Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/BteJfiriuqqdDOOO_OzGQjNfD9w.roa
File: BteJfiriuqqdDOOO_OzGQjNfD9w.roa (raw, json)
Hash identifier: wyYkR4Uq57lzFt30qQOiYOewepSiNvn8RW6osl00r4A=
Subject key identifier: 06:D7:89:7E:2A:E2:BA:AA:9D:0C:E3:8E:FC:EC:C6:42:33:5F:0F:DC
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 15A1
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/BteJfiriuqqdDOOO_OzGQjNfD9w.roa
Signing time: Wed 04 Jun 2025 22:09:23 +0000
ROA not before: Wed 04 Jun 2025 22:09:23 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5537 (0x15a1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 4 22:09:23 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=06D7897E2AE2BAAA9D0CE38EFCECC642335F0FDC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:2f:02:b0:98:fe:40:c1:4b:82:d7:43:4c:d0:
e5:fd:f4:ff:ee:aa:e2:ff:f0:71:00:2d:4b:be:13:
54:36:1c:a5:fd:44:a8:c9:60:8c:4c:aa:5d:31:50:
08:e2:7f:50:84:d8:dd:dd:76:56:ae:1b:56:ae:23:
e8:ad:36:10:f6:ee:e1:9e:c4:5b:3f:10:06:ef:a6:
56:1b:63:4d:29:8b:77:5a:f0:46:50:44:5c:a7:f6:
07:29:26:8d:63:b0:4e:07:d0:92:46:ba:ac:43:c1:
92:85:95:49:92:c7:5e:2a:4a:27:0d:ed:a4:0c:85:
31:9b:8e:ad:c9:7c:fd:62:69:9e:0a:9a:95:88:f8:
a8:c2:a1:50:e9:e0:13:a6:dd:cf:b2:b6:21:94:75:
8d:8a:68:30:a6:b3:5b:8b:d0:ee:1e:25:f1:25:db:
4b:4c:5a:c4:a7:61:69:c4:6d:eb:2a:64:55:05:25:
62:6d:8b:57:dd:cb:84:8c:75:78:f8:28:a4:08:0c:
a1:73:17:50:a4:c6:52:7f:c8:cb:19:4c:43:f2:5d:
d0:e7:1d:38:8c:49:59:ad:0b:90:91:98:29:b4:2f:
8c:ec:ba:71:1b:f7:15:55:21:e1:88:2a:c5:11:1d:
97:54:e4:15:4b:73:8f:8c:e6:fa:88:bd:3d:5d:46:
7a:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:D7:89:7E:2A:E2:BA:AA:9D:0C:E3:8E:FC:EC:C6:42:33:5F:0F:DC
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/BteJfiriuqqdDOOO_OzGQjNfD9w.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
91:90:fe:a0:78:5d:cf:d4:4e:bf:64:da:10:ba:66:91:6f:ea:
aa:70:43:2b:fb:72:7d:80:e0:c8:a2:97:7c:92:a3:33:cd:6d:
33:a7:1c:e8:6d:7f:35:b9:56:5a:ff:cd:f6:b2:06:d9:3a:60:
bc:30:33:e5:9b:c8:2f:2b:94:08:b9:68:ff:6c:4f:1b:e7:7b:
48:81:b6:3d:5f:4c:03:60:d5:d7:b9:4c:00:68:76:4b:54:96:
1a:8b:2f:10:e1:b4:08:66:2e:d6:a6:6b:8f:26:e6:39:0d:cb:
2a:ee:51:cd:1c:0e:5b:e2:6b:bc:f3:0b:a8:03:82:c3:3e:33:
83:7b:23:f9:b1:75:ba:e1:ce:a3:b3:3d:7c:41:74:d8:b1:c3:
d3:0e:c3:04:3b:03:d9:bf:51:72:4e:24:7a:ff:4d:90:01:88:
77:39:d5:3f:8f:f3:35:69:35:49:97:59:8c:06:2a:3e:6d:8b:
70:6b:e5:9c:29:42:b6:02:af:3a:f9:9e:23:b4:0b:73:75:d4:
7f:8a:c8:12:9e:df:28:e4:a6:e3:27:ad:4c:63:c8:88:65:84:
5c:a3:02:36:26:6e:1b:90:0d:69:6e:d3:07:24:a0:01:79:d0:
2f:29:80:aa:a9:0c:70:c8:ab:d9:a6:45:fe:6d:1e:9f:f2:05:
a9:09:98:28
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICFaEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MDQy
MjA5MjNaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDA2RDc4OTdFMkFFMkJB
QUE5RDBDRTM4RUZDRUNDNjQyMzM1RjBGREMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCrLwKwmP5AwUuC10NM0OX99P/uquL/8HEALUu+E1Q2HKX9RKjJ
YIxMql0xUAjif1CE2N3ddlauG1auI+itNhD27uGexFs/EAbvplYbY00pi3da8EZQ
RFyn9gcpJo1jsE4H0JJGuqxDwZKFlUmSx14qSicN7aQMhTGbjq3JfP1iaZ4KmpWI
+KjCoVDp4BOm3c+ytiGUdY2KaDCms1uL0O4eJfEl20tMWsSnYWnEbesqZFUFJWJt
i1fdy4SMdXj4KKQIDKFzF1CkxlJ/yMsZTEPyXdDnHTiMSVmtC5CRmCm0L4zsunEb
9xVVIeGIKsURHZdU5BVLc4+M5vqIvT1dRnqzAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUBteJfiriuqqdDOOO/OzGQjNfD9wwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9CdGVKZmlyaXVxcWRET09P
X096R1FqTmZEOXcucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBAJGQ/qB4Xc/UTr9k2hC6ZpFv6qpwQyv7cn2A
4Miil3ySozPNbTOnHOhtfzW5Vlr/zfayBtk6YLwwM+WbyC8rlAi5aP9sTxvne0iB
tj1fTANg1de5TABodktUlhqLLxDhtAhmLtama48m5jkNyyruUc0cDlvia7zzC6gD
gsM+M4N7I/mxdbrhzqOzPXxBdNixw9MOwwQ7A9m/UXJOJHr/TZABiHc51T+P8zVp
NUmXWYwGKj5ti3Br5ZwpQrYCrzr5niO0C3N11H+KyBKe3yjkpuMnrUxjyIhlhFyj
AjYmbhuQDWlu0wckoAF50C8pgKqpDHDIq9mmRf5tHp/yBakJmCg=
-----END CERTIFICATE-----
Generated at Sat Jun 21 18:30:57 2025 by rpki-client