Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/_aJ-FcHlWkVhc3TUVWoeLnwweC0.roa
File: _aJ-FcHlWkVhc3TUVWoeLnwweC0.roa (raw, json)
Hash identifier: K9m07ia+sWD8qynM+NYxcnmgAAQ/GYtuSbsjL1U7WQ4=
Subject key identifier: FD:A2:7E:15:C1:E5:5A:45:61:73:74:D4:55:6A:1E:2E:7C:30:78:2D
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0B65
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/_aJ-FcHlWkVhc3TUVWoeLnwweC0.roa
Signing time: Thu 22 May 2025 06:38:26 +0000
ROA not before: Thu 22 May 2025 06:38:26 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2917 (0xb65)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 22 06:38:26 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=FDA27E15C1E55A45617374D4556A1E2E7C30782D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:f1:30:08:d4:ab:71:e9:f0:94:75:88:bd:7b:
49:de:a2:a6:a4:8c:36:37:ce:1f:cf:42:32:3c:b2:
9a:21:22:19:8e:72:a1:68:a7:f6:91:a3:17:aa:87:
15:3f:9f:72:12:e5:63:d5:d5:e0:81:26:06:61:fb:
39:ba:db:9e:01:7d:b9:63:63:26:cb:59:95:0a:13:
a7:a1:a4:1e:39:74:02:a7:18:c2:f1:51:a5:7a:24:
1a:bc:0e:ab:fc:10:28:9e:54:e2:7d:ef:e3:f9:3f:
fd:5b:40:01:20:69:09:35:11:88:2d:8d:ae:4f:fa:
bd:35:95:66:6d:8b:18:92:f4:64:bb:8a:81:6b:1c:
23:cd:3a:2d:da:18:30:a7:11:9b:c6:d4:ee:af:48:
2a:79:e2:35:66:4a:ca:03:a9:f3:8e:26:20:42:43:
fb:b3:27:18:5f:aa:0c:4b:c4:77:2a:2f:c8:90:25:
2b:b0:6b:17:84:d4:8c:cb:48:a9:a7:44:d6:d5:f1:
03:a1:0e:50:97:00:40:d2:d9:75:52:0c:df:74:18:
f9:82:cb:85:ef:47:1f:0c:0b:54:a7:b2:5a:da:e7:
64:d7:15:ff:70:36:9c:da:77:7d:2d:47:8c:f9:31:
6d:a9:e2:e9:97:12:c4:54:34:c9:ab:aa:d3:cb:0f:
62:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:A2:7E:15:C1:E5:5A:45:61:73:74:D4:55:6A:1E:2E:7C:30:78:2D
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/_aJ-FcHlWkVhc3TUVWoeLnwweC0.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
8b:4c:e7:09:19:72:09:25:15:e5:12:07:b0:79:4e:e2:8d:91:
b7:aa:1b:ee:1b:87:0f:d4:d2:ea:75:b7:97:bb:c4:2a:d6:f2:
ac:63:3a:f5:3f:45:34:0a:d7:40:ce:a9:0e:8b:76:d9:d7:a8:
40:4d:76:b6:44:48:b9:02:b4:9d:76:1a:e7:05:2d:50:e9:2d:
74:9b:b6:5f:8f:03:b7:fd:bd:34:99:a8:d3:46:10:ec:b3:d1:
a1:9f:31:b3:7d:d0:ae:c9:60:8d:18:fb:53:52:4a:c4:c0:f0:
5d:80:15:66:1a:9b:89:b1:76:a2:76:a3:bf:cb:da:1e:33:da:
0d:4d:77:d6:45:71:93:46:c2:4f:cd:19:19:0c:31:83:a7:50:
cc:28:00:8b:e3:80:1e:cd:37:89:47:fc:59:0b:d6:b5:e2:dc:
46:9f:62:46:08:2d:25:7e:ae:27:ce:61:4e:02:13:02:8d:22:
71:f7:d8:80:71:32:89:84:73:a2:61:40:aa:1e:f6:81:10:f7:
b2:25:ba:8f:43:74:fc:45:b2:7a:57:6d:a0:d4:9d:de:56:ac:
02:f3:c1:ab:09:a6:a8:73:c0:90:79:db:e7:b8:14:6e:e7:92:
e0:bc:9b:19:2e:02:12:8c:1c:2b:ae:15:2d:d9:53:96:b7:b5:
4e:05:53:f1
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICC2UwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MjIw
NjM4MjZaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEZEQTI3RTE1QzFFNTVB
NDU2MTczNzRENDU1NkExRTJFN0MzMDc4MkQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDB8TAI1Ktx6fCUdYi9e0neoqakjDY3zh/PQjI8spohIhmOcqFo
p/aRoxeqhxU/n3IS5WPV1eCBJgZh+zm6254BfbljYybLWZUKE6ehpB45dAKnGMLx
UaV6JBq8Dqv8ECieVOJ97+P5P/1bQAEgaQk1EYgtja5P+r01lWZtixiS9GS7ioFr
HCPNOi3aGDCnEZvG1O6vSCp54jVmSsoDqfOOJiBCQ/uzJxhfqgxLxHcqL8iQJSuw
axeE1IzLSKmnRNbV8QOhDlCXAEDS2XVSDN90GPmCy4XvRx8MC1Snslra52TXFf9w
Npzad30tR4z5MW2p4umXEsRUNMmrqtPLD2KRAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQU/aJ+FcHlWkVhc3TUVWoeLnwweC0wHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9fYUotRmNIbFdrVmhjM1RV
VldvZUxud3dlQzAucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBAItM5wkZcgklFeUSB7B5TuKNkbeqG+4bhw/U
0up1t5e7xCrW8qxjOvU/RTQK10DOqQ6LdtnXqEBNdrZESLkCtJ12GucFLVDpLXSb
tl+PA7f9vTSZqNNGEOyz0aGfMbN90K7JYI0Y+1NSSsTA8F2AFWYam4mxdqJ2o7/L
2h4z2g1Nd9ZFcZNGwk/NGRkMMYOnUMwoAIvjgB7NN4lH/FkL1rXi3EafYkYILSV+
rifOYU4CEwKNInH32IBxMomEc6JhQKoe9oEQ97Iluo9DdPxFsnpXbaDUnd5WrALz
wasJpqhzwJB52+e4FG7nkuC8mxkuAhKMHCuuFS3ZU5a3tU4FU/E=
-----END CERTIFICATE-----
Generated at Sat Jun 21 13:39:44 2025 by rpki-client