Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/9kS3I9oTgA0MS7mxh915O0l-fQY.roa
File: 9kS3I9oTgA0MS7mxh915O0l-fQY.roa (raw, json)
Hash identifier: ewpGvO5keH66m7WqJ7SHJO0Pxm1ZcZDmM1cyHhy+8nM=
Subject key identifier: F6:44:B7:23:DA:13:80:0D:0C:4B:B9:B1:87:DD:79:3B:49:7E:7D:06
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 1CF5
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/9kS3I9oTgA0MS7mxh915O0l-fQY.roa
Signing time: Sat 14 Jun 2025 16:39:55 +0000
ROA not before: Sat 14 Jun 2025 16:39:55 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7413 (0x1cf5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 14 16:39:55 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=F644B723DA13800D0C4BB9B187DD793B497E7D06
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:fb:54:34:19:7f:8a:55:2a:67:c1:8d:bc:c4:
c4:d6:91:d4:e9:9e:36:e8:56:75:78:b1:b4:b4:a0:
ec:15:f4:c3:36:04:26:a4:64:b9:85:75:2b:e0:81:
73:3b:7a:1a:e0:5e:f3:b8:31:50:38:37:db:27:7c:
9f:6c:af:ce:25:25:b0:bf:1e:16:c7:de:fc:f8:33:
7f:4e:be:35:09:47:3c:20:e0:fc:76:39:ed:9c:15:
32:23:01:91:07:d3:3b:d0:51:d0:59:d5:8d:4d:75:
56:c1:31:b0:ce:13:19:7e:75:8a:62:6f:59:c1:32:
2a:42:cc:66:05:e2:5f:3b:5d:f9:68:b8:fc:cd:bb:
ca:7c:75:61:42:78:9f:ee:58:97:dd:5b:69:00:40:
09:f5:92:0c:98:f5:bc:75:6f:16:8f:ca:9c:e7:c8:
d9:8e:ac:db:df:7e:76:ed:cc:57:17:e6:65:fe:2e:
36:01:df:8e:bd:89:7c:4e:b3:39:b0:12:7f:8c:bd:
d5:40:94:62:d1:c6:f8:3d:ab:a6:f0:c6:43:45:0e:
02:89:8e:7b:5c:0f:32:3d:28:48:29:80:17:bd:58:
10:ac:68:f0:51:50:21:9e:af:d7:8a:27:75:6d:aa:
11:74:4e:29:38:13:39:26:16:6f:ba:74:6b:36:51:
95:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:44:B7:23:DA:13:80:0D:0C:4B:B9:B1:87:DD:79:3B:49:7E:7D:06
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/9kS3I9oTgA0MS7mxh915O0l-fQY.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
75:5c:99:7f:74:84:c0:c3:16:89:c9:37:a4:e8:3c:c0:6e:5c:
2e:7b:ce:42:a1:eb:2b:a5:26:a4:68:cc:9a:62:4a:8c:24:22:
32:e1:6c:30:c4:f9:6d:33:fd:a7:2c:02:bd:6e:63:47:e1:ed:
46:a9:58:1d:b8:61:76:9a:0b:07:80:10:83:96:95:98:cc:d9:
e2:75:29:44:2c:03:39:56:a0:39:30:66:04:ff:d2:1b:3b:a8:
82:22:cc:30:54:a4:71:87:ad:05:bc:a0:ae:19:7c:3d:f4:1c:
76:58:ac:af:00:29:3e:15:2a:5b:45:ae:03:0f:89:5a:80:a3:
f2:93:64:81:ed:f3:31:f1:58:6b:1c:af:12:a3:d5:ba:6d:32:
45:3a:93:2d:5d:64:f0:d1:c9:7b:ec:fc:0c:c3:67:52:77:c3:
04:7e:83:57:d6:20:d4:23:e6:f0:3f:af:80:27:eb:b4:08:3a:
b8:fe:cf:e2:69:1e:73:18:8c:17:79:07:06:bd:df:d4:1b:aa:
89:00:e9:86:63:17:37:77:a2:03:a4:2d:a9:54:dd:34:54:3f:
bd:9d:86:de:cc:26:4f:45:b7:fb:82:2b:7a:a4:fe:8c:ec:e5:
ed:d0:b6:c5:0c:51:cf:54:d8:e2:9a:80:e6:6b:db:53:86:5e:
c1:1d:3f:b0
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICHPUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MTQx
NjM5NTVaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEY2NDRCNzIzREExMzgw
MEQwQzRCQjlCMTg3REQ3OTNCNDk3RTdEMDYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDW+1Q0GX+KVSpnwY28xMTWkdTpnjboVnV4sbS0oOwV9MM2BCak
ZLmFdSvggXM7ehrgXvO4MVA4N9snfJ9sr84lJbC/HhbH3vz4M39OvjUJRzwg4Px2
Oe2cFTIjAZEH0zvQUdBZ1Y1NdVbBMbDOExl+dYpib1nBMipCzGYF4l87XflouPzN
u8p8dWFCeJ/uWJfdW2kAQAn1kgyY9bx1bxaPypznyNmOrNvffnbtzFcX5mX+LjYB
3469iXxOszmwEn+MvdVAlGLRxvg9q6bwxkNFDgKJjntcDzI9KEgpgBe9WBCsaPBR
UCGer9eKJ3VtqhF0Tik4EzkmFm+6dGs2UZWpAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQU9kS3I9oTgA0MS7mxh915O0l+fQYwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni85a1MzSTlvVGdBME1TN214
aDkxNU8wbC1mUVkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBAHVcmX90hMDDFonJN6ToPMBuXC57zkKh6yul
JqRozJpiSowkIjLhbDDE+W0z/acsAr1uY0fh7UapWB24YXaaCweAEIOWlZjM2eJ1
KUQsAzlWoDkwZgT/0hs7qIIizDBUpHGHrQW8oK4ZfD30HHZYrK8AKT4VKltFrgMP
iVqAo/KTZIHt8zHxWGscrxKj1bptMkU6ky1dZPDRyXvs/AzDZ1J3wwR+g1fWINQj
5vA/r4An67QIOrj+z+JpHnMYjBd5Bwa939QbqokA6YZjFzd3ogOkLalU3TRUP72d
ht7MJk9Ft/uCK3qk/ozs5e3QtsUMUc9U2OKagOZr21OGXsEdP7A=
-----END CERTIFICATE-----
Generated at Sat Jun 21 21:17:36 2025 by rpki-client