Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/KB_s8sjtF82-Nk2eIwPHmibGWiM.roa
File: KB_s8sjtF82-Nk2eIwPHmibGWiM.roa (raw, json)
Hash identifier: z7wwuV0q/KUgjIZwhbINXQE1Kx5D1xWs8qwjc9pcSZo=
Subject key identifier: 28:1F:EC:F2:C8:ED:17:CD:BE:36:4D:9E:23:03:C7:9A:26:C6:5A:23
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 1A51
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/KB_s8sjtF82-Nk2eIwPHmibGWiM.roa
Signing time: Wed 11 Jun 2025 04:09:48 +0000
ROA not before: Wed 11 Jun 2025 04:09:48 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6737 (0x1a51)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 11 04:09:48 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=281FECF2C8ED17CDBE364D9E2303C79A26C65A23
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:27:2e:19:c7:28:6c:45:07:f6:f2:35:45:f5:
eb:54:d1:56:ba:4a:91:7b:5b:fb:dd:b9:36:39:6b:
0d:02:50:af:fa:cf:2e:b0:38:92:3d:73:0e:19:95:
8d:7d:5a:9f:98:53:17:23:90:2f:12:7d:d0:83:2c:
f2:2d:9e:5b:ce:ca:06:05:3f:c2:d2:bf:6f:86:80:
1a:b1:a1:2f:71:2f:41:1b:9e:c9:3c:23:70:a0:3d:
62:4d:0a:d5:f1:3c:2b:45:65:c7:4c:a2:e5:f5:0c:
44:a2:be:fb:2d:74:70:8c:f3:a7:4a:ac:94:1f:7d:
e0:19:03:9b:84:a0:68:bd:5b:ea:ae:ca:84:cc:f4:
6e:49:e7:7b:6a:84:eb:af:3c:ab:47:16:d3:4c:dc:
b2:cc:7b:0a:da:47:d9:c1:30:2f:38:25:ed:58:86:
a6:cc:dc:fe:27:fd:0e:15:59:7e:31:4b:c4:09:ab:
b1:39:ad:93:97:4c:ea:2c:41:75:cb:18:21:05:91:
38:e5:b2:ce:e7:32:51:a4:21:d6:ba:df:0c:d9:51:
6f:5d:18:34:61:df:b7:9d:a2:19:5e:49:0b:f3:b6:
2c:4f:98:15:0a:17:80:e4:34:37:54:ed:68:4d:60:
51:1d:db:31:36:1b:53:24:aa:2b:8b:b9:de:01:c7:
d5:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:1F:EC:F2:C8:ED:17:CD:BE:36:4D:9E:23:03:C7:9A:26:C6:5A:23
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/KB_s8sjtF82-Nk2eIwPHmibGWiM.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
5b:0b:a2:4e:d6:87:00:5a:9b:64:87:b7:9c:ee:b2:4d:af:ba:
2b:91:d6:f2:89:a2:7e:2b:bd:7d:2f:39:90:58:8f:b7:b4:78:
f5:53:e3:68:45:01:9a:44:c4:07:85:55:a5:b7:52:0f:d0:fb:
8a:0d:9c:7f:78:c5:87:26:6a:de:3e:36:b5:cb:d7:fb:63:37:
81:c9:92:40:66:5b:6a:4a:df:62:17:2a:d1:58:00:af:96:1c:
99:43:f0:70:84:35:99:af:79:fe:fd:f3:14:3b:86:37:1e:16:
26:f7:77:04:93:58:00:c9:d0:76:8b:08:f8:a5:92:4b:4a:a3:
4e:fb:8e:f3:a3:6a:67:2f:1f:b9:0a:eb:aa:88:ea:d5:3e:a6:
60:bc:fa:85:70:fe:3a:fd:b7:f1:c0:d0:42:db:c4:2f:56:46:
84:56:6c:0c:37:d6:7f:68:65:29:20:53:1a:f2:3d:80:af:67:
a9:af:06:98:55:e6:67:66:ff:ad:a4:07:c9:bb:ca:dc:7b:9c:
09:a0:76:4a:c2:6f:e7:2d:c5:3b:32:fc:cb:28:77:fb:1f:54:
02:2c:ad:6b:b3:2e:1c:09:1a:f1:43:3a:89:66:9c:86:93:03:
2c:f5:7a:11:4c:41:45:e0:dc:09:64:a0:b7:73:84:c0:4c:1f:
71:ed:0a:4d
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICGlEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MTEw
NDA5NDhaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDI4MUZFQ0YyQzhFRDE3
Q0RCRTM2NEQ5RTIzMDNDNzlBMjZDNjVBMjMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDcJy4ZxyhsRQf28jVF9etU0Va6SpF7W/vduTY5aw0CUK/6zy6w
OJI9cw4ZlY19Wp+YUxcjkC8SfdCDLPItnlvOygYFP8LSv2+GgBqxoS9xL0Ebnsk8
I3CgPWJNCtXxPCtFZcdMouX1DESivvstdHCM86dKrJQffeAZA5uEoGi9W+quyoTM
9G5J53tqhOuvPKtHFtNM3LLMewraR9nBMC84Je1YhqbM3P4n/Q4VWX4xS8QJq7E5
rZOXTOosQXXLGCEFkTjlss7nMlGkIda63wzZUW9dGDRh37edohleSQvztixPmBUK
F4DkNDdU7WhNYFEd2zE2G1MkqiuLud4Bx9UrAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUKB/s8sjtF82+Nk2eIwPHmibGWiMwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9LQl9zOHNqdEY4Mi1OazJl
SXdQSG1pYkdXaU0ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBAFsLok7WhwBam2SHt5zusk2vuiuR1vKJon4r
vX0vOZBYj7e0ePVT42hFAZpExAeFVaW3Ug/Q+4oNnH94xYcmat4+NrXL1/tjN4HJ
kkBmW2pK32IXKtFYAK+WHJlD8HCENZmvef798xQ7hjceFib3dwSTWADJ0HaLCPil
kktKo077jvOjamcvH7kK66qI6tU+pmC8+oVw/jr9t/HA0ELbxC9WRoRWbAw31n9o
ZSkgUxryPYCvZ6mvBphV5mdm/62kB8m7ytx7nAmgdkrCb+ctxTsy/Msod/sfVAIs
rWuzLhwJGvFDOolmnIaTAyz1ehFMQUXg3AlkoLdzhMBMH3HtCk0=
-----END CERTIFICATE-----
Generated at Tue Jun 17 11:48:28 2025 by rpki-client