Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/8qcjoP4YiDkKMmn-6FQqMbkSxG8.roa
File: 8qcjoP4YiDkKMmn-6FQqMbkSxG8.roa (raw, json)
Hash identifier: 3PZu6ex6aMj8qW484AR5N8oSnh2EZVI3OkkPMCYLO38=
Subject key identifier: F2:A7:23:A0:FE:18:88:39:0A:32:69:FE:E8:54:2A:31:B9:12:C4:6F
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 1A85
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/8qcjoP4YiDkKMmn-6FQqMbkSxG8.roa
Signing time: Wed 11 Jun 2025 10:39:55 +0000
ROA not before: Wed 11 Jun 2025 10:39:55 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6789 (0x1a85)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 11 10:39:55 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=F2A723A0FE1888390A3269FEE8542A31B912C46F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:47:bc:6a:47:54:7b:c9:83:dd:23:07:da:de:
c5:05:b4:00:01:57:f4:d8:4e:e2:ce:2c:8a:97:58:
d3:1a:e4:c5:ab:10:f2:b3:dc:3b:81:73:7a:d4:33:
ad:8e:c1:17:a2:75:84:16:68:47:d4:1d:f2:fe:7f:
ba:da:e2:ff:77:11:a0:63:ce:fb:3a:6e:1e:bb:02:
94:32:fa:4a:b8:65:74:a7:52:87:7c:c0:86:0e:c3:
3c:63:b7:b0:57:0a:1c:c9:f3:5f:55:f4:e1:8d:04:
5a:6e:2f:b1:db:9f:2e:82:46:e0:2e:e3:b3:6e:8a:
9e:be:70:20:ba:6c:12:07:ad:9d:39:aa:06:63:45:
41:f7:6b:86:53:e2:b7:d2:67:ff:b3:a9:ea:bd:2f:
51:c5:6a:35:a0:8a:0c:c4:10:27:65:d6:c1:db:9d:
8d:c8:d4:43:21:7a:26:f2:7b:47:9e:ef:da:6c:3d:
56:e0:34:79:67:20:d9:88:47:86:0a:88:99:b4:31:
4b:e4:8d:62:be:02:03:ab:f9:a3:37:1e:52:b2:60:
9c:04:e4:cb:52:6e:35:18:57:b0:48:a9:55:e8:cf:
f6:95:c2:ce:5a:87:c5:17:10:e3:76:75:d5:56:39:
3c:b6:60:d3:16:0f:ce:25:83:8a:ca:c8:92:32:26:
76:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:A7:23:A0:FE:18:88:39:0A:32:69:FE:E8:54:2A:31:B9:12:C4:6F
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/8qcjoP4YiDkKMmn-6FQqMbkSxG8.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
8d:8d:65:f8:0c:57:39:64:40:1a:ba:45:f1:fd:61:b9:04:03:
b8:64:1a:7b:89:3a:4a:a4:f1:ff:40:e2:a9:2f:74:57:91:be:
22:0d:d1:a0:b0:20:a0:eb:99:de:d0:94:9a:0c:3a:f7:0f:b0:
5e:03:16:c4:a6:43:09:25:37:c2:7d:0f:3b:f7:8f:05:6b:5a:
20:1b:e4:bf:d3:1f:67:db:9c:43:40:0d:b5:72:12:db:dc:ca:
58:8a:2b:9d:86:95:aa:b8:c3:97:a4:a8:17:2d:ca:f1:3b:96:
cf:93:6f:8e:ef:5e:5f:85:b6:b1:64:26:2a:43:33:9d:19:9d:
d0:c1:6c:ff:32:8c:83:36:16:95:b7:f8:79:86:42:37:c7:f5:
f1:d4:e9:ba:14:2d:59:2a:1c:cd:84:c2:8f:0d:74:8d:ce:e3:
17:da:a8:b2:dc:17:0b:bc:d8:c6:60:3c:7e:98:b2:79:d8:c1:
b5:93:4f:d8:da:25:ec:15:d8:ac:dc:dc:4b:03:56:d8:4b:4b:
7b:79:09:a5:1e:40:02:46:f5:3d:fd:ec:a1:c3:c4:13:f0:be:
b4:85:79:20:1f:90:e2:6a:e4:56:c3:5a:99:fa:95:64:24:8a:
02:ab:5e:91:16:60:be:c6:40:f0:0a:65:8e:c7:77:64:44:b5:
68:b4:66:0f
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICGoUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MTEx
MDM5NTVaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEYyQTcyM0EwRkUxODg4
MzkwQTMyNjlGRUU4NTQyQTMxQjkxMkM0NkYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDHR7xqR1R7yYPdIwfa3sUFtAABV/TYTuLOLIqXWNMa5MWrEPKz
3DuBc3rUM62OwReidYQWaEfUHfL+f7ra4v93EaBjzvs6bh67ApQy+kq4ZXSnUod8
wIYOwzxjt7BXChzJ819V9OGNBFpuL7Hbny6CRuAu47Nuip6+cCC6bBIHrZ05qgZj
RUH3a4ZT4rfSZ/+zqeq9L1HFajWgigzEECdl1sHbnY3I1EMheibye0ee79psPVbg
NHlnINmIR4YKiJm0MUvkjWK+AgOr+aM3HlKyYJwE5MtSbjUYV7BIqVXoz/aVws5a
h8UXEON2ddVWOTy2YNMWD84lg4rKyJIyJnazAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQU8qcjoP4YiDkKMmn+6FQqMbkSxG8wHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni84cWNqb1A0WWlEa0tNbW4t
NkZRcU1ia1N4Rzgucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBAI2NZfgMVzlkQBq6RfH9YbkEA7hkGnuJOkqk
8f9A4qkvdFeRviIN0aCwIKDrmd7QlJoMOvcPsF4DFsSmQwklN8J9Dzv3jwVrWiAb
5L/TH2fbnENADbVyEtvcyliKK52Glaq4w5ekqBctyvE7ls+Tb47vXl+FtrFkJipD
M50ZndDBbP8yjIM2FpW3+HmGQjfH9fHU6boULVkqHM2Ewo8NdI3O4xfaqLLcFwu8
2MZgPH6YsnnYwbWTT9jaJewV2Kzc3EsDVthLS3t5CaUeQAJG9T397KHDxBPwvrSF
eSAfkOJq5FbDWpn6lWQkigKrXpEWYL7GQPAKZY7Hd2REtWi0Zg8=
-----END CERTIFICATE-----
Generated at Sat Jun 21 16:54:45 2025 by rpki-client