Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/_RPUrCt6Zcn5sh5Yv20YhoXTCwI.roa
File: _RPUrCt6Zcn5sh5Yv20YhoXTCwI.roa (raw, json)
Hash identifier: px5KpmmrC0wCYauyuCnvUQxx57sNOXkALL2JWIn6mNk=
Subject key identifier: FD:13:D4:AC:2B:7A:65:C9:F9:B2:1E:58:BF:6D:18:86:85:D3:0B:02
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 1931
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/_RPUrCt6Zcn5sh5Yv20YhoXTCwI.roa
Signing time: Mon 09 Jun 2025 16:09:37 +0000
ROA not before: Mon 09 Jun 2025 16:09:37 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6449 (0x1931)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 9 16:09:37 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=FD13D4AC2B7A65C9F9B21E58BF6D188685D30B02
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:f0:10:20:ab:f6:dc:27:63:6d:ff:20:05:40:
5a:f0:e5:fb:06:3b:fc:32:87:9e:d0:8d:ba:89:5d:
68:f8:cf:73:1b:1b:6e:36:e8:07:e5:e8:3c:06:70:
ba:0c:6b:75:67:9a:59:e8:db:cb:f5:3e:86:09:82:
16:31:22:41:db:34:60:b1:82:9b:04:82:bb:21:d6:
8c:b8:6e:bd:3b:35:94:bf:e8:2d:90:08:4d:e2:23:
97:fc:d4:97:9f:e4:8e:ac:22:2a:95:02:17:a9:54:
c0:74:fd:9b:12:08:11:12:90:c2:b0:85:84:ee:7a:
a9:4c:86:df:ea:57:cd:c4:f8:ce:89:b2:36:79:d0:
d6:ad:7c:14:d0:4c:13:4b:b3:94:72:16:04:ed:2b:
ce:82:ff:17:fa:56:dc:a5:0a:74:c9:98:c1:28:9c:
bf:bf:bc:c5:15:a3:e2:d2:16:96:07:c0:7d:b6:ae:
2d:d1:b8:2b:b8:a0:5c:bb:ca:3b:4f:4e:d6:64:eb:
91:99:d0:ae:a7:1d:5a:60:92:33:a1:25:1c:83:14:
e0:20:f5:cd:73:26:bf:03:fd:3b:41:cb:6f:86:df:
54:14:f8:f3:98:0f:58:98:42:cc:9b:ba:a5:1a:b6:
73:5f:0e:8b:c1:c6:91:8a:f9:c6:a9:f9:85:80:34:
bf:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:13:D4:AC:2B:7A:65:C9:F9:B2:1E:58:BF:6D:18:86:85:D3:0B:02
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/_RPUrCt6Zcn5sh5Yv20YhoXTCwI.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
23:0e:12:a8:ad:93:d5:d5:41:9b:ef:2b:3f:6b:8d:ae:0a:cf:
de:13:1f:01:82:92:34:17:60:51:5a:04:f3:e2:6e:e8:a4:ea:
bd:2e:43:1d:9c:9c:d5:b3:cb:22:1e:74:48:04:90:b4:18:09:
1e:59:02:7b:0d:9e:0e:a8:53:c2:b6:48:40:ed:7b:0b:a2:c0:
30:75:8d:4b:9c:b9:23:b8:d6:43:d2:ba:0d:c7:44:96:0c:6b:
c4:d0:b7:93:4e:8c:9b:02:a6:f8:8c:df:f2:92:87:b9:c5:9d:
fd:31:84:ef:32:fe:dd:5f:58:92:46:ac:a6:39:a9:bb:ec:96:
33:ee:3a:66:1d:81:5b:34:42:01:d3:36:68:cd:67:c2:20:62:
3b:26:1a:e9:83:53:f5:2c:07:03:7d:bb:53:b3:b9:88:07:55:
a1:db:ee:21:3d:eb:85:18:f9:82:49:c6:ee:27:bb:96:93:76:
cb:71:08:44:fd:05:f8:5b:80:7b:f2:95:af:29:ba:84:5a:92:
d2:d4:17:cf:d1:87:ff:19:a4:3b:0a:3e:c3:fe:93:d3:c3:2e:
06:c5:4e:08:55:d1:22:18:bb:d6:ee:1a:c7:b7:67:b4:75:2a:
13:55:28:41:79:36:2c:67:ae:c7:ef:55:19:9f:0a:90:4c:9c:
a3:6e:c5:d7
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICGTEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MDkx
NjA5MzdaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEZEMTNENEFDMkI3QTY1
QzlGOUIyMUU1OEJGNkQxODg2ODVEMzBCMDIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDl8BAgq/bcJ2Nt/yAFQFrw5fsGO/wyh57QjbqJXWj4z3MbG242
6Afl6DwGcLoMa3Vnmlno28v1PoYJghYxIkHbNGCxgpsEgrsh1oy4br07NZS/6C2Q
CE3iI5f81Jef5I6sIiqVAhepVMB0/ZsSCBESkMKwhYTueqlMht/qV83E+M6JsjZ5
0NatfBTQTBNLs5RyFgTtK86C/xf6VtylCnTJmMEonL+/vMUVo+LSFpYHwH22ri3R
uCu4oFy7yjtPTtZk65GZ0K6nHVpgkjOhJRyDFOAg9c1zJr8D/TtBy2+G31QU+POY
D1iYQsybuqUatnNfDovBxpGK+cap+YWANL/PAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQU/RPUrCt6Zcn5sh5Yv20YhoXTCwIwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9fUlBVckN0NlpjbjVzaDVZ
djIwWWhvWFRDd0kucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBACMOEqitk9XVQZvvKz9rja4Kz94THwGCkjQX
YFFaBPPibuik6r0uQx2cnNWzyyIedEgEkLQYCR5ZAnsNng6oU8K2SEDtewuiwDB1
jUucuSO41kPSug3HRJYMa8TQt5NOjJsCpviM3/KSh7nFnf0xhO8y/t1fWJJGrKY5
qbvsljPuOmYdgVs0QgHTNmjNZ8IgYjsmGumDU/UsBwN9u1OzuYgHVaHb7iE964UY
+YJJxu4nu5aTdstxCET9BfhbgHvyla8puoRaktLUF8/Rh/8ZpDsKPsP+k9PDLgbF
TghV0SIYu9buGse3Z7R1KhNVKEF5NixnrsfvVRmfCpBMnKNuxdc=
-----END CERTIFICATE-----
Generated at Sat Jun 21 20:32:31 2025 by rpki-client