Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/JAW07LQqcEh37_nK1BHtuFjko00.roa
File: JAW07LQqcEh37_nK1BHtuFjko00.roa (raw, json)
Hash identifier: J8DavkvFO4kosEmKWT4LDaLaGd4xdxxOF59ZKvXUsOU=
Subject key identifier: 24:05:B4:EC:B4:2A:70:48:77:EF:F9:CA:D4:11:ED:B8:58:E4:A3:4D
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 1755
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/JAW07LQqcEh37_nK1BHtuFjko00.roa
Signing time: Sat 07 Jun 2025 04:39:28 +0000
ROA not before: Sat 07 Jun 2025 04:39:28 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5973 (0x1755)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 7 04:39:28 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=2405B4ECB42A704877EFF9CAD411EDB858E4A34D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:e1:32:de:9d:78:a5:07:b8:df:cf:1a:f6:4f:
54:7c:97:b2:3f:51:97:12:43:37:df:58:3b:6a:52:
db:d2:bb:6f:8a:0f:40:08:55:bc:9a:cf:27:41:1f:
9c:40:21:05:d8:e2:44:84:20:fc:ba:c0:7e:ea:40:
ea:1e:3b:2f:98:4d:7e:2d:8a:7f:57:af:80:3a:e6:
7a:1a:40:1e:40:df:af:47:cd:32:0e:e2:98:b7:4e:
2a:86:86:f3:59:0a:66:ab:05:a2:64:3f:b3:23:5c:
ba:a4:a6:db:ad:12:70:1f:d4:06:0f:3b:37:6a:7c:
58:96:ba:bc:88:4f:1d:ec:bf:16:7e:a9:dd:a0:2f:
3d:c3:b3:50:ca:f2:b5:82:52:bc:07:87:4a:79:9b:
69:fa:36:f8:18:98:aa:0b:d9:55:7d:f4:7d:4b:2a:
e6:60:2e:2d:95:ce:16:71:04:f0:bf:5a:e5:14:66:
40:9d:0b:f7:ea:49:9f:12:00:00:14:5b:67:81:54:
f2:e5:fe:04:60:7d:c1:02:99:66:dd:0f:61:ae:24:
5f:e8:0b:90:28:b2:8f:62:c3:d2:db:02:3e:f6:d5:
3d:c9:70:6c:95:9a:2a:81:40:07:b1:de:31:8e:3f:
c0:f7:fb:48:4c:a1:d4:1c:2f:f2:09:72:75:af:91:
63:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:05:B4:EC:B4:2A:70:48:77:EF:F9:CA:D4:11:ED:B8:58:E4:A3:4D
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/JAW07LQqcEh37_nK1BHtuFjko00.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
2b:d9:e5:cd:30:19:e5:fe:71:1e:82:7f:a2:d6:1c:85:d6:96:
9b:c4:c3:32:ac:3d:ea:fd:90:95:c4:00:f5:7c:a2:45:2b:5d:
65:83:1f:68:21:0a:0e:97:18:c3:1d:02:68:1e:2e:2c:7b:84:
a8:89:84:b5:46:6c:0c:57:88:a9:39:57:1d:98:53:ed:f9:0d:
36:11:45:85:ed:b9:bb:17:18:38:87:25:29:b9:77:1f:bc:79:
22:6a:d4:23:b6:9c:04:13:3f:af:32:17:ef:e3:7c:20:35:f0:
28:5b:78:e0:2c:11:92:cc:50:ed:44:36:02:a5:49:9c:a1:63:
26:0a:8f:e3:56:76:9c:b6:27:85:00:43:27:4e:30:f7:f8:e9:
f3:76:98:f3:08:31:a2:8b:b2:03:e0:3a:c5:25:a9:06:0d:1c:
a6:55:61:ec:3d:d0:cd:6f:6b:aa:30:c1:ed:6e:71:18:74:af:
ac:de:f5:ec:f5:e5:ea:42:0e:ed:d8:d0:02:97:ed:3e:5d:ee:
3d:21:17:24:5d:3d:51:34:50:85:67:ca:12:a5:e1:ad:0e:59:
ec:48:a1:62:e1:12:9e:b3:44:27:af:8c:5c:a3:32:af:60:6b:
db:34:91:20:78:3e:04:be:9d:93:70:7a:e8:e5:cb:fa:0c:fd:
11:f1:0b:6e
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICF1UwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MDcw
NDM5MjhaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDI0MDVCNEVDQjQyQTcw
NDg3N0VGRjlDQUQ0MTFFREI4NThFNEEzNEQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCm4TLenXilB7jfzxr2T1R8l7I/UZcSQzffWDtqUtvSu2+KD0AI
VbyazydBH5xAIQXY4kSEIPy6wH7qQOoeOy+YTX4tin9Xr4A65noaQB5A369HzTIO
4pi3TiqGhvNZCmarBaJkP7MjXLqkptutEnAf1AYPOzdqfFiWuryITx3svxZ+qd2g
Lz3Ds1DK8rWCUrwHh0p5m2n6NvgYmKoL2VV99H1LKuZgLi2VzhZxBPC/WuUUZkCd
C/fqSZ8SAAAUW2eBVPLl/gRgfcECmWbdD2GuJF/oC5Aoso9iw9LbAj721T3JcGyV
miqBQAex3jGOP8D3+0hModQcL/IJcnWvkWMNAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUJAW07LQqcEh37/nK1BHtuFjko00wHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9KQVcwN0xRcWNFaDM3X25L
MUJIdHVGamtvMDAucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBACvZ5c0wGeX+cR6Cf6LWHIXWlpvEwzKsPer9
kJXEAPV8okUrXWWDH2ghCg6XGMMdAmgeLix7hKiJhLVGbAxXiKk5Vx2YU+35DTYR
RYXtubsXGDiHJSm5dx+8eSJq1CO2nAQTP68yF+/jfCA18ChbeOAsEZLMUO1ENgKl
SZyhYyYKj+NWdpy2J4UAQydOMPf46fN2mPMIMaKLsgPgOsUlqQYNHKZVYew90M1v
a6owwe1ucRh0r6ze9ez15epCDu3Y0AKX7T5d7j0hFyRdPVE0UIVnyhKl4a0OWexI
oWLhEp6zRCevjFyjMq9ga9s0kSB4PgS+nZNweujly/oM/RHxC24=
-----END CERTIFICATE-----
Generated at Sun Jun 22 17:37:57 2025 by rpki-client