Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/AfNpYV1rgltcKOgsHaKZYO9Qh9A.roa
File: AfNpYV1rgltcKOgsHaKZYO9Qh9A.roa (raw, json)
Hash identifier: XZz6+jjgGYjQDqF+YpwTrodFGLuI0/OymDx/ALU6FCc=
Subject key identifier: 01:F3:69:61:5D:6B:82:5B:5C:28:E8:2C:1D:A2:99:60:EF:50:87:D0
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 089D
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/AfNpYV1rgltcKOgsHaKZYO9Qh9A.roa
Signing time: Sun 18 May 2025 13:38:09 +0000
ROA not before: Sun 18 May 2025 13:38:09 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2205 (0x89d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 18 13:38:09 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=01F369615D6B825B5C28E82C1DA29960EF5087D0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:c4:21:91:ba:5e:92:6b:13:ff:e6:ae:b4:35:
f3:29:9c:8a:9b:7f:16:c7:22:43:e3:0e:16:69:52:
98:d9:95:6a:c1:b8:93:d5:e9:e9:3f:39:96:95:83:
bb:58:27:9f:7f:7f:97:83:9a:16:15:a4:78:7d:ba:
a8:13:1d:ca:6a:4b:53:df:7b:e6:22:94:0e:31:49:
5e:4c:3b:17:f5:71:a8:1f:67:29:c1:64:5d:60:2f:
58:a6:14:16:e8:d6:60:0c:9d:03:1d:8f:1a:17:b9:
d4:34:21:6a:26:3d:a3:ce:f2:df:16:09:96:42:63:
df:be:22:ca:38:68:98:69:cd:15:11:49:5c:98:1d:
1d:cf:80:d2:41:d4:8f:6b:25:d9:40:17:32:a7:e6:
fe:07:fc:4b:9b:c3:05:7e:a0:c0:3c:b9:c3:f4:be:
2a:1e:76:95:92:7c:e3:5d:d6:63:68:9c:21:65:03:
8d:59:c4:ce:ac:f1:9c:6a:35:e6:84:d2:fc:5c:46:
63:df:b2:76:f2:7b:e9:c5:1c:4e:51:9b:b0:e4:70:
5c:6f:33:56:22:cb:bd:94:c7:f2:94:27:48:37:e8:
e4:44:fe:66:28:b8:4c:0b:8c:2e:b3:29:42:d3:3b:
12:ad:c5:7d:df:dd:17:fc:16:63:c1:4f:4f:fe:34:
5d:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:F3:69:61:5D:6B:82:5B:5C:28:E8:2C:1D:A2:99:60:EF:50:87:D0
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/AfNpYV1rgltcKOgsHaKZYO9Qh9A.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
31:fc:69:b0:70:70:b2:fb:85:6e:60:63:95:2b:bf:4b:2a:1f:
4c:6c:7f:2c:51:3e:fb:2b:8e:9b:b6:01:b5:8d:a4:36:33:4d:
29:c9:a3:ec:a7:69:ef:db:05:69:76:a8:9b:3d:42:d8:6d:f2:
27:19:30:37:f6:be:d4:15:d6:68:05:35:b2:84:a5:06:ef:19:
fa:12:05:88:0b:ea:6d:8e:cc:7d:75:59:7e:a1:7a:17:9c:9e:
88:ec:aa:df:a3:08:51:dc:e7:2d:15:74:60:25:86:28:f0:be:
79:a4:f7:f2:27:e8:62:0e:2c:ec:74:60:18:5e:c6:3c:ac:eb:
95:76:9a:55:9e:43:80:43:01:c1:26:55:87:b8:79:82:63:09:
ef:8c:32:46:69:1e:e3:c4:9e:de:c9:71:d1:2a:a8:ce:87:87:
b4:06:0f:a7:45:50:f9:c6:67:fa:0a:86:99:e3:f2:19:10:57:
14:a3:6a:de:28:9b:3e:31:07:d9:71:13:4e:62:53:ae:44:4f:
80:d9:ba:9c:42:33:a5:e2:98:ab:4e:47:df:46:f7:9e:b1:e4:
7e:90:08:63:99:7f:1d:ae:3d:47:0b:ea:8d:db:ac:a6:06:93:
8f:d5:de:5d:e7:bb:c9:7b:78:8e:31:a3:1a:ca:b5:d7:0f:3f:
ef:b5:b5:95
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICCJ0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTgx
MzM4MDlaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDAxRjM2OTYxNUQ2Qjgy
NUI1QzI4RTgyQzFEQTI5OTYwRUY1MDg3RDAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCexCGRul6SaxP/5q60NfMpnIqbfxbHIkPjDhZpUpjZlWrBuJPV
6ek/OZaVg7tYJ59/f5eDmhYVpHh9uqgTHcpqS1Pfe+YilA4xSV5MOxf1cagfZynB
ZF1gL1imFBbo1mAMnQMdjxoXudQ0IWomPaPO8t8WCZZCY9++Iso4aJhpzRURSVyY
HR3PgNJB1I9rJdlAFzKn5v4H/EubwwV+oMA8ucP0vioedpWSfONd1mNonCFlA41Z
xM6s8ZxqNeaE0vxcRmPfsnbye+nFHE5Rm7DkcFxvM1Yiy72Ux/KUJ0g36ORE/mYo
uEwLjC6zKULTOxKtxX3f3Rf8FmPBT0/+NF0lAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUAfNpYV1rgltcKOgsHaKZYO9Qh9AwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9BZk5wWVYxcmdsdGNLT2dz
SGFLWllPOVFoOUEucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBADH8abBwcLL7hW5gY5Urv0sqH0xsfyxRPvsr
jpu2AbWNpDYzTSnJo+ynae/bBWl2qJs9Qtht8icZMDf2vtQV1mgFNbKEpQbvGfoS
BYgL6m2OzH11WX6hehecnojsqt+jCFHc5y0VdGAlhijwvnmk9/In6GIOLOx0YBhe
xjys65V2mlWeQ4BDAcEmVYe4eYJjCe+MMkZpHuPEnt7JcdEqqM6Hh7QGD6dFUPnG
Z/oKhpnj8hkQVxSjat4omz4xB9lxE05iU65ET4DZupxCM6XimKtOR99G956x5H6Q
CGOZfx2uPUcL6o3brKYGk4/V3l3nu8l7eI4xoxrKtdcPP++1tZU=
-----END CERTIFICATE-----
Generated at Sun Jun 22 01:05:55 2025 by rpki-client