Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/WTDKaHTa9QRyVCegdLHIKZJjchI.roa
File: WTDKaHTa9QRyVCegdLHIKZJjchI.roa (raw, json)
Hash identifier: wPbjbdKwS/JN7zjz/ikyVio+OvuxQFf0qUeXRn4EcPY=
Subject key identifier: 59:30:CA:68:74:DA:F5:04:72:54:27:A0:74:B1:C8:29:92:63:72:12
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 13CD
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/WTDKaHTa9QRyVCegdLHIKZJjchI.roa
Signing time: Mon 02 Jun 2025 11:39:13 +0000
ROA not before: Mon 02 Jun 2025 11:39:13 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5069 (0x13cd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 2 11:39:13 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=5930CA6874DAF504725427A074B1C82992637212
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:ea:fd:28:4d:7b:b6:09:52:6d:71:28:42:cf:
7a:51:1e:20:23:de:35:45:e5:20:c3:50:5a:92:f9:
ff:cc:ec:ab:cb:51:d7:a4:fc:78:f7:5e:38:4f:13:
21:32:c3:b7:a8:b0:f3:b4:c6:75:ff:f9:93:7d:d2:
8e:ec:29:2d:74:93:fb:1b:77:c4:9f:0d:b2:18:85:
2d:43:7c:66:b4:bf:e5:29:9c:ed:95:1a:25:12:f5:
59:ea:59:96:10:17:06:aa:66:0f:29:93:bc:3a:ec:
33:f5:b5:55:29:77:80:5c:5d:cc:23:c8:d7:62:93:
40:ea:07:3b:78:a8:a3:fe:0e:fb:43:0b:0f:69:43:
6c:1b:de:c8:1a:9d:eb:8c:7e:6e:3c:dd:0e:5d:7b:
e6:a4:9c:e7:9a:78:c7:00:05:3d:63:f7:8c:ff:b4:
aa:81:1a:19:8c:5e:99:67:92:7d:ab:39:95:26:c8:
10:02:11:9d:6f:71:6f:40:26:36:c9:4e:c8:4f:bc:
17:74:70:59:05:93:0e:84:7e:df:23:b4:4d:40:64:
04:5d:4e:bc:62:eb:ff:5f:bd:73:fc:9c:af:d9:bc:
44:5c:d2:33:f4:c4:99:13:88:fa:c7:c8:c8:03:ae:
39:71:f5:cc:dd:85:d4:a1:b4:de:7c:76:bc:eb:61:
6f:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:30:CA:68:74:DA:F5:04:72:54:27:A0:74:B1:C8:29:92:63:72:12
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/WTDKaHTa9QRyVCegdLHIKZJjchI.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
76:98:66:2d:43:65:ab:fa:99:08:0b:1a:f1:48:c3:95:04:f1:
69:68:0f:78:78:aa:bf:cd:14:58:fb:78:0e:cb:66:d1:71:fc:
a4:44:cb:7f:6d:07:e5:82:0b:ed:3f:6c:e2:58:12:25:10:23:
9e:85:8a:db:6d:e2:88:49:e4:6f:f0:58:7c:a3:45:d3:21:db:
1f:dd:5e:28:81:4a:39:ae:79:62:5b:cc:31:fd:e8:06:cb:c1:
6a:49:1b:71:35:be:c5:f6:e5:16:bf:45:00:78:15:14:27:05:
4a:d7:ea:a4:94:ba:ba:d1:9b:c6:cd:96:60:23:30:1c:85:04:
15:7b:2a:99:21:83:01:89:9d:39:04:ca:57:4e:28:1a:a1:49:
81:cb:d1:0e:14:a6:58:b6:53:40:a2:98:04:97:14:04:7e:e7:
21:ab:1c:36:75:37:c2:6b:fd:67:93:a1:a5:b0:6e:0b:12:37:
40:2f:d3:ea:c7:fb:9c:b2:b9:e8:d9:b2:77:ea:d1:b7:7c:72:
58:55:81:0e:71:fd:6e:d6:67:ea:77:0f:09:84:41:ff:a4:58:
2a:b6:fd:b2:4d:74:ea:74:4b:35:d0:33:42:4a:d0:a2:78:3e:
c3:b8:ac:14:09:37:d7:4d:e8:81:cf:4d:40:57:f1:61:de:40:
a0:07:4a:6f
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICE80wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MDIx
MTM5MTNaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDU5MzBDQTY4NzREQUY1
MDQ3MjU0MjdBMDc0QjFDODI5OTI2MzcyMTIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDF6v0oTXu2CVJtcShCz3pRHiAj3jVF5SDDUFqS+f/M7KvLUdek
/Hj3XjhPEyEyw7eosPO0xnX/+ZN90o7sKS10k/sbd8SfDbIYhS1DfGa0v+UpnO2V
GiUS9VnqWZYQFwaqZg8pk7w67DP1tVUpd4BcXcwjyNdik0DqBzt4qKP+DvtDCw9p
Q2wb3sganeuMfm483Q5de+aknOeaeMcABT1j94z/tKqBGhmMXplnkn2rOZUmyBAC
EZ1vcW9AJjbJTshPvBd0cFkFkw6Eft8jtE1AZARdTrxi6/9fvXP8nK/ZvERc0jP0
xJkTiPrHyMgDrjlx9czdhdShtN58drzrYW93AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUWTDKaHTa9QRyVCegdLHIKZJjchIwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9XVERLYUhUYTlRUnlWQ2Vn
ZExISUtaSmpjaEkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBAHaYZi1DZav6mQgLGvFIw5UE8WloD3h4qr/N
FFj7eA7LZtFx/KREy39tB+WCC+0/bOJYEiUQI56Fittt4ohJ5G/wWHyjRdMh2x/d
XiiBSjmueWJbzDH96AbLwWpJG3E1vsX25Ra/RQB4FRQnBUrX6qSUurrRm8bNlmAj
MByFBBV7KpkhgwGJnTkEyldOKBqhSYHL0Q4Upli2U0CimASXFAR+5yGrHDZ1N8Jr
/WeToaWwbgsSN0Av0+rH+5yyuejZsnfq0bd8clhVgQ5x/W7WZ+p3DwmEQf+kWCq2
/bJNdOp0SzXQM0JK0KJ4PsO4rBQJN9dN6IHPTUBX8WHeQKAHSm8=
-----END CERTIFICATE-----
Generated at Tue Jun 17 11:49:15 2025 by rpki-client