Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/9HtO1X0eSOYx1SHKk4IzFJJ9J48.roa
File: 9HtO1X0eSOYx1SHKk4IzFJJ9J48.roa (raw, json)
Hash identifier: WzqASgqCSDV65YaLuL2k7BJcAq8A52NGduLvFs9xPs4=
Subject key identifier: F4:7B:4E:D5:7D:1E:48:E6:31:D5:21:CA:93:82:33:14:92:7D:27:8F
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0E95
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/9HtO1X0eSOYx1SHKk4IzFJJ9J48.roa
Signing time: Mon 26 May 2025 12:38:43 +0000
ROA not before: Mon 26 May 2025 12:38:43 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3733 (0xe95)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 26 12:38:43 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=F47B4ED57D1E48E631D521CA93823314927D278F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:b7:68:38:5a:b4:bc:29:09:2f:68:bc:e3:5c:
e6:c7:a5:83:bb:ce:fd:ef:c4:40:51:1e:08:0b:9d:
41:af:8c:b7:da:47:a1:58:cf:6f:20:8c:0c:8b:3f:
51:f2:4e:4f:82:ac:8b:a6:8b:3c:95:d4:3d:4f:a4:
5d:df:51:18:20:f5:19:01:58:e6:28:40:1b:60:be:
68:ff:f2:f9:d0:f3:32:1b:89:80:e3:80:39:aa:03:
16:05:72:a2:a1:9a:8e:f3:e1:08:b4:91:48:b1:fe:
3a:37:0f:b5:5a:f9:38:1b:78:4a:e2:0c:ea:c6:f7:
ed:e2:f5:96:ec:4f:c9:4f:d6:44:13:20:f9:34:9f:
95:09:cc:0a:8f:e5:8c:b6:61:03:48:7e:c7:40:b8:
b5:b7:c7:4c:c5:8d:c0:e7:c0:a1:8f:fd:5a:2b:4e:
16:f6:a8:b6:b6:43:34:3e:d0:28:67:2f:5a:de:6d:
ec:19:57:d1:5d:8e:27:35:4e:58:bb:e0:74:23:3e:
f5:7d:aa:f6:af:8d:13:fa:2f:23:2c:04:8b:0e:5f:
29:03:07:4c:b0:74:54:f7:8f:03:97:80:63:7e:53:
8d:6f:cc:70:0c:e3:1e:fb:47:c4:3b:a6:cc:79:b3:
fc:ed:79:e5:a1:5e:d8:63:ef:fb:59:04:30:e6:fa:
c5:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:7B:4E:D5:7D:1E:48:E6:31:D5:21:CA:93:82:33:14:92:7D:27:8F
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/9HtO1X0eSOYx1SHKk4IzFJJ9J48.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
a9:0d:83:45:ae:00:c6:fe:3b:3a:70:1f:95:cc:c9:2d:22:45:
44:f7:c2:40:cd:50:52:71:7e:fd:46:4b:da:13:59:d2:93:bf:
bb:bd:52:0d:12:19:79:ce:e5:73:64:63:a7:82:b9:ea:dc:27:
98:c4:b7:f3:fc:23:ba:26:70:89:fc:de:fa:1f:21:91:8b:bf:
5b:5a:dd:2f:e4:f9:2a:ca:a0:a5:9a:66:9a:60:f0:04:fd:10:
e5:07:f0:e3:00:1c:69:a9:1f:e8:ec:e1:19:02:e4:47:d4:c8:
1d:ca:af:b6:6f:de:21:97:22:82:a4:6b:a4:f5:3c:89:4d:8f:
10:0c:cc:95:2a:a5:2c:28:55:32:d0:53:63:96:67:8d:cd:d9:
76:e1:77:2c:6b:5e:d6:59:61:46:89:da:33:5e:b9:79:bf:eb:
81:57:97:81:59:9c:d3:85:76:18:8b:84:de:1d:61:6c:e5:d1:
41:1d:a7:e8:49:f9:d8:ea:b3:8d:bf:96:04:26:e7:ad:fb:0b:
07:dc:97:a2:40:a9:c0:bd:0e:12:80:41:8d:ea:dd:0c:34:b4:
b3:ea:e3:16:f6:14:07:1b:d1:3b:c6:45:4d:49:16:c3:31:fc:
3e:e2:3c:3f:92:51:42:79:90:84:aa:0b:3f:70:64:ba:bb:bd:
59:a9:a0:a6
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICDpUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MjYx
MjM4NDNaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEY0N0I0RUQ1N0QxRTQ4
RTYzMUQ1MjFDQTkzODIzMzE0OTI3RDI3OEYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCft2g4WrS8KQkvaLzjXObHpYO7zv3vxEBRHggLnUGvjLfaR6FY
z28gjAyLP1HyTk+CrIumizyV1D1PpF3fURgg9RkBWOYoQBtgvmj/8vnQ8zIbiYDj
gDmqAxYFcqKhmo7z4Qi0kUix/jo3D7Va+TgbeEriDOrG9+3i9ZbsT8lP1kQTIPk0
n5UJzAqP5Yy2YQNIfsdAuLW3x0zFjcDnwKGP/VorThb2qLa2QzQ+0ChnL1rebewZ
V9Fdjic1Tli74HQjPvV9qvavjRP6LyMsBIsOXykDB0ywdFT3jwOXgGN+U41vzHAM
4x77R8Q7psx5s/zteeWhXthj7/tZBDDm+sWVAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQU9HtO1X0eSOYx1SHKk4IzFJJ9J48wHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni85SHRPMVgwZVNPWXgxU0hL
azRJekZKSjlKNDgucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBAKkNg0WuAMb+OzpwH5XMyS0iRUT3wkDNUFJx
fv1GS9oTWdKTv7u9Ug0SGXnO5XNkY6eCuercJ5jEt/P8I7omcIn83vofIZGLv1ta
3S/k+SrKoKWaZppg8AT9EOUH8OMAHGmpH+js4RkC5EfUyB3Kr7Zv3iGXIoKka6T1
PIlNjxAMzJUqpSwoVTLQU2OWZ43N2XbhdyxrXtZZYUaJ2jNeuXm/64FXl4FZnNOF
dhiLhN4dYWzl0UEdp+hJ+djqs42/lgQm5637Cwfcl6JAqcC9DhKAQY3q3Qw0tLPq
4xb2FAcb0TvGRU1JFsMx/D7iPD+SUUJ5kISqCz9wZLq7vVmpoKY=
-----END CERTIFICATE-----
Generated at Sat Jun 21 06:31:23 2025 by rpki-client