Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/PXBrsn45ltF1DllKfqatTlDNsYI.roa
File: PXBrsn45ltF1DllKfqatTlDNsYI.roa (raw, json)
Hash identifier: s70pVxU5BY1pgnY4d60RfMrEUsMWLTN0RwM5ii454B8=
Subject key identifier: 3D:70:6B:B2:7E:39:96:D1:75:0E:59:4A:7E:A6:AD:4E:50:CD:B1:82
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 1621
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/PXBrsn45ltF1DllKfqatTlDNsYI.roa
Signing time: Thu 05 Jun 2025 14:09:26 +0000
ROA not before: Thu 05 Jun 2025 14:09:26 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5665 (0x1621)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 5 14:09:26 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=3D706BB27E3996D1750E594A7EA6AD4E50CDB182
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:17:04:dc:e2:c7:83:69:03:79:3f:15:a5:d1:
8f:81:4b:e7:aa:32:c2:ef:04:48:26:ce:d8:cd:2e:
4b:7e:e7:90:8b:34:06:b2:a9:ce:02:e2:a1:28:37:
fe:94:d3:3a:2c:af:0d:e6:f9:a2:32:a9:31:91:5b:
37:00:4a:0d:15:3d:30:d5:ef:b2:5e:aa:09:3a:a4:
4d:3c:0f:7a:05:d1:f7:6b:bd:13:bb:e4:c2:9d:20:
82:c3:a4:1f:7f:7a:9f:b6:8e:dd:4c:9f:a2:21:e0:
d0:d7:a3:0e:08:2b:2d:be:51:df:4e:3d:2a:d6:9c:
1e:a5:cc:97:4a:ba:d2:95:c5:55:59:8e:9d:71:75:
94:a3:71:e0:5b:d2:6b:02:46:8b:97:8f:03:f3:5b:
52:33:47:75:6d:46:d3:c3:9e:cc:bf:47:3f:ee:f1:
d5:56:bb:98:d1:d2:03:1a:99:da:7b:2b:50:cd:27:
1b:82:c2:d2:35:fd:f5:6f:c0:31:bb:3e:16:47:1b:
57:7f:21:1b:9a:1b:41:4f:42:56:47:cf:87:bf:db:
ae:17:48:40:77:1c:3c:1f:2b:ec:ee:bd:08:e1:96:
9c:6d:bf:94:04:0a:5c:d0:e6:c9:cd:74:d9:bf:68:
41:e5:84:5a:4c:38:65:96:f3:c5:c7:f2:39:94:42:
03:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:70:6B:B2:7E:39:96:D1:75:0E:59:4A:7E:A6:AD:4E:50:CD:B1:82
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/PXBrsn45ltF1DllKfqatTlDNsYI.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
7b:c2:24:dd:68:f9:fc:4e:eb:f4:3e:25:dc:f6:31:22:04:91:
2b:5e:76:0f:c2:33:a1:1c:94:e9:ae:24:1d:1d:46:41:28:8e:
90:4f:af:e2:8b:e5:5e:03:ff:a0:4c:89:66:01:0d:d5:b1:94:
87:a6:65:3c:ae:98:80:79:c6:4f:0a:57:5c:e1:18:bd:91:58:
21:ea:ff:11:67:64:20:06:af:94:77:c7:37:60:34:7f:56:7c:
1a:17:9a:0c:3d:6c:3b:4e:44:05:64:bd:35:78:6c:7c:7d:c9:
af:de:7b:9c:5c:47:ed:1e:17:bf:3e:ec:24:7e:e6:82:25:bd:
f3:a1:0c:e5:8a:e0:1b:99:c4:e2:f9:cd:1b:1d:e8:80:04:af:
5a:41:79:3e:b6:77:33:8a:ab:16:7f:73:c4:0f:e6:e8:3f:fa:
5f:ce:12:3f:b3:be:31:54:5d:69:5c:a6:cc:3e:a5:a4:42:ef:
20:3f:13:f9:8b:87:b1:2c:bc:db:f7:c3:53:6e:ff:9a:62:e1:
53:d8:7a:09:ac:68:fe:19:2c:d9:77:b4:05:34:4d:2c:e7:60:
de:df:4c:4d:e1:08:18:7a:16:2d:18:90:8c:9e:48:00:e8:a5:
b2:55:9d:a3:e5:f8:7f:34:2b:f0:55:0e:45:76:56:ae:ab:e3:
5a:f7:b4:1e
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICFiEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MDUx
NDA5MjZaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDNENzA2QkIyN0UzOTk2
RDE3NTBFNTk0QTdFQTZBRDRFNTBDREIxODIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDDFwTc4seDaQN5PxWl0Y+BS+eqMsLvBEgmztjNLkt+55CLNAay
qc4C4qEoN/6U0zosrw3m+aIyqTGRWzcASg0VPTDV77Jeqgk6pE08D3oF0fdrvRO7
5MKdIILDpB9/ep+2jt1Mn6Ih4NDXow4IKy2+Ud9OPSrWnB6lzJdKutKVxVVZjp1x
dZSjceBb0msCRouXjwPzW1IzR3VtRtPDnsy/Rz/u8dVWu5jR0gMamdp7K1DNJxuC
wtI1/fVvwDG7PhZHG1d/IRuaG0FPQlZHz4e/264XSEB3HDwfK+zuvQjhlpxtv5QE
ClzQ5snNdNm/aEHlhFpMOGWW88XH8jmUQgOlAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUPXBrsn45ltF1DllKfqatTlDNsYIwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9QWEJyc240NWx0RjFEbGxL
ZnFhdFRsRE5zWUkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBAHvCJN1o+fxO6/Q+Jdz2MSIEkStedg/CM6Ec
lOmuJB0dRkEojpBPr+KL5V4D/6BMiWYBDdWxlIemZTyumIB5xk8KV1zhGL2RWCHq
/xFnZCAGr5R3xzdgNH9WfBoXmgw9bDtORAVkvTV4bHx9ya/ee5xcR+0eF78+7CR+
5oIlvfOhDOWK4BuZxOL5zRsd6IAEr1pBeT62dzOKqxZ/c8QP5ug/+l/OEj+zvjFU
XWlcpsw+paRC7yA/E/mLh7EsvNv3w1Nu/5pi4VPYegmsaP4ZLNl3tAU0TSznYN7f
TE3hCBh6Fi0YkIyeSADopbJVnaPl+H80K/BVDkV2Vq6r41r3tB4=
-----END CERTIFICATE-----
Generated at Sun Jun 22 13:49:03 2025 by rpki-client