Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/IH3b22DiXr1UDcQFNezun4hV3Fs.roa
File: IH3b22DiXr1UDcQFNezun4hV3Fs.roa (raw, json)
Hash identifier: uo/Gu/RBBKWbyqvkDJnmiAJb78JQanLXqZxDaXHHLos=
Subject key identifier: 20:7D:DB:DB:60:E2:5E:BD:54:0D:C4:05:35:EC:EE:9F:88:55:DC:5B
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 1B65
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/IH3b22DiXr1UDcQFNezun4hV3Fs.roa
Signing time: Thu 12 Jun 2025 14:39:52 +0000
ROA not before: Thu 12 Jun 2025 14:39:52 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7013 (0x1b65)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 12 14:39:52 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=207DDBDB60E25EBD540DC40535ECEE9F8855DC5B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:23:57:52:21:03:c6:27:31:c2:4c:aa:dd:86:
2f:a3:8b:47:3a:df:9d:7e:64:0d:f3:92:44:8e:55:
8a:f6:7e:9c:90:e2:86:3b:f8:22:81:87:b6:55:a9:
e9:f3:14:3d:da:e5:14:ed:66:2a:e2:b7:43:52:80:
b7:39:9b:32:d6:82:64:94:d3:26:69:32:5d:de:4a:
23:1c:81:c4:d5:b7:f2:53:bd:98:85:91:6a:86:79:
59:3a:7d:bc:90:3e:b4:94:7d:83:16:df:a7:ab:b2:
7a:78:af:0f:c4:89:28:6e:18:dd:12:5b:62:6b:83:
f2:38:f0:d6:62:4e:76:a3:54:69:63:f5:6f:ee:09:
e6:d9:dd:da:ce:88:1e:bc:09:f4:3a:45:dc:fa:de:
71:11:7f:31:02:67:bf:23:f6:99:9f:4d:8d:51:15:
19:4d:92:c4:b9:d8:85:57:c7:7f:bd:82:85:d1:16:
41:84:01:8d:c0:ed:6e:d1:93:3b:a7:d8:b8:b3:dc:
4a:57:6f:06:96:79:ec:67:bb:2d:c9:4e:3e:1b:45:
eb:20:2a:7c:0b:e8:b0:81:e0:7f:a0:31:e3:0d:97:
fc:ad:ba:e6:57:3c:8e:d4:40:2c:24:bc:e6:4c:f0:
9c:a7:76:cc:97:3e:b5:a8:65:de:1d:fb:6e:a0:7b:
a8:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:7D:DB:DB:60:E2:5E:BD:54:0D:C4:05:35:EC:EE:9F:88:55:DC:5B
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/IH3b22DiXr1UDcQFNezun4hV3Fs.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
31:d2:78:9f:8a:16:d8:bf:98:13:2c:7c:47:ef:f9:1d:19:eb:
3c:9e:25:ef:16:20:42:0f:15:44:37:a6:26:9a:f5:0e:60:f6:
ae:1a:ca:f4:38:b8:c4:bc:18:9f:de:ec:8d:e6:3e:e4:f0:f9:
10:46:db:92:75:0d:be:0f:43:05:66:7b:18:31:77:68:71:de:
4c:a4:14:e9:dc:a9:66:6e:85:c3:ca:c8:cd:13:bd:b9:6f:e5:
49:5b:24:03:d0:f6:d8:73:48:74:7e:93:ca:d5:d2:fd:64:be:
b2:7d:0e:be:a8:9e:74:23:5c:a0:78:93:f5:87:99:39:f8:3b:
36:ca:53:cd:a2:02:42:8d:c2:81:ba:80:c8:0a:2a:c2:00:0f:
34:a3:44:5d:9c:ef:15:f0:a4:83:64:43:75:c0:13:f1:d1:9d:
e9:c3:b6:2b:fc:c2:dd:17:4d:47:1d:cf:db:8b:03:b2:79:f1:
e8:87:56:6f:55:ae:af:fd:54:8b:39:ea:4a:5b:12:b7:fd:1d:
19:7e:20:05:83:e2:95:f5:17:8e:ea:9f:8d:1d:7d:ca:3e:43:
5f:1d:0d:c1:eb:f0:6f:f9:e4:c6:78:db:ab:01:01:61:7e:1f:
06:d8:18:e2:67:ea:58:46:43:67:7b:58:74:b3:64:4a:91:28:
fd:e6:98:af
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICG2UwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MTIx
NDM5NTJaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDIwN0REQkRCNjBFMjVF
QkQ1NDBEQzQwNTM1RUNFRTlGODg1NURDNUIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDiI1dSIQPGJzHCTKrdhi+ji0c6351+ZA3zkkSOVYr2fpyQ4oY7
+CKBh7ZVqenzFD3a5RTtZirit0NSgLc5mzLWgmSU0yZpMl3eSiMcgcTVt/JTvZiF
kWqGeVk6fbyQPrSUfYMW36ersnp4rw/EiShuGN0SW2Jrg/I48NZiTnajVGlj9W/u
CebZ3drOiB68CfQ6Rdz63nERfzECZ78j9pmfTY1RFRlNksS52IVXx3+9goXRFkGE
AY3A7W7Rkzun2Liz3EpXbwaWeexnuy3JTj4bResgKnwL6LCB4H+gMeMNl/ytuuZX
PI7UQCwkvOZM8JyndsyXPrWoZd4d+26ge6grAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUIH3b22DiXr1UDcQFNezun4hV3FswHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9JSDNiMjJEaVhyMVVEY1FG
TmV6dW40aFYzRnMucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBADHSeJ+KFti/mBMsfEfv+R0Z6zyeJe8WIEIP
FUQ3piaa9Q5g9q4ayvQ4uMS8GJ/e7I3mPuTw+RBG25J1Db4PQwVmexgxd2hx3kyk
FOncqWZuhcPKyM0Tvblv5UlbJAPQ9thzSHR+k8rV0v1kvrJ9Dr6onnQjXKB4k/WH
mTn4OzbKU82iAkKNwoG6gMgKKsIADzSjRF2c7xXwpINkQ3XAE/HRnenDtiv8wt0X
TUcdz9uLA7J58eiHVm9Vrq/9VIs56kpbErf9HRl+IAWD4pX1F47qn40dfco+Q18d
DcHr8G/55MZ426sBAWF+HwbYGOJn6lhGQ2d7WHSzZEqRKP3mmK8=
-----END CERTIFICATE-----
Generated at Sat Jun 21 03:21:12 2025 by rpki-client