Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/D7B3upxaYE6h5jPUsrlW3MqT18Y.roa
File: D7B3upxaYE6h5jPUsrlW3MqT18Y.roa (raw, json)
Hash identifier: yr2xEMCfoW9AvRpcSoRJx7z1U8ZqL8UsS5YbXPNLlow=
Subject key identifier: 0F:B0:77:BA:9C:5A:60:4E:A1:E6:33:D4:B2:B9:56:DC:CA:93:D7:C6
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 1B3D
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/D7B3upxaYE6h5jPUsrlW3MqT18Y.roa
Signing time: Thu 12 Jun 2025 09:39:49 +0000
ROA not before: Thu 12 Jun 2025 09:39:49 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6973 (0x1b3d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 12 09:39:49 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=0FB077BA9C5A604EA1E633D4B2B956DCCA93D7C6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:b2:57:8a:8d:36:47:68:92:8e:e7:1c:0b:0a:
e8:98:71:c3:9b:f5:71:66:31:a8:34:88:43:8c:29:
ec:92:3d:b6:ce:12:0d:d5:e9:78:80:41:a9:c5:e6:
e4:29:8a:46:48:e6:1a:63:04:f7:4e:c8:d4:e3:00:
c2:d1:3c:d4:d4:aa:70:54:01:5e:6f:ef:8e:dd:f3:
75:fb:d7:8a:17:eb:d8:75:f7:ef:62:e0:d9:f4:cc:
ad:52:ff:d1:8d:a6:be:4d:47:39:d0:4f:c5:9a:8b:
70:4a:5e:30:25:a1:2e:93:46:f7:cd:72:3e:79:49:
14:3a:80:e0:64:63:fb:69:da:e6:da:79:30:dd:66:
a8:eb:ee:58:2d:30:8d:b6:58:f9:c5:0b:01:c4:4b:
25:e7:6e:c4:55:ac:12:c7:e7:d7:b5:2f:5b:2d:55:
ae:07:f3:58:1f:a8:d6:37:01:90:7b:98:e9:8b:ba:
b5:cb:34:06:3b:78:04:f6:f9:2f:c1:38:0c:16:19:
72:16:67:84:25:a0:8a:15:af:57:95:40:5e:c4:c1:
f0:14:f6:24:83:72:36:10:ce:6f:c1:b3:b5:4b:90:
23:53:9d:27:d6:24:39:cb:2b:75:95:d6:7b:dc:a7:
22:f5:d2:98:4c:79:42:d4:a6:36:ce:9e:55:b0:17:
90:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:B0:77:BA:9C:5A:60:4E:A1:E6:33:D4:B2:B9:56:DC:CA:93:D7:C6
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/D7B3upxaYE6h5jPUsrlW3MqT18Y.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
17:5b:ee:fd:f2:cb:82:48:d4:0c:dd:96:89:90:0f:2b:c3:aa:
2f:b2:3f:82:3a:20:08:17:0b:1f:30:3b:e7:2c:ae:76:54:82:
76:5b:df:e8:8d:29:3c:9f:69:aa:60:84:b4:05:65:38:21:18:
86:0f:c1:4e:fd:cf:9a:a7:e7:11:7f:14:ff:f1:5a:a6:d2:f9:
51:c4:ec:3d:a4:1c:83:ee:6f:f4:53:bf:b6:41:73:e4:fa:00:
0c:ab:58:d2:67:40:a9:c4:c7:9f:12:51:02:22:6b:b7:8a:65:
5b:c9:70:3a:21:c9:37:91:98:3f:37:00:9b:54:aa:72:dc:11:
71:c0:e8:e1:d5:fc:52:1d:17:b3:a8:6e:f3:52:d3:5f:f2:8e:
c3:1f:95:31:5c:35:97:6a:b7:f3:61:40:92:2c:59:e0:3d:36:
a7:82:8a:74:40:18:6c:f8:b5:3a:9e:4c:48:0f:9f:03:ae:b0:
48:1b:56:c9:c3:b8:70:1a:83:ba:96:8d:56:92:c7:1e:1d:60:
ea:5f:b3:59:4c:c3:62:a5:2d:cc:3d:20:39:53:05:6f:ab:fa:
57:06:29:1b:ed:c4:4e:2f:57:73:95:a9:68:d4:7e:7f:e9:1f:
c1:ce:ba:b0:20:cd:df:61:dd:58:37:c2:81:43:7b:1d:f5:7a:
4c:66:25:8f
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICGz0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MTIw
OTM5NDlaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDBGQjA3N0JBOUM1QTYw
NEVBMUU2MzNENEIyQjk1NkRDQ0E5M0Q3QzYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCwsleKjTZHaJKO5xwLCuiYccOb9XFmMag0iEOMKeySPbbOEg3V
6XiAQanF5uQpikZI5hpjBPdOyNTjAMLRPNTUqnBUAV5v747d83X714oX69h19+9i
4Nn0zK1S/9GNpr5NRznQT8Wai3BKXjAloS6TRvfNcj55SRQ6gOBkY/tp2ubaeTDd
Zqjr7lgtMI22WPnFCwHESyXnbsRVrBLH59e1L1stVa4H81gfqNY3AZB7mOmLurXL
NAY7eAT2+S/BOAwWGXIWZ4QloIoVr1eVQF7EwfAU9iSDcjYQzm/Bs7VLkCNTnSfW
JDnLK3WV1nvcpyL10phMeULUpjbOnlWwF5ABAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUD7B3upxaYE6h5jPUsrlW3MqT18YwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9EN0IzdXB4YVlFNmg1alBV
c3JsVzNNcVQxOFkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBABdb7v3yy4JI1AzdlomQDyvDqi+yP4I6IAgX
Cx8wO+csrnZUgnZb3+iNKTyfaapghLQFZTghGIYPwU79z5qn5xF/FP/xWqbS+VHE
7D2kHIPub/RTv7ZBc+T6AAyrWNJnQKnEx58SUQIia7eKZVvJcDohyTeRmD83AJtU
qnLcEXHA6OHV/FIdF7OobvNS01/yjsMflTFcNZdqt/NhQJIsWeA9NqeCinRAGGz4
tTqeTEgPnwOusEgbVsnDuHAag7qWjVaSxx4dYOpfs1lMw2KlLcw9IDlTBW+r+lcG
KRvtxE4vV3OVqWjUfn/pH8HOurAgzd9h3Vg3woFDex31ekxmJY8=
-----END CERTIFICATE-----
Generated at Sun Jun 22 01:06:01 2025 by rpki-client