Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/KqRoMczM_K7QeRRF2LeZutmxhDM.roa
File: KqRoMczM_K7QeRRF2LeZutmxhDM.roa (raw, json)
Hash identifier: 8BoHP5yyHg/lizG5fNosHytCk+Hj7IbgbCPdaxX9fRM=
Subject key identifier: 2A:A4:68:31:CC:CC:FC:AE:D0:79:14:45:D8:B7:99:BA:D9:B1:84:33
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0ECD
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/KqRoMczM_K7QeRRF2LeZutmxhDM.roa
Signing time: Mon 26 May 2025 19:38:43 +0000
ROA not before: Mon 26 May 2025 19:38:43 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3789 (0xecd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 26 19:38:43 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=2AA46831CCCCFCAED0791445D8B799BAD9B18433
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:5b:f7:ea:ba:2d:fc:4a:7e:6f:2d:32:e0:6e:
a2:13:4a:2a:4e:43:eb:cb:1a:a3:66:77:c1:5f:fc:
b5:a1:44:44:d3:fb:4c:3f:59:9c:d9:44:7c:8a:e3:
af:48:4f:59:de:b2:b6:bf:c2:16:e3:9d:6c:1e:e2:
62:34:cc:30:51:77:ff:86:07:e5:52:5d:67:91:b5:
2e:26:11:f1:a1:cc:12:a1:d2:4e:c1:d7:11:7d:c2:
79:2d:1d:4e:11:e2:05:7f:a0:d1:b1:44:24:95:b6:
71:43:83:00:5a:49:5f:e7:a7:1d:c8:93:39:92:a4:
95:54:59:01:1e:ac:d8:ea:9d:c4:c6:0a:53:ea:f4:
bd:09:f2:a9:50:51:2c:89:e4:03:a2:4d:fb:5c:9a:
fb:3d:fd:09:fc:c0:9c:7e:e2:00:e9:e4:84:ba:a6:
ee:48:cd:5a:ca:28:ae:05:f3:db:af:8c:bb:85:59:
37:ae:72:df:02:43:ec:30:32:a2:99:a3:3b:60:3e:
89:37:7b:4c:b8:f7:6b:f8:d8:88:4a:9c:f2:bf:fa:
3a:07:c6:49:89:b7:44:cf:a5:b0:aa:d5:10:aa:6e:
f8:cd:5a:8d:f5:ac:8d:21:9b:d9:de:d3:89:68:c8:
9a:a1:3d:17:4a:10:3b:be:72:2d:29:49:98:1a:9f:
f5:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:A4:68:31:CC:CC:FC:AE:D0:79:14:45:D8:B7:99:BA:D9:B1:84:33
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/KqRoMczM_K7QeRRF2LeZutmxhDM.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
1c:13:7a:81:2d:30:06:93:51:66:9b:52:9f:e6:4f:6c:aa:6e:
a7:98:81:b8:1e:51:56:b4:eb:1d:57:81:0d:8e:46:42:f2:14:
4c:ad:7c:c3:b1:5b:dd:0a:53:e7:00:df:5b:61:77:e3:3e:30:
49:8b:fd:56:d4:a4:9e:8d:30:34:61:b4:2d:86:f4:12:12:cd:
67:2d:42:2f:68:e0:db:b1:bf:91:3a:e4:0f:24:21:ba:24:a1:
e1:04:a5:a4:72:1f:54:70:9b:de:79:a0:49:53:a4:a7:d9:ee:
0a:be:a2:f3:b0:77:52:6f:e5:f4:bd:30:07:42:45:aa:e7:61:
78:08:05:f9:cf:89:b3:47:17:6e:d2:ce:74:dd:d2:7d:79:91:
65:68:1f:1f:eb:e9:77:dd:04:e7:00:0d:2e:e3:03:c0:6c:d7:
ab:7d:50:04:75:16:5b:78:1e:05:af:56:89:a9:1d:ba:e5:8a:
8b:3e:83:7c:a9:3b:72:9e:2c:b8:ee:c2:26:9d:19:63:7f:25:
99:6f:1b:0d:c6:24:02:f0:6a:65:06:2e:c1:af:02:b1:b2:89:
05:9d:de:72:06:10:ad:46:ac:44:67:98:bc:f2:18:82:4d:da:
08:c2:1f:6b:a7:46:0f:a5:67:69:ad:ab:00:cf:eb:84:43:9f:
a6:d3:21:b0
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICDs0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MjYx
OTM4NDNaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDJBQTQ2ODMxQ0NDQ0ZD
QUVEMDc5MTQ0NUQ4Qjc5OUJBRDlCMTg0MzMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDUW/fqui38Sn5vLTLgbqITSipOQ+vLGqNmd8Ff/LWhRETT+0w/
WZzZRHyK469IT1nesra/whbjnWwe4mI0zDBRd/+GB+VSXWeRtS4mEfGhzBKh0k7B
1xF9wnktHU4R4gV/oNGxRCSVtnFDgwBaSV/npx3IkzmSpJVUWQEerNjqncTGClPq
9L0J8qlQUSyJ5AOiTftcmvs9/Qn8wJx+4gDp5IS6pu5IzVrKKK4F89uvjLuFWTeu
ct8CQ+wwMqKZoztgPok3e0y492v42IhKnPK/+joHxkmJt0TPpbCq1RCqbvjNWo31
rI0hm9ne04loyJqhPRdKEDu+ci0pSZgan/WpAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUKqRoMczM/K7QeRRF2LeZutmxhDMwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9LcVJvTWN6TV9LN1FlUlJG
MkxlWnV0bXhoRE0ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBABwTeoEtMAaTUWabUp/mT2yqbqeYgbgeUVa0
6x1XgQ2ORkLyFEytfMOxW90KU+cA31thd+M+MEmL/VbUpJ6NMDRhtC2G9BISzWct
Qi9o4Nuxv5E65A8kIbokoeEEpaRyH1Rwm955oElTpKfZ7gq+ovOwd1Jv5fS9MAdC
RarnYXgIBfnPibNHF27SznTd0n15kWVoHx/r6XfdBOcADS7jA8Bs16t9UAR1Flt4
HgWvVompHbrlios+g3ypO3KeLLjuwiadGWN/JZlvGw3GJALwamUGLsGvArGyiQWd
3nIGEK1GrERnmLzyGIJN2gjCH2unRg+lZ2mtqwDP64RDn6bTIbA=
-----END CERTIFICATE-----
Generated at Sun Jun 22 01:10:29 2025 by rpki-client