Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/TxpoUQMIGpcnuzc2hSKquFMdvaE.roa
File: TxpoUQMIGpcnuzc2hSKquFMdvaE.roa (raw, json)
Hash identifier: 0ipTeMMW2eGrvKkoXir3vu4GiQvymvhBL8voqXbxS30=
Subject key identifier: 4F:1A:68:51:03:08:1A:97:27:BB:37:36:85:22:AA:B8:53:1D:BD:A1
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 1B1D
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/TxpoUQMIGpcnuzc2hSKquFMdvaE.roa
Signing time: Thu 12 Jun 2025 05:40:00 +0000
ROA not before: Thu 12 Jun 2025 05:40:00 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6941 (0x1b1d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 12 05:40:00 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=4F1A685103081A9727BB37368522AAB8531DBDA1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:30:95:af:9d:b2:c0:d6:ee:f1:a6:f8:ca:19:
53:77:0e:df:1f:70:83:2b:8d:bc:ab:e1:2b:e3:80:
cd:73:0c:6a:79:3d:65:8c:1a:3a:88:f6:c9:a8:6c:
5f:df:d1:7a:4b:63:ce:4f:86:2e:71:83:18:12:17:
db:8c:f7:c2:2f:e0:0c:72:7f:61:bd:0d:a7:3c:b3:
d5:40:13:0e:5a:b5:e8:81:b3:9b:f9:62:54:62:22:
ee:ac:2b:f7:2c:d0:50:c4:1b:e2:00:93:99:06:d7:
fb:60:53:1b:a8:92:57:97:ea:df:de:f6:1c:b0:c7:
88:82:45:11:5a:65:67:d9:0f:4e:20:77:78:be:8e:
b8:76:40:2a:a0:2e:37:c1:a5:bf:e0:71:57:5e:17:
c7:ca:31:bc:4d:5b:73:1a:30:7f:24:17:ec:3f:fc:
a9:9e:01:16:8a:6c:36:38:1e:74:bb:5a:92:a4:15:
7a:f4:2f:aa:8c:d9:07:74:c5:39:42:8f:96:72:de:
52:8d:2f:ae:93:1e:20:17:c2:f8:ec:ea:bd:50:d0:
1c:a6:eb:a2:80:70:c8:1a:c8:f9:d1:b7:a6:3a:83:
3d:cb:da:36:5d:12:ee:57:d9:6c:d3:7c:54:01:f0:
75:b6:bd:65:df:42:d8:94:14:38:ab:1a:2c:5e:e5:
ea:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:1A:68:51:03:08:1A:97:27:BB:37:36:85:22:AA:B8:53:1D:BD:A1
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/TxpoUQMIGpcnuzc2hSKquFMdvaE.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
90:f8:4e:1f:48:58:cb:62:a0:91:c3:7f:3d:a9:da:2f:0e:4b:
87:cc:01:02:fb:79:d8:76:61:1f:53:ae:07:7c:47:6f:89:79:
dc:1e:76:d7:d2:95:a7:04:fa:14:50:d9:3b:16:50:45:32:f2:
9b:d4:0e:c2:52:42:44:10:04:18:2b:08:25:22:58:75:01:ff:
a8:0b:8d:fe:c3:58:46:8d:7b:e8:d2:9f:a8:72:b0:45:cc:b8:
bc:22:05:7c:85:a0:52:87:2e:1e:ac:6f:ff:83:76:5a:df:ce:
fa:5c:1e:ca:db:51:71:c9:e8:d1:99:c3:86:b3:5f:5a:e6:34:
27:28:9c:4c:aa:9b:76:8b:31:7c:5d:34:07:db:ac:ad:fb:e0:
0f:1b:b8:78:61:5f:00:05:24:01:c8:e3:81:5f:cb:d9:f8:02:
a6:c9:36:4e:e5:af:c6:bc:4f:53:54:6e:85:69:d4:43:6c:af:
f3:23:c2:d8:7e:03:06:c9:37:f9:4d:14:fb:f2:2b:e2:1c:69:
dc:3d:ec:4d:b1:39:ab:14:b1:9e:5d:69:98:5c:f6:36:c0:40:
9e:24:44:a1:1e:0b:2e:93:2d:4e:3f:68:fd:f8:09:40:59:2c:
ca:1f:ac:7c:02:40:d0:af:7e:e4:8f:12:6c:27:4b:b7:1c:2e:
d9:ee:91:c5
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICGx0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MTIw
NTQwMDBaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDRGMUE2ODUxMDMwODFB
OTcyN0JCMzczNjg1MjJBQUI4NTMxREJEQTEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDCMJWvnbLA1u7xpvjKGVN3Dt8fcIMrjbyr4SvjgM1zDGp5PWWM
GjqI9smobF/f0XpLY85Phi5xgxgSF9uM98Iv4Axyf2G9Dac8s9VAEw5ateiBs5v5
YlRiIu6sK/cs0FDEG+IAk5kG1/tgUxuokleX6t/e9hywx4iCRRFaZWfZD04gd3i+
jrh2QCqgLjfBpb/gcVdeF8fKMbxNW3MaMH8kF+w//KmeARaKbDY4HnS7WpKkFXr0
L6qM2Qd0xTlCj5Zy3lKNL66THiAXwvjs6r1Q0Bym66KAcMgayPnRt6Y6gz3L2jZd
Eu5X2WzTfFQB8HW2vWXfQtiUFDirGixe5eoVAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUTxpoUQMIGpcnuzc2hSKquFMdvaEwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9UeHBvVVFNSUdwY251emMy
aFNLcXVGTWR2YUUucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBAJD4Th9IWMtioJHDfz2p2i8OS4fMAQL7edh2
YR9Trgd8R2+JedwedtfSlacE+hRQ2TsWUEUy8pvUDsJSQkQQBBgrCCUiWHUB/6gL
jf7DWEaNe+jSn6hysEXMuLwiBXyFoFKHLh6sb/+DdlrfzvpcHsrbUXHJ6NGZw4az
X1rmNCconEyqm3aLMXxdNAfbrK374A8buHhhXwAFJAHI44Ffy9n4AqbJNk7lr8a8
T1NUboVp1ENsr/Mjwth+AwbJN/lNFPvyK+Icadw97E2xOasUsZ5daZhc9jbAQJ4k
RKEeCy6TLU4/aP34CUBZLMofrHwCQNCvfuSPEmwnS7ccLtnukcU=
-----END CERTIFICATE-----
Generated at Sat Jun 21 22:59:55 2025 by rpki-client