Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/T4Pkosrb9tDZPgQmam58nBe-r28.roa
File: T4Pkosrb9tDZPgQmam58nBe-r28.roa (raw, json)
Hash identifier: FCtlX1suYCd5QhnmhNbeopyB+QG735roSsC/FOCE5ws=
Subject key identifier: 4F:83:E4:A2:CA:DB:F6:D0:D9:3E:04:26:6A:6E:7C:9C:17:BE:AF:6F
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 1645
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/T4Pkosrb9tDZPgQmam58nBe-r28.roa
Signing time: Thu 05 Jun 2025 18:39:34 +0000
ROA not before: Thu 05 Jun 2025 18:39:34 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5701 (0x1645)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 5 18:39:34 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=4F83E4A2CADBF6D0D93E04266A6E7C9C17BEAF6F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:ba:b4:89:8f:68:c6:34:f7:5c:d1:d3:82:86:
c2:0f:f5:5e:15:d4:bc:20:63:5b:56:ea:a9:a3:ff:
5f:cd:f3:6d:93:53:aa:fd:0b:dc:77:36:2b:f5:19:
18:ee:45:98:52:81:06:7f:ab:73:82:bf:7e:6b:1b:
36:c7:4f:93:e9:aa:83:95:e0:12:d9:ae:ad:c9:54:
b0:85:58:74:4f:81:bd:b0:c8:f9:82:60:05:ce:b3:
51:6b:67:3c:b3:c8:a3:0e:cf:4f:15:35:d2:f2:53:
74:7e:3d:8a:1e:aa:06:8a:2a:b7:98:dc:64:b6:c7:
18:b8:a2:8b:61:33:13:5c:f6:77:c1:46:2a:4a:09:
68:69:77:3f:dc:c1:d7:dc:4f:d6:67:2e:a1:36:73:
a8:97:38:dd:1b:34:73:67:fc:86:fb:51:bf:7a:1e:
ae:37:54:b6:b3:9d:00:19:dd:21:2d:86:01:51:71:
d1:fc:16:e2:a0:14:eb:11:b4:09:d5:4f:9d:a8:c1:
f2:c3:15:04:03:a6:7b:8f:17:f7:0d:a1:a2:52:36:
7a:c3:59:2a:2b:c4:9c:53:e8:f1:9d:6d:f8:16:72:
6d:b1:71:a6:65:90:f3:da:44:6f:f0:13:1d:1f:35:
e7:ec:69:44:bb:95:d3:cd:d7:24:6c:c7:b5:39:09:
3d:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:83:E4:A2:CA:DB:F6:D0:D9:3E:04:26:6A:6E:7C:9C:17:BE:AF:6F
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/T4Pkosrb9tDZPgQmam58nBe-r28.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
a5:ef:ea:de:d2:21:69:e7:bc:64:59:9b:f1:11:dc:09:a7:28:
58:59:bc:88:2c:41:83:47:2c:32:ed:e9:0c:7f:ba:b7:e7:7e:
33:8f:a2:5d:6d:3c:2d:ec:aa:af:da:e7:78:8d:a3:60:2c:6e:
97:37:cb:82:59:f8:8c:a8:55:91:fe:b6:5f:6c:af:38:83:94:
ce:aa:3a:82:ff:a2:17:09:6f:53:67:18:e7:63:7a:e3:1a:4e:
72:c9:02:be:33:82:e3:91:e3:0e:2a:e3:0a:b5:96:9c:eb:68:
d4:66:f0:00:7b:f6:f1:70:c7:9b:4e:06:69:81:bf:8c:c2:f5:
94:6a:29:5a:31:e7:27:11:82:2b:79:d6:7d:be:19:23:b1:e9:
8f:8e:af:dd:8a:86:6a:09:3e:2d:e4:cc:ba:81:bc:43:c3:07:
68:22:2b:e9:1c:46:66:02:64:de:2a:4c:ba:3f:72:b9:d5:ca:
f8:b0:92:81:ce:3f:8f:f9:20:79:34:44:38:10:ee:27:ff:2d:
4f:96:58:43:0a:11:b9:6e:78:10:5c:4d:91:8d:01:de:0c:ba:
24:ca:9b:aa:ef:62:3e:84:40:10:7b:d9:0c:05:2d:62:45:f4:
09:24:b5:b0:89:04:21:8e:91:11:cf:48:ee:5b:f2:7a:76:3f:
37:49:18:9f
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICFkUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MDUx
ODM5MzRaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDRGODNFNEEyQ0FEQkY2
RDBEOTNFMDQyNjZBNkU3QzlDMTdCRUFGNkYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDRurSJj2jGNPdc0dOChsIP9V4V1LwgY1tW6qmj/1/N822TU6r9
C9x3Niv1GRjuRZhSgQZ/q3OCv35rGzbHT5PpqoOV4BLZrq3JVLCFWHRPgb2wyPmC
YAXOs1FrZzyzyKMOz08VNdLyU3R+PYoeqgaKKreY3GS2xxi4oothMxNc9nfBRipK
CWhpdz/cwdfcT9ZnLqE2c6iXON0bNHNn/Ib7Ub96Hq43VLaznQAZ3SEthgFRcdH8
FuKgFOsRtAnVT52owfLDFQQDpnuPF/cNoaJSNnrDWSorxJxT6PGdbfgWcm2xcaZl
kPPaRG/wEx0fNefsaUS7ldPN1yRsx7U5CT2hAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUT4Pkosrb9tDZPgQmam58nBe+r28wHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9UNFBrb3NyYjl0RFpQZ1Ft
YW01OG5CZS1yMjgucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBAKXv6t7SIWnnvGRZm/ER3AmnKFhZvIgsQYNH
LDLt6Qx/urfnfjOPol1tPC3sqq/a53iNo2Asbpc3y4JZ+IyoVZH+tl9srziDlM6q
OoL/ohcJb1NnGOdjeuMaTnLJAr4zguOR4w4q4wq1lpzraNRm8AB79vFwx5tOBmmB
v4zC9ZRqKVox5ycRgit51n2+GSOx6Y+Or92KhmoJPi3kzLqBvEPDB2giK+kcRmYC
ZN4qTLo/crnVyviwkoHOP4/5IHk0RDgQ7if/LU+WWEMKEblueBBcTZGNAd4MuiTK
m6rvYj6EQBB72QwFLWJF9AkktbCJBCGOkRHPSO5b8np2PzdJGJ8=
-----END CERTIFICATE-----
Generated at Sat Jun 21 21:41:17 2025 by rpki-client