Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/RR-TcYM9L3eEnBqADLI-fjc6msE.roa
File: RR-TcYM9L3eEnBqADLI-fjc6msE.roa (raw, json)
Hash identifier: 1Qj8lr31TPWjKHZU28t9XsQy0UESh2SJ2GuL1U9YZvQ=
Subject key identifier: 45:1F:93:71:83:3D:2F:77:84:9C:1A:80:0C:B2:3E:7E:37:3A:9A:C1
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 14C9
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/RR-TcYM9L3eEnBqADLI-fjc6msE.roa
Signing time: Tue 03 Jun 2025 19:09:16 +0000
ROA not before: Tue 03 Jun 2025 19:09:16 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5321 (0x14c9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 3 19:09:16 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=451F9371833D2F77849C1A800CB23E7E373A9AC1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:ce:64:c2:47:40:60:35:de:ab:37:ec:51:2c:
85:df:4e:cf:78:58:ac:d9:d9:8f:e9:9c:c8:d0:df:
e3:67:dd:b7:44:3d:20:d0:d8:2e:5e:ca:3d:29:51:
42:e9:d1:6b:69:b2:ac:d0:78:a4:c5:46:62:67:77:
ce:fb:7e:f0:0d:31:55:fa:10:3e:0c:b4:7e:c3:24:
aa:e9:d6:c0:25:a5:08:92:b9:6a:d4:ca:dc:33:54:
fb:f1:01:ee:ec:73:f5:00:ba:ab:a3:54:73:e4:e6:
2d:56:57:7a:0c:b2:19:55:bc:bd:77:14:8b:a6:cc:
db:5a:bb:75:91:db:cc:5c:f6:ad:39:a8:7b:2f:88:
89:e5:2f:be:84:a6:42:51:07:22:c8:d8:e2:6f:53:
45:4a:70:5e:c8:84:f2:45:40:68:8b:22:2e:3e:82:
73:76:2d:ef:60:9e:06:b7:95:b0:81:b7:eb:5f:00:
ca:d8:4b:71:cd:03:e4:19:47:16:54:c5:6e:b8:67:
27:4c:4e:85:6f:25:97:12:07:b4:b9:ad:a6:51:92:
61:7f:d4:f4:08:78:96:7a:97:91:c3:3f:ee:67:c9:
8c:35:4b:a5:07:35:1d:ea:a6:c1:07:e9:0b:5a:a7:
77:3e:32:63:d6:2f:03:6b:f1:2f:c6:df:1f:92:28:
a8:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:1F:93:71:83:3D:2F:77:84:9C:1A:80:0C:B2:3E:7E:37:3A:9A:C1
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/RR-TcYM9L3eEnBqADLI-fjc6msE.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
45:a5:6f:6f:86:40:fb:9d:72:d9:28:a9:76:f1:f4:f8:e9:a2:
44:78:b0:29:29:87:b8:ce:1a:a2:e8:9b:69:4b:17:3f:a6:b0:
61:20:43:e3:20:19:a8:29:18:50:08:5a:42:96:36:b5:6e:36:
e9:9c:71:c9:80:0c:2e:a9:a7:6f:a7:00:2c:b4:d4:21:3f:d3:
7a:ab:66:f9:16:48:2e:5d:41:ff:3f:49:d0:cc:cd:38:b9:13:
e8:35:2d:e7:40:ed:d9:b2:66:e3:33:27:0d:74:30:64:82:81:
89:05:ec:89:51:ea:0b:92:5b:07:3b:08:8d:4d:71:74:7b:32:
87:f7:ba:d4:7c:2b:27:db:34:a8:b3:20:01:6b:55:2d:20:d6:
4c:0f:9d:ff:f8:40:88:41:85:cc:0b:df:a5:e2:26:2d:e8:3d:
66:05:a6:ba:03:23:a9:7f:79:05:45:2c:eb:0e:bf:52:d6:18:
cb:af:fb:39:2f:1e:94:fb:f1:21:07:7a:7d:2f:c9:d4:ea:7c:
95:0a:90:8d:d3:05:e6:a1:07:1d:e0:67:55:87:45:d1:70:3c:
51:8b:fa:d4:5e:99:f7:8d:26:96:61:d5:ed:30:e5:54:59:f4:
29:b4:24:a2:d9:dd:65:5d:12:e8:db:b0:f4:ed:72:80:62:29:
12:d1:21:b6
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICFMkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MDMx
OTA5MTZaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDQ1MUY5MzcxODMzRDJG
Nzc4NDlDMUE4MDBDQjIzRTdFMzczQTlBQzEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQClzmTCR0BgNd6rN+xRLIXfTs94WKzZ2Y/pnMjQ3+Nn3bdEPSDQ
2C5eyj0pUULp0WtpsqzQeKTFRmJnd877fvANMVX6ED4MtH7DJKrp1sAlpQiSuWrU
ytwzVPvxAe7sc/UAuqujVHPk5i1WV3oMshlVvL13FIumzNtau3WR28xc9q05qHsv
iInlL76EpkJRByLI2OJvU0VKcF7IhPJFQGiLIi4+gnN2Le9gnga3lbCBt+tfAMrY
S3HNA+QZRxZUxW64ZydMToVvJZcSB7S5raZRkmF/1PQIeJZ6l5HDP+5nyYw1S6UH
NR3qpsEH6Qtap3c+MmPWLwNr8S/G3x+SKKjpAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQURR+TcYM9L3eEnBqADLI+fjc6msEwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9SUi1UY1lNOUwzZUVuQnFB
RExJLWZqYzZtc0Uucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBAEWlb2+GQPudctkoqXbx9PjpokR4sCkph7jO
GqLom2lLFz+msGEgQ+MgGagpGFAIWkKWNrVuNumcccmADC6pp2+nACy01CE/03qr
ZvkWSC5dQf8/SdDMzTi5E+g1LedA7dmyZuMzJw10MGSCgYkF7IlR6guSWwc7CI1N
cXR7Mof3utR8KyfbNKizIAFrVS0g1kwPnf/4QIhBhcwL36XiJi3oPWYFproDI6l/
eQVFLOsOv1LWGMuv+zkvHpT78SEHen0vydTqfJUKkI3TBeahBx3gZ1WHRdFwPFGL
+tRemfeNJpZh1e0w5VRZ9Cm0JKLZ3WVdEujbsPTtcoBiKRLRIbY=
-----END CERTIFICATE-----
Generated at Sat Jun 21 18:32:49 2025 by rpki-client