Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/F_JostzZtp2FwVPaVQir1SxV5ew.roa
File: F_JostzZtp2FwVPaVQir1SxV5ew.roa (raw, json)
Hash identifier: tKKEG5NrAb6ofH+9CBMNpm7uSqNFYsyd1yAL67zC19U=
Subject key identifier: 17:F2:68:B2:DC:D9:B6:9D:85:C1:53:DA:55:08:AB:D5:2C:55:E5:EC
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 1C9D
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/F_JostzZtp2FwVPaVQir1SxV5ew.roa
Signing time: Sat 14 Jun 2025 05:39:53 +0000
ROA not before: Sat 14 Jun 2025 05:39:53 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7325 (0x1c9d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 14 05:39:53 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=17F268B2DCD9B69D85C153DA5508ABD52C55E5EC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:e5:6a:d2:da:cf:e9:43:88:c5:ae:8e:6c:c8:
00:b1:4a:26:30:a1:d2:d1:c8:46:f6:4f:28:1b:17:
f2:78:e9:24:43:83:70:db:84:fb:43:a4:f0:5d:44:
60:73:20:c3:29:a4:aa:83:c1:16:49:ce:e2:8c:d3:
d5:85:b4:b1:ea:a0:4e:51:89:68:77:ed:3e:ca:59:
87:02:91:48:14:3a:56:67:5b:55:0b:19:df:9b:ff:
ab:c4:ea:b5:44:6e:a8:f0:7d:51:ce:f6:0c:1f:dc:
07:38:56:2c:a5:7a:13:92:70:a6:6a:26:ad:92:9a:
1d:57:05:73:eb:2a:02:68:f8:65:19:bf:a0:c6:52:
80:30:f5:fe:56:b9:d2:40:6a:15:75:d1:5d:da:be:
a1:fa:69:98:f5:c7:af:ed:a5:ae:6d:41:ed:7c:21:
d1:44:b4:4c:a3:d2:39:5f:01:5a:c7:74:f6:eb:f8:
22:a2:50:63:1e:51:6c:05:53:ac:b5:cd:8f:2b:09:
34:a0:12:0c:a1:a2:ee:c6:c7:db:a8:81:23:49:45:
3b:d1:e5:8b:70:d9:4f:fb:4f:6c:da:ee:5f:ab:12:
d2:ff:03:60:0c:39:a3:92:ed:73:37:cc:c9:9d:00:
22:c4:e2:e6:eb:23:70:ea:12:cc:fd:f7:bc:3e:ac:
7c:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:F2:68:B2:DC:D9:B6:9D:85:C1:53:DA:55:08:AB:D5:2C:55:E5:EC
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/F_JostzZtp2FwVPaVQir1SxV5ew.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
67:a6:91:90:0d:cd:f3:a0:83:9b:d9:bb:b6:ba:e6:ab:ab:7a:
55:88:8d:3a:ba:9c:75:3d:9c:36:fc:b8:01:40:07:e9:76:1f:
04:4c:f5:f0:be:97:15:65:8e:82:1d:52:f3:80:a3:cb:77:85:
35:37:f7:e9:db:94:92:b7:17:33:18:5d:60:5d:27:16:57:aa:
30:d8:d2:81:4b:55:32:e4:8a:c7:4a:7e:0f:9c:19:bc:60:49:
eb:b8:dc:79:4c:fa:0a:b0:b5:95:d5:c9:85:36:20:58:90:96:
7e:b3:bd:83:45:a7:57:64:bb:79:94:e3:73:5d:1a:fc:3b:b7:
16:8f:76:26:28:6e:1f:9c:ce:65:5b:64:59:4b:ee:dd:04:3b:
f3:bc:f6:1b:92:0e:84:8f:0e:82:dd:7f:51:1f:86:52:1f:d9:
10:11:ba:29:14:45:30:77:7d:4f:f7:56:b5:d2:e8:51:da:66:
c4:2e:1e:a2:e6:aa:5d:a6:3e:4b:16:f7:c6:79:6b:c5:d4:21:
cf:96:dc:f6:0a:52:4a:25:bc:50:2f:b6:4a:5a:ff:2a:e3:ec:
7f:9b:97:31:62:c6:5b:8f:c4:5d:94:e6:9a:62:76:76:8a:96:
5e:22:3e:e9:6d:de:be:12:a3:e4:35:90:e1:bb:88:5e:8a:38:
79:27:59:d4
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICHJ0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MTQw
NTM5NTNaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDE3RjI2OEIyRENEOUI2
OUQ4NUMxNTNEQTU1MDhBQkQ1MkM1NUU1RUMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC05WrS2s/pQ4jFro5syACxSiYwodLRyEb2TygbF/J46SRDg3Db
hPtDpPBdRGBzIMMppKqDwRZJzuKM09WFtLHqoE5RiWh37T7KWYcCkUgUOlZnW1UL
Gd+b/6vE6rVEbqjwfVHO9gwf3Ac4ViylehOScKZqJq2Smh1XBXPrKgJo+GUZv6DG
UoAw9f5WudJAahV10V3avqH6aZj1x6/tpa5tQe18IdFEtEyj0jlfAVrHdPbr+CKi
UGMeUWwFU6y1zY8rCTSgEgyhou7Gx9uogSNJRTvR5Ytw2U/7T2za7l+rEtL/A2AM
OaOS7XM3zMmdACLE4ubrI3DqEsz997w+rHzhAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUF/JostzZtp2FwVPaVQir1SxV5ewwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9GX0pvc3R6WnRwMkZ3VlBh
VlFpcjFTeFY1ZXcucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBAGemkZANzfOgg5vZu7a65qurelWIjTq6nHU9
nDb8uAFAB+l2HwRM9fC+lxVljoIdUvOAo8t3hTU39+nblJK3FzMYXWBdJxZXqjDY
0oFLVTLkisdKfg+cGbxgSeu43HlM+gqwtZXVyYU2IFiQln6zvYNFp1dku3mU43Nd
Gvw7txaPdiYobh+czmVbZFlL7t0EO/O89huSDoSPDoLdf1EfhlIf2RARuikURTB3
fU/3VrXS6FHaZsQuHqLmql2mPksW98Z5a8XUIc+W3PYKUkolvFAvtkpa/yrj7H+b
lzFixluPxF2U5ppidnaKll4iPult3r4So+Q1kOG7iF6KOHknWdQ=
-----END CERTIFICATE-----
Generated at Sun Jun 22 13:32:16 2025 by rpki-client