Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/9uNgSMkikhszNeE0wiKKO3ygVzs.roa
File: 9uNgSMkikhszNeE0wiKKO3ygVzs.roa (raw, json)
Hash identifier: IO/7ORT6nKWnYchExdi7laAQJJt14933rmM9sVPkmXU=
Subject key identifier: F6:E3:60:48:C9:22:92:1B:33:35:E1:34:C2:22:8A:3B:7C:A0:57:3B
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 17D9
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/9uNgSMkikhszNeE0wiKKO3ygVzs.roa
Signing time: Sat 07 Jun 2025 21:09:32 +0000
ROA not before: Sat 07 Jun 2025 21:09:32 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6105 (0x17d9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 7 21:09:32 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=F6E36048C922921B3335E134C2228A3B7CA0573B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:a4:66:3a:73:dc:de:f0:78:57:79:e7:d0:eb:
53:73:bd:3b:98:86:d1:12:82:1a:45:f6:b2:fa:69:
2f:f4:59:52:bb:b4:46:e3:0e:ec:64:d9:2c:3c:b8:
a9:77:e4:69:2b:42:ef:41:bb:77:95:b2:fc:0e:ce:
64:8b:b6:3b:4d:02:40:b3:ea:ed:88:1c:d4:cf:e7:
05:5d:8e:78:5b:bc:c0:e8:a9:67:3f:6b:ab:ad:ac:
b0:52:df:9f:a4:e6:3d:71:41:3b:13:e7:8d:52:13:
53:69:98:ed:99:ea:3b:9d:95:9a:ea:41:a0:d8:08:
25:f3:34:64:13:46:bb:bd:33:f4:3f:39:10:a5:61:
96:64:8e:69:72:b0:96:b9:be:f5:93:f9:b6:a7:70:
c3:06:c5:6f:10:37:85:a0:3b:32:a1:a2:1b:94:91:
c9:c0:40:50:8a:f2:ca:80:71:9b:d4:1b:e0:05:1c:
e7:06:5b:33:5b:99:d2:dd:e5:97:ea:d6:6e:cb:a3:
85:36:5d:0a:5e:9c:41:11:a2:cf:f4:53:58:0b:23:
4f:a7:0a:d8:22:7a:01:d1:98:9e:7f:60:00:73:20:
e2:26:86:0e:f7:12:01:cc:43:c2:04:b1:4c:4b:f4:
ca:67:ce:5a:55:8b:d6:77:3b:0f:43:94:57:58:d8:
6f:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:E3:60:48:C9:22:92:1B:33:35:E1:34:C2:22:8A:3B:7C:A0:57:3B
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/9uNgSMkikhszNeE0wiKKO3ygVzs.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
1c:7a:a1:05:15:b5:34:c9:a6:30:88:ce:94:02:b3:49:33:5b:
59:9e:96:a2:d4:b5:e9:2c:df:82:9d:af:76:ac:7e:7d:26:b0:
a7:e9:e4:c8:67:16:2d:10:ed:c1:84:53:6a:a3:d9:11:0b:c6:
aa:7a:c2:00:23:bc:08:e7:41:0d:e0:0b:4a:94:27:17:31:8a:
84:32:7e:a4:4f:9b:cb:0e:8e:7b:1a:62:5a:0f:46:d4:bb:c8:
88:e4:82:5c:5e:d4:d3:15:cf:98:7c:ae:c0:99:36:18:39:67:
91:b6:cd:fd:ea:8f:da:4b:75:96:84:e7:b5:09:02:c4:c2:b4:
09:53:d2:97:40:58:d0:38:39:99:f6:34:78:e0:32:cf:52:87:
90:7a:df:4f:c8:09:bd:2a:22:05:27:f4:4d:5f:e7:6a:c8:0f:
1d:05:bb:6c:45:44:f8:a7:6e:cc:98:fd:4d:11:c7:8c:d5:b4:
9e:a4:c0:2d:8c:10:ae:e6:a4:32:9c:62:51:c9:15:74:c6:bd:
85:6b:c7:81:9d:9b:4f:33:1a:a6:cc:c2:83:42:9b:11:d4:3c:
cb:af:42:1d:9c:49:0a:a4:12:6d:b9:dd:86:c2:bb:89:84:12:
d7:e7:16:50:5f:9b:02:e5:af:07:96:e0:0d:cd:c7:a7:f6:4a:
8b:81:25:d6
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICF9kwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MDcy
MTA5MzJaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEY2RTM2MDQ4QzkyMjky
MUIzMzM1RTEzNEMyMjI4QTNCN0NBMDU3M0IwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDVpGY6c9ze8HhXeefQ61NzvTuYhtESghpF9rL6aS/0WVK7tEbj
Duxk2Sw8uKl35GkrQu9Bu3eVsvwOzmSLtjtNAkCz6u2IHNTP5wVdjnhbvMDoqWc/
a6utrLBS35+k5j1xQTsT541SE1NpmO2Z6judlZrqQaDYCCXzNGQTRru9M/Q/ORCl
YZZkjmlysJa5vvWT+bancMMGxW8QN4WgOzKhohuUkcnAQFCK8sqAcZvUG+AFHOcG
WzNbmdLd5Zfq1m7Lo4U2XQpenEERos/0U1gLI0+nCtgiegHRmJ5/YABzIOImhg73
EgHMQ8IEsUxL9MpnzlpVi9Z3Ow9DlFdY2G+vAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQU9uNgSMkikhszNeE0wiKKO3ygVzswHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni85dU5nU01raWtoc3pOZUUw
d2lLS08zeWdWenMucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBABx6oQUVtTTJpjCIzpQCs0kzW1melqLUteks
34Kdr3asfn0msKfp5MhnFi0Q7cGEU2qj2RELxqp6wgAjvAjnQQ3gC0qUJxcxioQy
fqRPm8sOjnsaYloPRtS7yIjkglxe1NMVz5h8rsCZNhg5Z5G2zf3qj9pLdZaE57UJ
AsTCtAlT0pdAWNA4OZn2NHjgMs9Sh5B630/ICb0qIgUn9E1f52rIDx0Fu2xFRPin
bsyY/U0Rx4zVtJ6kwC2MEK7mpDKcYlHJFXTGvYVrx4Gdm08zGqbMwoNCmxHUPMuv
Qh2cSQqkEm253YbCu4mEEtfnFlBfmwLlrweW4A3Nx6f2SouBJdY=
-----END CERTIFICATE-----
Generated at Sun Jun 22 07:12:31 2025 by rpki-client