Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/FxJJ_7Etxjp1Q3vlt78aIy0UaQY.roa
File: FxJJ_7Etxjp1Q3vlt78aIy0UaQY.roa (raw, json)
Hash identifier: iYXILeytzGK0e2k4/khzOxrABViswbXEmrImZo8nqTs=
Subject key identifier: 17:12:49:FF:B1:2D:C6:3A:75:43:7B:E5:B7:BF:1A:23:2D:14:69:06
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 15D9
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/FxJJ_7Etxjp1Q3vlt78aIy0UaQY.roa
Signing time: Thu 05 Jun 2025 05:09:23 +0000
ROA not before: Thu 05 Jun 2025 05:09:23 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5593 (0x15d9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 5 05:09:23 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=171249FFB12DC63A75437BE5B7BF1A232D146906
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:93:47:ec:81:5e:3b:6d:24:52:8e:76:31:f8:
0d:2a:73:29:c6:b8:5b:65:13:18:31:2f:dc:18:33:
a4:fe:e9:d7:97:a3:69:56:57:84:4b:f9:0a:13:91:
a4:82:53:80:1a:ae:af:1d:e6:45:12:da:f7:e2:44:
a9:60:d7:d6:66:71:55:83:6a:b1:ee:97:d7:f6:55:
fb:22:90:ee:98:a0:50:a5:e9:11:af:84:a1:76:64:
c7:5d:fd:c6:ac:bc:d0:63:aa:16:2b:9e:55:51:c4:
10:b4:a7:74:0a:46:bf:e4:99:5d:63:7f:20:c3:cf:
09:7d:3a:c1:ce:ba:e9:28:52:f3:68:d8:3d:1f:11:
5f:2d:6e:82:5e:7d:21:27:67:11:06:e5:95:fe:15:
14:ab:bc:eb:db:c8:e2:f9:e0:5d:5e:09:1d:6d:6d:
2e:94:f1:7f:62:ea:9c:2c:01:03:92:22:22:69:63:
50:0e:ff:c9:af:41:33:a6:a1:14:e0:a9:3a:96:f1:
53:a6:99:82:aa:d5:d3:72:21:02:37:4f:c4:7e:25:
2a:3c:f3:1d:13:dd:a3:5c:da:b8:4c:7f:2e:32:1d:
8a:6d:f5:33:a7:39:84:44:5a:79:32:48:4e:0c:7c:
19:9c:fd:bf:c0:f6:ab:cf:47:05:01:1d:ab:e9:e1:
11:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:12:49:FF:B1:2D:C6:3A:75:43:7B:E5:B7:BF:1A:23:2D:14:69:06
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/FxJJ_7Etxjp1Q3vlt78aIy0UaQY.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
1f:52:58:b5:23:bb:18:e9:b3:48:f7:46:19:cc:4c:4f:a6:a4:
3f:1e:78:be:a4:8d:b8:5f:ed:bc:f5:6e:ad:75:42:32:20:c1:
aa:c3:e9:2e:60:d1:d0:52:8f:c0:cc:5a:1f:de:22:4b:64:b3:
bc:7c:97:66:62:68:c6:21:e8:5a:c8:42:9f:bb:5e:d5:24:dd:
8a:88:f1:64:fb:fb:4e:08:8d:d0:40:c9:f3:21:2b:85:bb:dc:
93:d4:23:e3:68:22:9b:e6:7c:3f:de:31:a7:46:76:0d:a7:69:
78:dd:2c:4d:4b:1c:34:8c:54:b9:1b:19:96:cb:b4:c0:7d:ab:
7d:7a:09:a5:e4:75:2c:78:a0:ae:0c:44:ba:ad:cf:f2:32:15:
0e:e6:a4:8b:44:1e:66:63:30:d4:0e:29:6e:cb:08:d6:2a:80:
ad:78:ea:fd:e1:06:b6:5b:e0:50:39:ef:f9:d4:f8:25:d4:4f:
62:86:d1:1e:e8:92:5b:32:3b:3e:95:bc:4e:b0:32:14:36:94:
63:fd:12:e8:31:5c:c7:57:ce:0b:25:d6:91:40:a0:65:3b:ca:
ab:94:eb:1c:7d:79:51:f0:34:5e:ee:2b:14:ea:16:8c:af:33:
61:8e:24:dc:59:38:5a:6f:79:c8:5e:0c:83:b2:f3:db:52:1a:
55:c6:11:43
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICFdkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MDUw
NTA5MjNaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDE3MTI0OUZGQjEyREM2
M0E3NTQzN0JFNUI3QkYxQTIzMkQxNDY5MDYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDok0fsgV47bSRSjnYx+A0qcynGuFtlExgxL9wYM6T+6deXo2lW
V4RL+QoTkaSCU4Aarq8d5kUS2vfiRKlg19ZmcVWDarHul9f2VfsikO6YoFCl6RGv
hKF2ZMdd/casvNBjqhYrnlVRxBC0p3QKRr/kmV1jfyDDzwl9OsHOuukoUvNo2D0f
EV8tboJefSEnZxEG5ZX+FRSrvOvbyOL54F1eCR1tbS6U8X9i6pwsAQOSIiJpY1AO
/8mvQTOmoRTgqTqW8VOmmYKq1dNyIQI3T8R+JSo88x0T3aNc2rhMfy4yHYpt9TOn
OYREWnkySE4MfBmc/b/A9qvPRwUBHavp4RE5AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUFxJJ/7Etxjp1Q3vlt78aIy0UaQYwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9GeEpKXzdFdHhqcDFRM3Zs
dDc4YUl5MFVhUVkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBAB9SWLUjuxjps0j3RhnMTE+mpD8eeL6kjbhf
7bz1bq11QjIgwarD6S5g0dBSj8DMWh/eIktks7x8l2ZiaMYh6FrIQp+7XtUk3YqI
8WT7+04IjdBAyfMhK4W73JPUI+NoIpvmfD/eMadGdg2naXjdLE1LHDSMVLkbGZbL
tMB9q316CaXkdSx4oK4MRLqtz/IyFQ7mpItEHmZjMNQOKW7LCNYqgK146v3hBrZb
4FA57/nU+CXUT2KG0R7oklsyOz6VvE6wMhQ2lGP9EugxXMdXzgsl1pFAoGU7yquU
6xx9eVHwNF7uKxTqFoyvM2GOJNxZOFpvecheDIOy89tSGlXGEUM=
-----END CERTIFICATE-----
Generated at Sun Jun 22 03:36:59 2025 by rpki-client