Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/_UTi3lcssgARsy11f0l_NGB6R5w.roa
File: _UTi3lcssgARsy11f0l_NGB6R5w.roa (raw, json)
Hash identifier: pwbU5plbh/kRxcTC3Kdvht2gHsQR/HP/6Ia7rRN8bQw=
Subject key identifier: FD:44:E2:DE:57:2C:B2:00:11:B3:2D:75:7F:49:7F:34:60:7A:47:9C
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 1669
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/_UTi3lcssgARsy11f0l_NGB6R5w.roa
Signing time: Thu 05 Jun 2025 23:09:24 +0000
ROA not before: Thu 05 Jun 2025 23:09:24 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5737 (0x1669)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 5 23:09:24 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=FD44E2DE572CB20011B32D757F497F34607A479C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:ed:99:61:55:df:49:5f:f5:c4:b2:a2:13:16:
1a:40:94:7f:8a:f3:38:ce:4a:36:ce:96:88:4c:5f:
ed:3b:6f:66:c6:f4:82:82:2f:c3:c0:5e:c3:82:a4:
04:91:c5:75:e7:0c:85:05:cc:66:25:92:49:f6:0e:
e7:01:2f:b5:09:ed:af:98:37:0d:75:b2:71:f0:81:
89:c2:38:86:44:77:68:3a:a1:b5:c6:14:c5:84:ca:
78:42:8b:a8:33:ba:0d:f6:f9:19:a1:4f:16:97:31:
ad:73:8b:39:8c:c4:94:6a:1c:04:4a:09:c6:40:82:
0e:a6:f7:97:db:eb:c0:61:20:de:a3:cd:9c:b4:70:
c7:a7:40:97:80:78:45:14:f6:67:c0:36:e7:e3:60:
d1:ff:c5:71:7c:c3:5d:0a:3b:5e:1b:85:8f:22:72:
0f:64:8f:4c:b3:ac:32:d2:3b:cf:be:48:7b:7c:91:
da:b2:ad:09:18:91:da:12:ec:f5:da:a0:ac:44:54:
8b:c4:4e:19:1c:72:f4:38:7c:4b:9d:04:cd:2d:35:
09:ea:ab:fb:72:58:77:2f:86:3c:83:c9:fa:03:ec:
51:b4:ba:95:4f:d9:de:6f:1c:4a:6f:1c:78:ef:22:
71:da:21:37:77:9d:23:6f:31:8f:1d:c4:e1:0a:02:
c3:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:44:E2:DE:57:2C:B2:00:11:B3:2D:75:7F:49:7F:34:60:7A:47:9C
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/_UTi3lcssgARsy11f0l_NGB6R5w.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
af:03:56:a4:b9:75:10:c5:e3:76:9f:79:a5:9e:1b:99:b5:6c:
32:b8:54:b7:b7:3a:ac:08:3b:14:6f:28:c8:89:19:9f:df:3c:
77:6f:7b:5a:99:22:e7:73:39:04:5a:a9:9a:49:ed:b0:47:06:
3e:96:e6:5e:92:8b:76:0e:69:da:ab:9c:3c:eb:09:7c:4d:a8:
16:af:55:95:c5:0a:ab:5b:33:0b:5e:83:fc:92:84:5e:16:a1:
48:34:08:8a:4e:48:a0:2d:60:b4:f4:39:ca:fa:79:98:09:0d:
f3:a0:b5:95:91:7b:53:bc:6d:6b:07:cb:ff:6c:43:c7:4d:d4:
0d:47:8b:87:1e:db:c9:1e:77:d5:1b:c5:bc:3c:73:cb:ee:22:
27:fe:f7:2b:2c:ea:68:1d:ab:1a:b3:b8:70:b0:28:14:e1:e7:
f8:d6:35:a0:fb:29:3e:7a:93:7a:c4:fc:a1:5e:dc:98:c7:16:
b0:a8:14:f7:9f:17:62:3c:4c:09:43:9e:57:f1:6f:c7:9d:fe:
ce:57:95:54:35:25:fb:e5:f8:2a:c0:60:30:99:44:82:f8:e3:
66:94:ca:f7:12:e7:d5:5f:9d:df:4b:d8:6f:a8:ac:68:c4:be:
5f:ca:0e:a0:a2:ea:35:80:83:49:2f:f7:16:7d:b1:d3:2d:b0:
e3:97:a2:87
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICFmkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MDUy
MzA5MjRaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEZENDRFMkRFNTcyQ0Iy
MDAxMUIzMkQ3NTdGNDk3RjM0NjA3QTQ3OUMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC87ZlhVd9JX/XEsqITFhpAlH+K8zjOSjbOlohMX+07b2bG9IKC
L8PAXsOCpASRxXXnDIUFzGYlkkn2DucBL7UJ7a+YNw11snHwgYnCOIZEd2g6obXG
FMWEynhCi6gzug32+RmhTxaXMa1zizmMxJRqHARKCcZAgg6m95fb68BhIN6jzZy0
cMenQJeAeEUU9mfANufjYNH/xXF8w10KO14bhY8icg9kj0yzrDLSO8++SHt8kdqy
rQkYkdoS7PXaoKxEVIvEThkccvQ4fEudBM0tNQnqq/tyWHcvhjyDyfoD7FG0upVP
2d5vHEpvHHjvInHaITd3nSNvMY8dxOEKAsPpAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQU/UTi3lcssgARsy11f0l/NGB6R5wwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9fVVRpM2xjc3NnQVJzeTEx
ZjBsX05HQjZSNXcucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBAK8DVqS5dRDF43afeaWeG5m1bDK4VLe3OqwI
OxRvKMiJGZ/fPHdve1qZIudzOQRaqZpJ7bBHBj6W5l6Si3YOadqrnDzrCXxNqBav
VZXFCqtbMwteg/yShF4WoUg0CIpOSKAtYLT0Ocr6eZgJDfOgtZWRe1O8bWsHy/9s
Q8dN1A1Hi4ce28ked9Ubxbw8c8vuIif+9yss6mgdqxqzuHCwKBTh5/jWNaD7KT56
k3rE/KFe3JjHFrCoFPefF2I8TAlDnlfxb8ed/s5XlVQ1Jfvl+CrAYDCZRIL442aU
yvcS59Vfnd9L2G+orGjEvl/KDqCi6jWAg0kv9xZ9sdMtsOOXooc=
-----END CERTIFICATE-----
Generated at Fri Jun 20 22:48:44 2025 by rpki-client