Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/B7OtJfhpP1UHjkOPVQ5qiPYjpUc.roa
File: B7OtJfhpP1UHjkOPVQ5qiPYjpUc.roa (raw, json)
Hash identifier: b7GCW28FcVxA4Geq/M91ndV3TqB/ngGzF+EcT+hS7rQ=
Subject key identifier: 07:B3:AD:25:F8:69:3F:55:07:8E:43:8F:55:0E:6A:88:F6:23:A5:47
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 1731
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/B7OtJfhpP1UHjkOPVQ5qiPYjpUc.roa
Signing time: Sat 07 Jun 2025 00:09:27 +0000
ROA not before: Sat 07 Jun 2025 00:09:27 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5937 (0x1731)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 7 00:09:27 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=07B3AD25F8693F55078E438F550E6A88F623A547
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:c6:9c:5b:d4:19:04:f7:02:96:8b:7b:5a:1c:
54:d0:28:7b:82:a3:c8:b4:13:cb:5e:70:79:d7:9a:
e4:13:2e:cc:42:53:7e:cd:94:f1:68:22:95:52:f7:
68:6b:6e:ce:0e:bd:41:6f:5c:60:5b:60:17:52:08:
98:ef:95:fb:28:41:e7:98:f9:96:0e:80:54:74:ce:
c9:18:c1:e3:3d:89:fc:21:30:c9:5f:29:70:18:f7:
3a:5a:8a:99:e4:46:a6:7d:59:20:95:df:17:0b:4c:
d6:d6:bd:d6:07:f6:7e:e1:91:9e:ff:c7:0f:ac:7d:
0e:d4:22:6c:82:d6:ca:9e:5d:e8:06:21:59:cc:98:
2a:3c:cc:43:60:b8:8d:c1:bf:09:99:85:90:75:1b:
e5:d4:43:b9:fc:07:73:29:bf:dd:47:9e:4f:93:86:
bf:1a:3d:65:f7:0b:58:d0:73:16:d8:b1:c2:15:eb:
bf:8f:6d:16:1f:a1:05:ad:1c:70:bb:1e:ff:30:3e:
11:90:ff:25:35:5c:fc:7a:7c:a5:b3:7c:fd:c7:f2:
a1:38:e8:70:b5:4e:dc:39:84:45:a7:f5:77:2c:82:
e9:33:72:7d:8d:c2:0f:02:ef:58:e2:ae:e8:78:87:
61:8c:71:2f:06:88:8c:53:bd:4e:b5:59:38:9d:4e:
16:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:B3:AD:25:F8:69:3F:55:07:8E:43:8F:55:0E:6A:88:F6:23:A5:47
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/B7OtJfhpP1UHjkOPVQ5qiPYjpUc.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
af:4c:ed:1b:e5:c1:e4:f0:5c:ba:ff:83:61:0f:94:7c:6e:ed:
0c:24:46:af:f6:f3:da:50:8a:47:fb:a6:8d:f7:45:5c:dc:47:
cf:cf:36:67:81:a5:65:22:03:d7:98:42:74:da:e6:8f:dd:e4:
9e:c0:35:ee:4a:8f:9e:fe:e9:e8:e0:2a:66:7f:69:2c:cb:08:
77:17:28:72:e5:ae:64:33:e8:1f:61:ca:17:46:52:08:7b:d9:
e3:b2:54:b1:55:e0:9f:4b:cc:c4:39:66:9e:c1:69:2c:f9:64:
57:59:fe:b8:99:86:0a:3d:c8:b3:21:f9:57:46:91:46:49:04:
30:05:40:a2:15:e7:3d:ee:84:8c:41:8a:37:ed:1d:7c:63:69:
ef:0b:30:27:19:21:93:71:91:a9:53:58:00:26:11:38:95:10:
61:9a:49:00:f6:67:00:7c:c5:9f:01:12:03:d7:ee:aa:20:20:
e5:08:66:ef:3c:7b:66:9d:9d:2a:5d:5b:2c:76:d4:2d:4f:be:
99:1e:3d:a2:a9:96:6f:aa:ad:38:e5:c4:a9:76:91:af:9b:cc:
45:11:b9:d6:32:d6:55:38:a0:9e:43:98:dd:03:19:90:b2:f8:
7a:be:6c:6f:46:07:81:16:7a:84:04:f0:41:ef:e1:5f:f2:af:
87:62:d6:cb
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICFzEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MDcw
MDA5MjdaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDA3QjNBRDI1Rjg2OTNG
NTUwNzhFNDM4RjU1MEU2QTg4RjYyM0E1NDcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDWxpxb1BkE9wKWi3taHFTQKHuCo8i0E8tecHnXmuQTLsxCU37N
lPFoIpVS92hrbs4OvUFvXGBbYBdSCJjvlfsoQeeY+ZYOgFR0zskYweM9ifwhMMlf
KXAY9zpaipnkRqZ9WSCV3xcLTNbWvdYH9n7hkZ7/xw+sfQ7UImyC1sqeXegGIVnM
mCo8zENguI3BvwmZhZB1G+XUQ7n8B3Mpv91Hnk+Thr8aPWX3C1jQcxbYscIV67+P
bRYfoQWtHHC7Hv8wPhGQ/yU1XPx6fKWzfP3H8qE46HC1Ttw5hEWn9Xcsgukzcn2N
wg8C71jiruh4h2GMcS8GiIxTvU61WTidThY3AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUB7OtJfhpP1UHjkOPVQ5qiPYjpUcwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9CN090SmZocFAxVUhqa09Q
VlE1cWlQWWpwVWMucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBAK9M7RvlweTwXLr/g2EPlHxu7QwkRq/289pQ
ikf7po33RVzcR8/PNmeBpWUiA9eYQnTa5o/d5J7ANe5Kj57+6ejgKmZ/aSzLCHcX
KHLlrmQz6B9hyhdGUgh72eOyVLFV4J9LzMQ5Zp7BaSz5ZFdZ/riZhgo9yLMh+VdG
kUZJBDAFQKIV5z3uhIxBijftHXxjae8LMCcZIZNxkalTWAAmETiVEGGaSQD2ZwB8
xZ8BEgPX7qogIOUIZu88e2adnSpdWyx21C1PvpkePaKplm+qrTjlxKl2ka+bzEUR
udYy1lU4oJ5DmN0DGZCy+Hq+bG9GB4EWeoQE8EHv4V/yr4di1ss=
-----END CERTIFICATE-----
Generated at Fri Jun 20 08:19:01 2025 by rpki-client