Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/StsnyDvJiKgjRDCrkYKmH-75Rec.roa
File: StsnyDvJiKgjRDCrkYKmH-75Rec.roa (raw, json)
Hash identifier: JLXOKJCHx4lYA7AyIykufNc/uuFYY7DehmI0vyIeL+Y=
Subject key identifier: 4A:DB:27:C8:3B:C9:88:A8:23:44:30:AB:91:82:A6:1F:EE:F9:45:E7
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 1DA9
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/StsnyDvJiKgjRDCrkYKmH-75Rec.roa
Signing time: Sun 15 Jun 2025 15:10:00 +0000
ROA not before: Sun 15 Jun 2025 15:10:00 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7593 (0x1da9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 15 15:10:00 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=4ADB27C83BC988A8234430AB9182A61FEEF945E7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:87:17:ca:4a:df:dd:3d:48:dc:4d:c5:e5:30:
a8:97:0b:0d:0d:a1:9a:ba:b2:bc:da:a3:be:cd:c3:
27:3a:0d:2a:dd:46:bb:dd:28:63:f5:f8:f5:9a:68:
e6:61:4b:3c:12:40:81:11:55:cc:28:dd:80:c4:e1:
b9:c4:c1:a6:f6:60:56:1b:e3:f3:4e:b5:6b:86:ae:
83:92:6d:00:f1:8c:aa:bc:e9:d7:01:35:d3:51:4d:
b7:ac:51:25:ed:ea:ab:08:4c:6a:2d:67:48:e7:7a:
d6:e5:64:96:9e:0e:45:7e:cf:b4:53:40:34:77:59:
cb:cb:08:09:87:f6:d6:b9:ae:f1:74:4a:cd:df:0f:
0b:e7:03:e4:73:12:55:fd:5d:ec:73:ac:61:d7:44:
8a:0c:30:a2:c8:98:76:22:be:09:a0:9c:34:28:ba:
d2:56:a8:c7:d2:99:30:13:81:d7:9a:ba:7d:54:6b:
90:55:42:53:7e:f3:16:5d:10:88:ba:b0:a6:57:4c:
10:6a:8a:e9:76:8e:21:81:89:04:31:29:bb:04:82:
ae:c4:20:cf:f2:0d:d5:a7:c6:63:61:2c:2f:fd:ad:
a0:4b:56:9a:c0:e6:95:86:df:1a:5f:ab:e9:de:51:
e0:8b:44:c2:f0:24:34:61:f4:6f:c8:4a:e5:62:e1:
44:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:DB:27:C8:3B:C9:88:A8:23:44:30:AB:91:82:A6:1F:EE:F9:45:E7
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/StsnyDvJiKgjRDCrkYKmH-75Rec.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
a5:75:56:a3:73:95:82:9f:95:dd:5a:63:e4:cf:49:73:71:cb:
bf:d0:b5:53:b0:c5:a4:ec:fb:1d:dd:3d:bc:8b:04:78:59:2e:
79:e6:4e:4b:88:51:35:67:98:1b:ea:9a:56:31:cc:0c:fd:74:
3e:2a:a3:09:3a:3b:7f:65:90:6b:38:40:1e:7e:bb:71:61:79:
e1:77:0e:b0:66:9b:21:7c:9d:b6:11:40:9c:fb:6b:7a:66:79:
81:29:1e:48:39:ca:c1:6a:77:81:68:c4:e1:af:83:f7:ce:e1:
05:a4:5c:a0:e6:10:e9:6a:f4:83:96:e8:61:02:c8:1d:da:78:
6b:1e:d9:11:77:e6:6b:4d:9b:1b:99:fb:af:4f:c4:a0:80:65:
19:df:66:ce:81:cb:3b:df:34:94:6a:9b:10:24:73:36:ae:7f:
65:45:77:0f:e6:bf:86:11:77:90:88:14:d8:6b:b9:dd:65:d5:
55:45:71:28:ab:d2:3d:62:1c:a2:a1:7d:3e:c2:82:13:95:3f:
ea:4f:30:1d:3b:51:84:05:c2:a1:7f:88:93:63:21:20:26:92:
c9:59:4b:e4:3a:22:52:6a:ce:5a:0e:3e:5f:46:a9:55:84:42:
c3:94:3d:a2:38:ef:05:fc:46:d2:18:cb:81:d4:bb:44:1a:4b:
39:c1:11:f1
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICHakwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MTUx
NTEwMDBaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDRBREIyN0M4M0JDOTg4
QTgyMzQ0MzBBQjkxODJBNjFGRUVGOTQ1RTcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCrhxfKSt/dPUjcTcXlMKiXCw0NoZq6srzao77Nwyc6DSrdRrvd
KGP1+PWaaOZhSzwSQIERVcwo3YDE4bnEwab2YFYb4/NOtWuGroOSbQDxjKq86dcB
NdNRTbesUSXt6qsITGotZ0jnetblZJaeDkV+z7RTQDR3WcvLCAmH9ta5rvF0Ss3f
DwvnA+RzElX9XexzrGHXRIoMMKLImHYivgmgnDQoutJWqMfSmTATgdeaun1Ua5BV
QlN+8xZdEIi6sKZXTBBqiul2jiGBiQQxKbsEgq7EIM/yDdWnxmNhLC/9raBLVprA
5pWG3xpfq+neUeCLRMLwJDRh9G/ISuVi4URjAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUStsnyDvJiKgjRDCrkYKmH+75RecwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9TdHNueUR2SmlLZ2pSRENy
a1lLbUgtNzVSZWMucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBAKV1VqNzlYKfld1aY+TPSXNxy7/QtVOwxaTs
+x3dPbyLBHhZLnnmTkuIUTVnmBvqmlYxzAz9dD4qowk6O39lkGs4QB5+u3FheeF3
DrBmmyF8nbYRQJz7a3pmeYEpHkg5ysFqd4FoxOGvg/fO4QWkXKDmEOlq9IOW6GEC
yB3aeGse2RF35mtNmxuZ+69PxKCAZRnfZs6ByzvfNJRqmxAkczauf2VFdw/mv4YR
d5CIFNhrud1l1VVFcSir0j1iHKKhfT7CghOVP+pPMB07UYQFwqF/iJNjISAmkslZ
S+Q6IlJqzloOPl9GqVWEQsOUPaI47wX8RtIYy4HUu0QaSznBEfE=
-----END CERTIFICATE-----
Generated at Sat Jun 21 00:56:03 2025 by rpki-client