df:d9:22:4a:
f2:25:ae:c5:40:76:0f:9c:de:69:39:5f:91:87:91:
fd:47:f9:0e:30:25:6d:40:5b:81:26:2a:f0:6c:e6:
2f:c2:5f:81:4c:79:87:60:06:08:ef:dd:98:58:00:
df:e7:3a:8a:97:ef:d4:e2:ec:e0:3f:9b:89:f1:ae:
4a:a1:e5:58:b7:26:f2:bb:1c:65:75:85:fd:ac:ea:
14:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:3F:F9:44:01:41:88:E6:5C:98:39:4F:6B:BA:5B:4B:85:52:F4:0D
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/0j_5RAFBiOZcmDlPa7pbS4VS9A0.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
16:7b:7e:fa:08:b3:74:60:a5:f7:c6:fc:26:f5:77:be:95:8b:
f3:4e:fa:83:0b:e0:f3:00:18:ea:cb:10:2b:ab:57:3d:5e:ae:
7d:6a:59:72:4c:a3:42:71:47:1f:6f:56:12:41:e8:86:9a:c2:
8b:f2:0a:e4:ce:39:9a:80:b7:d2:1a:4e:17:0f:dc:94:74:0a:
be:9f:b3:29:b3:b9:6b:e2:e1:9b:8e:8e:c5:e5:17:5d:7d:cc:
22:88:85:36:9a:e0:53:cc:5f:07:35:76:3a:f5:17:f6:f6:f3:
12:05:85:13:d5:f8:da:da:4b:23:8a:0e:fb:fd:bf:ac:db:5b:
4d:47:8a:8d:2f:37:b8:b1:8d:64:94:d2:68:c7:c3:e9:ac:1a:
f2:4a:80:33:7c:a3:26:83:33:ba:78:fd:05:92:7b:fa:19:8c:
59:c7:09:1c:3a:7a:d4:7e:5b:60:d3:24:07:9a:20:a7:13:e7:
f6:c7:25:4b:86:31:87:84:56:5c:c8:7e:52:f1:89:8d:f3:b3:
fc:dc:72:ed:bd:b6:7d:d7:bc:c9:40:ea:07:23:b1:6d:40:89:
0e:e6:42:56:c4:33:56:b5:a7:2b:ed:58:a2:7e:fa:d8:55:f4:
f8:3c:2f:f9:9d:8e:97:cc:a6:e8:b8:44:a1:36:cf:d9:dd:3c:
fc:91:9e:03
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICFL0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MDMx
NzM5MTlaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEQyM0ZGOTQ0MDE0MTg4
RTY1Qzk4Mzk0RjZCQkE1QjRCODU1MkY0MEQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDi4knL63ornFXmd8Kg+qviX0UeO8YO0FG835Cg/R34ltm6xb1r
uklODG+q61NgYfm2hQb+qKm8Ac67RPk5SQLQQYX6/9GCWvUrC1PUpRTrQu7g/qq/
EamjI67wij/RZ5ANi+WBGU4nB7B5GEhqz8xNMZQdZcmQ2ewy7M3UBq7Mto7jzVko
lFE0QQ9hrlZGOiLonqX2gEIqyVtX9Pj4Uy6OxZfK8TfGzybGuzQwXIFz39kiSvIl
rsVAdg+c3mk5X5GHkf1H+Q4wJW1AW4EmKvBs5i/CX4FMeYdgBgjv3ZhYAN/nOoqX
79Ti7OA/m4nxrkqh5Vi3JvK7HGV1hf2s6hQfAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQU0j/5RAFBiOZcmDlPa7pbS4VS9A0wHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni8wal81UkFGQmlPWmNtRGxQ
YTdwYlM0VlM5QTAucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBABZ7fvoIs3RgpffG/Cb1d76Vi/NO+oML4PMA
GOrLECurVz1ern1qWXJMo0JxRx9vVhJB6IaawovyCuTOOZqAt9IaThcP3JR0Cr6f
symzuWvi4ZuOjsXlF119zCKIhTaa4FPMXwc1djr1F/b28xIFhRPV+NraSyOKDvv9
v6zbW01Hio0vN7ixjWSU0mjHw+msGvJKgDN8oyaDM7p4/QWSe/oZjFnHCRw6etR+
W2DTJAeaIKcT5/bHJUuGMYeEVlzIflLxiY3zs/zccu29tn3XvMlA6gcjsW1AiQ7m
QlbEM1a1pyvtWKJ++thV9Pg8L/mdjpfMpui4RKE2z9ndPPyRngM=
-----END CERTIFICATE-----
Generated at Sat Jun 21 18:31:33 2025 by rpki-client