Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/HgJLLArUTMVgCbgT5UOgaiHZB0c.roa
File: HgJLLArUTMVgCbgT5UOgaiHZB0c.roa (raw, json)
Hash identifier: mtVSzIwUG2fMQIjPvo1+efsdypNmMIpTTXKl35V0Oic=
Subject key identifier: 1E:02:4B:2C:0A:D4:4C:C5:60:09:B8:13:E5:43:A0:6A:21:D9:07:47
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 1419
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/HgJLLArUTMVgCbgT5UOgaiHZB0c.roa
Signing time: Mon 02 Jun 2025 21:09:13 +0000
ROA not before: Mon 02 Jun 2025 21:09:13 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5145 (0x1419)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 2 21:09:13 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=1E024B2C0AD44CC56009B813E543A06A21D90747
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:68:bd:24:59:c5:b6:d3:ad:72:9c:75:f0:a1:
54:84:2e:3b:c5:f3:53:c9:f3:34:17:ed:63:06:95:
e6:38:e8:aa:19:2e:ff:01:df:22:8d:4c:e2:da:6e:
10:35:43:2a:ed:f0:5a:86:a5:a7:b7:0f:ea:f8:b3:
b6:7a:85:4f:64:b0:29:ca:6b:a7:65:a2:54:66:8e:
f9:95:c6:e8:67:13:59:e4:94:7f:d7:0e:35:0a:b8:
73:c8:17:c2:69:02:79:4a:5f:28:1f:8b:3e:fc:ab:
8b:b9:67:90:8a:55:b7:e9:06:b0:b9:de:0f:1b:6c:
a5:34:11:44:7f:2a:c1:ea:fb:73:ac:ed:31:48:7a:
3c:c2:af:15:62:bd:c0:4c:5e:d8:58:02:ff:6a:80:
81:c1:42:05:e0:29:48:8b:cb:88:80:81:ff:27:8b:
70:d8:33:9b:18:7e:e8:c1:85:39:ef:6f:19:14:5b:
17:df:7f:50:ad:ec:d1:bd:93:d3:9b:26:d8:81:09:
85:ec:6b:6b:12:8d:43:38:22:cb:bc:6b:33:c8:3a:
92:f7:aa:cf:3d:31:c8:f4:e8:6a:3e:9f:c5:64:1e:
e3:b8:2d:6c:5e:2f:1f:02:02:6e:d3:55:19:20:49:
b0:15:04:f7:ec:ca:83:1b:c5:fa:cc:10:fe:80:6d:
38:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:02:4B:2C:0A:D4:4C:C5:60:09:B8:13:E5:43:A0:6A:21:D9:07:47
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/HgJLLArUTMVgCbgT5UOgaiHZB0c.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
30:81:97:ba:d8:c6:0d:56:83:a4:f1:f8:b3:18:3f:e5:6b:47:
34:3a:3a:42:85:00:71:2c:da:0b:46:ee:c9:51:12:b2:7d:c6:
a3:21:6c:bd:de:b4:72:ee:5c:7d:83:e8:e8:1c:a3:61:17:95:
e3:bb:90:f5:44:79:98:ae:79:fa:7d:4e:eb:0c:ce:a6:d4:a6:
52:5f:e4:d1:af:7b:21:dd:16:a1:d1:2d:cc:c3:09:a8:05:c5:
2a:f5:0d:4e:1c:dd:ce:80:b3:39:9e:24:b1:32:e3:c8:2d:e1:
d9:37:77:42:23:49:98:11:3b:b2:9a:d3:d9:b1:b8:f7:92:c0:
f7:ed:14:29:ff:bb:07:c5:d0:01:02:91:df:c4:1d:1f:a0:65:
5e:2d:c6:d2:68:43:e0:d0:bd:1a:c7:71:ac:27:99:88:67:0a:
15:b6:38:fb:23:5f:0c:cf:bb:2f:49:06:95:76:82:22:9c:d6:
bb:76:c4:33:c0:2d:86:4d:20:12:75:a8:82:eb:bd:a0:e0:14:
62:d2:a1:73:65:76:7e:c7:66:5f:4f:77:68:db:2c:46:24:a2:
e5:c9:20:2a:58:7a:e8:6f:eb:d6:b9:ac:31:91:d3:ab:77:6b:
dd:15:5f:79:6d:d3:1d:42:aa:92:53:29:86:a6:18:42:51:9b:
3a:53:01:72
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICFBkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MDIy
MTA5MTNaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDFFMDI0QjJDMEFENDRD
QzU2MDA5QjgxM0U1NDNBMDZBMjFEOTA3NDcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDHaL0kWcW2061ynHXwoVSELjvF81PJ8zQX7WMGleY46KoZLv8B
3yKNTOLabhA1Qyrt8FqGpae3D+r4s7Z6hU9ksCnKa6dlolRmjvmVxuhnE1nklH/X
DjUKuHPIF8JpAnlKXygfiz78q4u5Z5CKVbfpBrC53g8bbKU0EUR/KsHq+3Os7TFI
ejzCrxVivcBMXthYAv9qgIHBQgXgKUiLy4iAgf8ni3DYM5sYfujBhTnvbxkUWxff
f1Ct7NG9k9ObJtiBCYXsa2sSjUM4Isu8azPIOpL3qs89Mcj06Go+n8VkHuO4LWxe
Lx8CAm7TVRkgSbAVBPfsyoMbxfrMEP6AbTg/AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUHgJLLArUTMVgCbgT5UOgaiHZB0cwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9IZ0pMTEFyVVRNVmdDYmdU
NVVPZ2FpSFpCMGMucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBADCBl7rYxg1Wg6Tx+LMYP+VrRzQ6OkKFAHEs
2gtG7slRErJ9xqMhbL3etHLuXH2D6Ogco2EXleO7kPVEeZiuefp9TusMzqbUplJf
5NGveyHdFqHRLczDCagFxSr1DU4c3c6AszmeJLEy48gt4dk3d0IjSZgRO7Ka09mx
uPeSwPftFCn/uwfF0AECkd/EHR+gZV4txtJoQ+DQvRrHcawnmYhnChW2OPsjXwzP
uy9JBpV2giKc1rt2xDPALYZNIBJ1qILrvaDgFGLSoXNldn7HZl9Pd2jbLEYkouXJ
ICpYeuhv69a5rDGR06t3a90VX3lt0x1CqpJTKYamGEJRmzpTAXI=
-----END CERTIFICATE-----
Generated at Sat Jun 21 00:50:14 2025 by rpki-client