Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/QMx9qWo3nxyg1j3m8zTSenYyVy8.roa
File: QMx9qWo3nxyg1j3m8zTSenYyVy8.roa (raw, json)
Hash identifier: 2S7HXBU8oGriOpWFLIFHLwTrtdZm44lczjRtWoDV+2Q=
Subject key identifier: 40:CC:7D:A9:6A:37:9F:1C:A0:D6:3D:E6:F3:34:D2:7A:76:32:57:2F
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 17C1
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/QMx9qWo3nxyg1j3m8zTSenYyVy8.roa
Signing time: Sat 07 Jun 2025 18:09:32 +0000
ROA not before: Sat 07 Jun 2025 18:09:32 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6081 (0x17c1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 7 18:09:32 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=40CC7DA96A379F1CA0D63DE6F334D27A7632572F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:12:14:09:7c:90:98:ac:bc:9b:44:3d:62:9c:
b2:5d:dd:27:07:5f:46:ff:88:f4:c5:b2:84:80:65:
21:dc:66:b5:28:fa:5a:b4:7c:22:67:82:20:3c:4b:
63:fb:2e:fa:24:fc:87:3a:26:29:49:7a:f7:9b:ba:
db:66:d9:0c:c2:f8:96:59:16:18:d6:9c:d6:f7:12:
65:84:cb:25:db:9c:79:b4:cc:8f:8d:9f:85:48:a7:
bf:94:7a:12:9a:b1:c2:4b:9b:49:2d:05:3d:cf:44:
af:67:05:fe:12:e4:08:a9:26:ca:a4:34:0f:94:c6:
33:be:62:5c:cb:da:7c:1c:00:0e:bc:ae:ed:30:79:
d0:86:75:be:cc:8c:5e:05:09:6a:43:d3:66:f4:78:
b8:0b:02:3e:58:70:38:10:48:d3:5c:6f:0e:88:57:
9e:dd:8d:67:b6:bb:e9:06:d3:de:d8:00:25:59:f3:
18:9d:56:c3:3a:69:06:c6:18:a0:f1:4f:e4:04:46:
ce:44:31:27:75:51:1d:97:cd:61:e9:c3:01:1b:c5:
1c:85:7f:fd:61:9b:b8:c0:1d:83:ba:b9:ed:78:a2:
c5:88:29:c1:21:1b:03:16:6a:6c:9f:a2:55:eb:69:
ec:99:bd:9f:29:03:41:b7:a7:02:d4:f0:7d:1d:12:
1f:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:CC:7D:A9:6A:37:9F:1C:A0:D6:3D:E6:F3:34:D2:7A:76:32:57:2F
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/QMx9qWo3nxyg1j3m8zTSenYyVy8.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
6e:ff:5b:10:6a:68:ad:25:9b:79:bc:02:26:0b:ce:af:01:18:
7f:a9:7e:39:7a:18:42:43:d7:e4:11:80:39:2b:d7:e0:88:dd:
05:91:af:f0:d5:33:fa:57:47:3d:53:ef:e8:bb:cf:c9:0f:5a:
a0:ef:50:c7:55:53:95:7a:cd:41:91:94:04:4a:5d:25:f7:5a:
e7:d9:2a:d6:c7:ad:c8:a3:ad:9e:2d:ef:bd:7e:c2:54:8c:2e:
06:74:b6:b9:35:54:fc:f9:15:e8:33:d2:2d:de:dd:38:67:82:
6c:21:68:04:60:c0:d7:e1:12:bf:78:67:a7:db:04:9a:99:87:
fd:45:33:fe:15:5b:b9:86:9a:be:26:31:b9:e8:4a:c4:00:b8:
1d:31:b2:70:6e:35:f3:fb:cc:40:a6:d1:66:ed:24:dc:fa:c0:
9e:93:f0:0c:55:91:e1:a8:e0:b9:5d:6e:89:a0:35:bf:cb:bb:
93:ad:b0:dd:f4:03:14:4b:5a:88:41:17:2c:7f:a2:3a:7a:4e:
20:f0:01:37:a6:a3:e1:5e:7f:65:d0:7c:cf:67:79:3b:5d:9f:
12:dd:d1:0c:c0:89:5d:7f:43:fe:44:de:79:24:5e:7d:7e:3d:
34:ff:6a:b3:83:4d:72:d5:96:8e:03:20:83:bd:f6:08:03:64:
1e:ea:f8:4f
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICF8EwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MDcx
ODA5MzJaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDQwQ0M3REE5NkEzNzlG
MUNBMEQ2M0RFNkYzMzREMjdBNzYzMjU3MkYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCaEhQJfJCYrLybRD1inLJd3ScHX0b/iPTFsoSAZSHcZrUo+lq0
fCJngiA8S2P7Lvok/Ic6JilJevebuttm2QzC+JZZFhjWnNb3EmWEyyXbnHm0zI+N
n4VIp7+UehKascJLm0ktBT3PRK9nBf4S5AipJsqkNA+UxjO+YlzL2nwcAA68ru0w
edCGdb7MjF4FCWpD02b0eLgLAj5YcDgQSNNcbw6IV57djWe2u+kG097YACVZ8xid
VsM6aQbGGKDxT+QERs5EMSd1UR2XzWHpwwEbxRyFf/1hm7jAHYO6ue14osWIKcEh
GwMWamyfolXraeyZvZ8pA0G3pwLU8H0dEh+jAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUQMx9qWo3nxyg1j3m8zTSenYyVy8wHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9RTXg5cVdvM254eWcxajNt
OHpUU2VuWXlWeTgucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBAG7/WxBqaK0lm3m8AiYLzq8BGH+pfjl6GEJD
1+QRgDkr1+CI3QWRr/DVM/pXRz1T7+i7z8kPWqDvUMdVU5V6zUGRlARKXSX3WufZ
KtbHrcijrZ4t771+wlSMLgZ0trk1VPz5Fegz0i3e3ThngmwhaARgwNfhEr94Z6fb
BJqZh/1FM/4VW7mGmr4mMbnoSsQAuB0xsnBuNfP7zECm0WbtJNz6wJ6T8AxVkeGo
4LldbomgNb/Lu5OtsN30AxRLWohBFyx/ojp6TiDwATemo+Fef2XQfM9neTtdnxLd
0QzAiV1/Q/5E3nkkXn1+PTT/arODTXLVlo4DIIO99ggDZB7q+E8=
-----END CERTIFICATE-----
Generated at Sun Jun 22 08:22:00 2025 by rpki-client