Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/9dQ6O8thcf3lSpMzmQZf5f6PFkI.roa
File: 9dQ6O8thcf3lSpMzmQZf5f6PFkI.roa (raw, json)
Hash identifier: u0o4kXtqKIcYwBBmRyFwMNj0n6l6zmRn93Amea72hUs=
Subject key identifier: F5:D4:3A:3B:CB:61:71:FD:E5:4A:93:33:99:06:5F:E5:FE:8F:16:42
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0ADD
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/9dQ6O8thcf3lSpMzmQZf5f6PFkI.roa
Signing time: Wed 21 May 2025 13:39:00 +0000
ROA not before: Wed 21 May 2025 13:39:00 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2781 (0xadd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 21 13:39:00 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=F5D43A3BCB6171FDE54A933399065FE5FE8F1642
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:39:6f:aa:f9:da:b0:98:ba:3e:ae:63:26:3a:
b7:f8:00:59:48:6d:32:4f:89:9a:f1:ae:1e:63:93:
eb:7d:ca:3c:fe:ea:e0:1c:ef:86:15:b0:3d:9c:e1:
57:9d:b1:73:9e:cf:16:45:50:55:cb:67:d9:18:5b:
9e:96:d4:77:71:e3:28:82:a1:53:32:6a:1f:17:98:
50:8a:01:62:08:47:fe:cd:fd:fa:e9:00:8d:6a:0a:
00:4f:e8:52:52:2d:4a:9f:02:2f:99:9e:70:0f:19:
f9:2d:87:46:f0:35:db:b5:a0:a4:6d:a9:a4:39:a2:
54:99:5e:9b:15:c3:b1:c7:5a:e7:d7:46:cc:3c:64:
b4:26:38:37:e1:bf:f3:35:a2:fe:7c:3f:f6:ba:92:
63:1a:1e:cf:96:b8:a3:f7:64:5b:32:68:0b:0c:ae:
49:38:8a:fe:36:f8:19:1a:b0:21:00:5a:79:72:81:
d4:1b:33:22:5c:ae:64:a6:6d:83:cf:c4:69:4d:99:
c3:2d:e3:ee:d5:89:04:c6:ab:36:0f:b4:53:5b:0d:
15:13:90:d8:0b:48:d0:c6:fe:ca:6f:60:7a:8b:ea:
6c:a1:60:f3:72:f9:47:2b:22:3a:fd:a4:40:65:5f:
5b:ba:65:43:a6:29:16:23:fb:a1:22:b5:1f:d6:bb:
f2:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:D4:3A:3B:CB:61:71:FD:E5:4A:93:33:99:06:5F:E5:FE:8F:16:42
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/9dQ6O8thcf3lSpMzmQZf5f6PFkI.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
6f:91:4e:3d:60:00:36:4e:d9:31:6d:6c:de:e0:17:fd:3a:49:
85:3e:4c:fc:90:fd:2a:d5:2a:1e:ce:3a:a0:51:7c:c7:a7:c4:
56:03:9a:a9:09:8d:f6:9f:d5:24:78:8a:01:20:97:ea:7c:60:
62:12:e3:65:b9:f8:ae:76:bf:ab:6d:30:da:34:60:58:66:f1:
c8:4a:5c:2e:7e:4c:51:ca:f9:fd:1b:50:0e:e3:01:bc:f8:1c:
7e:37:dd:32:2b:7d:ec:06:03:3e:7c:a2:b5:2e:37:4c:7b:cb:
4a:b6:c7:b7:3e:c2:a4:b1:f9:cc:12:0d:b7:1b:e9:ad:43:5e:
6c:48:06:b9:8c:d6:ee:c1:a4:a3:60:ce:42:e4:25:b4:ef:9b:
e2:e6:3e:65:63:d4:b3:99:ca:d4:c4:93:c5:53:66:e2:e2:66:
9e:eb:4a:81:f7:1c:a4:2b:4d:aa:11:d0:6d:d5:8a:0f:dd:01:
fb:2c:4c:8d:d7:f3:88:9c:20:06:1c:11:b7:5d:b7:ad:43:99:
03:96:35:ca:2c:24:15:d1:e1:38:be:f0:dc:6d:25:ce:83:29:
3c:e3:22:23:ec:e4:2c:05:dd:27:48:5c:0f:62:f9:af:d7:38:
46:c1:9e:f9:11:d9:9f:5c:c5:d5:46:5c:8b:43:60:88:25:b3:
02:00:9a:73
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICCt0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MjEx
MzM5MDBaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEY1RDQzQTNCQ0I2MTcx
RkRFNTRBOTMzMzk5MDY1RkU1RkU4RjE2NDIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCsOW+q+dqwmLo+rmMmOrf4AFlIbTJPiZrxrh5jk+t9yjz+6uAc
74YVsD2c4VedsXOezxZFUFXLZ9kYW56W1Hdx4yiCoVMyah8XmFCKAWIIR/7N/frp
AI1qCgBP6FJSLUqfAi+ZnnAPGfkth0bwNdu1oKRtqaQ5olSZXpsVw7HHWufXRsw8
ZLQmODfhv/M1ov58P/a6kmMaHs+WuKP3ZFsyaAsMrkk4iv42+BkasCEAWnlygdQb
MyJcrmSmbYPPxGlNmcMt4+7ViQTGqzYPtFNbDRUTkNgLSNDG/spvYHqL6myhYPNy
+UcrIjr9pEBlX1u6ZUOmKRYj+6EitR/Wu/KDAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQU9dQ6O8thcf3lSpMzmQZf5f6PFkIwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni85ZFE2Tzh0aGNmM2xTcE16
bVFaZjVmNlBGa0kucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBAG+RTj1gADZO2TFtbN7gF/06SYU+TPyQ/SrV
Kh7OOqBRfMenxFYDmqkJjfaf1SR4igEgl+p8YGIS42W5+K52v6ttMNo0YFhm8chK
XC5+TFHK+f0bUA7jAbz4HH433TIrfewGAz58orUuN0x7y0q2x7c+wqSx+cwSDbcb
6a1DXmxIBrmM1u7BpKNgzkLkJbTvm+LmPmVj1LOZytTEk8VTZuLiZp7rSoH3HKQr
TaoR0G3Vig/dAfssTI3X84icIAYcEbddt61DmQOWNcosJBXR4Ti+8NxtJc6DKTzj
IiPs5CwF3SdIXA9i+a/XOEbBnvkR2Z9cxdVGXItDYIglswIAmnM=
-----END CERTIFICATE-----
Generated at Sat Jun 21 13:44:09 2025 by rpki-client