Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/KihJpaxPZxEHQnaTt634iFkvdk4.roa
File: KihJpaxPZxEHQnaTt634iFkvdk4.roa (raw, json)
Hash identifier: Rx2kvpWwqHePwKXLPuth8ViLROoCEzWagT1zhNBF7U0=
Subject key identifier: 2A:28:49:A5:AC:4F:67:11:07:42:76:93:B7:AD:F8:88:59:2F:76:4E
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 1B05
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/KihJpaxPZxEHQnaTt634iFkvdk4.roa
Signing time: Thu 12 Jun 2025 02:40:10 +0000
ROA not before: Thu 12 Jun 2025 02:40:10 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6917 (0x1b05)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 12 02:40:10 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=2A2849A5AC4F671107427693B7ADF888592F764E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:39:66:22:f5:00:7b:a7:d3:d2:29:ab:80:f9:
38:3b:8a:d2:67:5c:d8:00:20:8b:a4:fd:3e:1e:1a:
11:54:2a:26:1c:cf:96:86:bc:b1:5d:22:10:07:18:
67:de:82:6a:b8:5e:d8:7a:86:45:0e:ed:a2:b5:06:
60:ff:b4:da:88:5a:59:4d:33:8d:2f:18:18:d6:66:
01:8c:05:60:6f:77:1e:5f:0a:19:df:d4:12:6a:a2:
b8:8e:cd:cd:9a:71:8d:63:13:84:cc:b0:a8:b2:cb:
ae:83:3c:5b:88:bb:b7:1f:11:bf:3c:f6:72:6c:c5:
a7:49:4e:47:95:ac:22:a7:6d:29:7b:e1:8f:21:77:
e8:c7:0b:f7:ac:a5:74:7d:69:74:d6:91:10:23:64:
aa:48:bb:35:54:46:b1:5a:29:05:f1:ff:37:0a:f9:
4a:20:37:2d:b0:e1:0b:96:ec:3e:e3:f0:f3:fd:f0:
c3:d9:06:1b:bb:76:2d:e2:a9:81:9e:8f:78:fd:7d:
d6:d3:e6:9c:5a:8c:5f:e2:63:07:80:4a:4d:e0:88:
33:d5:96:4a:19:3f:ce:29:22:53:1a:1b:8f:e8:67:
7e:a3:77:57:91:56:35:25:2b:54:3d:6a:0c:b5:73:
48:bc:2d:04:11:59:4c:2a:81:6f:e8:9c:73:a1:77:
3d:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:28:49:A5:AC:4F:67:11:07:42:76:93:B7:AD:F8:88:59:2F:76:4E
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/KihJpaxPZxEHQnaTt634iFkvdk4.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
49:4b:88:63:5f:12:ef:e7:57:fd:f6:ec:5e:ce:90:0f:04:aa:
a7:42:0b:f5:d5:8e:a0:1e:67:95:91:28:94:f5:6d:dd:08:88:
b8:fa:7b:be:79:89:c9:f4:a5:2a:3c:74:0e:36:06:6e:44:c5:
a9:c9:31:5a:39:ce:05:8c:91:b4:ad:0c:78:35:58:01:fa:d8:
89:84:a0:fd:fa:d1:3c:05:f6:a5:8e:dd:14:16:ae:d7:a0:79:
ed:f0:e1:6c:62:c3:8f:1a:fa:87:e4:f5:4b:c9:93:32:a8:91:
f9:0b:b8:13:22:71:53:3f:fe:0e:51:98:50:d8:4a:df:3d:dc:
d0:63:5d:cc:c1:5c:92:d7:40:b5:0c:ed:24:80:fe:64:33:0e:
ca:69:71:03:8d:61:af:df:f4:87:a2:c9:5a:16:43:b2:c5:5d:
d3:26:87:d4:35:c8:66:c4:a0:95:88:2f:5a:e6:ec:99:19:fc:
d0:79:72:20:b4:a9:eb:14:d6:25:98:6e:19:bf:ed:e4:11:66:
eb:9f:f3:76:84:d9:42:f7:d0:b4:6d:95:ec:7b:30:2b:68:e5:
c8:4e:1e:f5:06:c2:7b:c7:a0:e9:ac:a3:76:94:e4:37:e4:fc:
43:9c:36:48:16:82:54:35:35:bc:21:f8:ab:6c:4a:37:e1:36:
ff:17:64:49
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICGwUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MTIw
MjQwMTBaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDJBMjg0OUE1QUM0RjY3
MTEwNzQyNzY5M0I3QURGODg4NTkyRjc2NEUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDjOWYi9QB7p9PSKauA+Tg7itJnXNgAIIuk/T4eGhFUKiYcz5aG
vLFdIhAHGGfegmq4Xth6hkUO7aK1BmD/tNqIWllNM40vGBjWZgGMBWBvdx5fChnf
1BJqoriOzc2acY1jE4TMsKiyy66DPFuIu7cfEb889nJsxadJTkeVrCKnbSl74Y8h
d+jHC/espXR9aXTWkRAjZKpIuzVURrFaKQXx/zcK+UogNy2w4QuW7D7j8PP98MPZ
Bhu7di3iqYGej3j9fdbT5pxajF/iYweASk3giDPVlkoZP84pIlMaG4/oZ36jd1eR
VjUlK1Q9agy1c0i8LQQRWUwqgW/onHOhdz1pAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUKihJpaxPZxEHQnaTt634iFkvdk4wHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9LaWhKcGF4UFp4RUhRbmFU
dDYzNGlGa3ZkazQucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBAElLiGNfEu/nV/327F7OkA8EqqdCC/XVjqAe
Z5WRKJT1bd0IiLj6e755icn0pSo8dA42Bm5ExanJMVo5zgWMkbStDHg1WAH62ImE
oP360TwF9qWO3RQWrtegee3w4Wxiw48a+ofk9UvJkzKokfkLuBMicVM//g5RmFDY
St893NBjXczBXJLXQLUM7SSA/mQzDsppcQONYa/f9IeiyVoWQ7LFXdMmh9Q1yGbE
oJWIL1rm7JkZ/NB5ciC0qesU1iWYbhm/7eQRZuuf83aE2UL30LRtlex7MCto5chO
HvUGwnvHoOmso3aU5Dfk/EOcNkgWglQ1Nbwh+KtsSjfhNv8XZEk=
-----END CERTIFICATE-----
Generated at Sun Jun 22 03:58:48 2025 by rpki-client