Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/aZHZcO1BTGurtbTSJ_yoQ8YZWBg.roa
File: aZHZcO1BTGurtbTSJ_yoQ8YZWBg.roa (raw, json)
Hash identifier: pIXtBUBe32VtTazSi0HDyHMlV+ER1aVh4E7zrQobnY8=
Subject key identifier: 69:91:D9:70:ED:41:4C:6B:AB:B5:B4:D2:27:FC:A8:43:C6:19:58:18
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 08B5
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/aZHZcO1BTGurtbTSJ_yoQ8YZWBg.roa
Signing time: Sun 18 May 2025 16:38:18 +0000
ROA not before: Sun 18 May 2025 16:38:18 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2229 (0x8b5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 18 16:38:18 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=6991D970ED414C6BABB5B4D227FCA843C6195818
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:0d:1e:c0:e4:67:b5:60:e1:c9:24:9e:02:25:
89:06:e8:fd:8d:af:9d:89:b7:b6:57:9e:55:0f:b4:
fa:c0:f3:9a:15:be:76:58:4a:19:a3:5f:d3:0e:36:
de:b5:ba:37:ec:85:5d:8f:fc:62:d2:25:6d:30:da:
f6:68:c0:0b:c4:e3:59:ed:e8:d5:f6:df:dc:a9:56:
6d:ad:9d:8d:91:39:95:9f:51:a1:d3:7b:e8:42:e3:
1e:ac:7e:40:03:29:f7:8a:15:18:b9:1b:7d:48:75:
c1:25:d0:38:a7:c5:68:c7:54:fa:cb:19:38:1a:fb:
a9:fa:24:42:41:c1:43:06:5a:61:99:09:90:9a:24:
8b:19:81:38:89:48:6f:dd:b8:a6:a8:82:46:b5:27:
16:a8:0e:e6:d1:af:7e:d2:79:33:a7:88:3b:6e:0a:
70:a6:d8:f8:e2:5f:23:9b:ca:df:b7:46:b8:b6:ef:
ab:0c:e9:24:ed:4f:3f:3e:6f:6e:e0:3b:bd:2e:05:
1b:55:29:18:d7:73:7b:3e:c5:f5:19:84:8c:8a:6c:
49:39:f7:08:73:df:ee:ac:f4:81:c3:a0:ff:c6:eb:
ad:f5:62:dd:8d:d1:1f:9a:86:6b:f2:df:3d:24:ef:
1a:c5:bb:d7:70:91:b0:0e:e1:80:5e:2f:4b:9d:64:
be:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:91:D9:70:ED:41:4C:6B:AB:B5:B4:D2:27:FC:A8:43:C6:19:58:18
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/aZHZcO1BTGurtbTSJ_yoQ8YZWBg.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
62:53:f2:d5:a7:49:a4:07:9a:3c:4c:63:24:ac:cf:93:5a:96:
78:5b:a4:92:75:38:f0:01:65:26:ff:68:93:34:57:20:9b:df:
ca:ec:b8:a3:b5:10:19:84:8f:36:b3:0b:1a:76:c7:27:b9:ac:
7d:ac:f5:c6:f2:3c:89:24:d9:01:d0:60:77:e6:c5:f8:f2:f4:
a7:56:ff:5a:d5:72:d3:60:38:6c:18:07:d0:44:bf:07:4e:c8:
f5:43:a1:4d:3f:e7:03:02:39:63:05:1e:94:db:91:9b:50:7f:
bb:ee:2c:fc:cc:53:60:f6:0d:e0:d4:28:89:c3:22:5a:ac:c4:
98:20:4e:b3:4f:59:80:f1:e5:8f:7f:fd:c6:63:67:72:a9:ff:
c6:1b:a6:f1:ab:2b:a1:d7:f4:8b:30:c8:59:11:2c:f0:01:89:
cb:78:4f:6c:18:66:f3:f1:fd:80:eb:f0:c1:84:63:57:46:0d:
4e:4d:1d:8b:b3:ed:3c:2f:37:77:1e:b0:59:71:09:f0:1a:82:
b3:0a:47:89:93:61:0d:75:99:50:68:0d:2d:49:fc:a9:f3:fb:
0c:fc:9b:35:2a:fd:b8:d9:8b:89:3d:f1:85:fa:27:43:91:cc:
df:08:75:db:d7:24:97:a3:12:59:4f:6e:44:60:07:34:80:0e:
b8:4f:e0:5c
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICCLUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTgx
NjM4MThaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDY5OTFEOTcwRUQ0MTRD
NkJBQkI1QjREMjI3RkNBODQzQzYxOTU4MTgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCYDR7A5Ge1YOHJJJ4CJYkG6P2Nr52Jt7ZXnlUPtPrA85oVvnZY
ShmjX9MONt61ujfshV2P/GLSJW0w2vZowAvE41nt6NX239ypVm2tnY2ROZWfUaHT
e+hC4x6sfkADKfeKFRi5G31IdcEl0DinxWjHVPrLGTga+6n6JEJBwUMGWmGZCZCa
JIsZgTiJSG/duKaogka1JxaoDubRr37SeTOniDtuCnCm2PjiXyObyt+3Rri276sM
6STtTz8+b27gO70uBRtVKRjXc3s+xfUZhIyKbEk59whz3+6s9IHDoP/G6631Yt2N
0R+ahmvy3z0k7xrFu9dwkbAO4YBeL0udZL5PAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUaZHZcO1BTGurtbTSJ/yoQ8YZWBgwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9hWkhaY08xQlRHdXJ0YlRT
Sl95b1E4WVpXQmcucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBAGJT8tWnSaQHmjxMYySsz5NalnhbpJJ1OPAB
ZSb/aJM0VyCb38rsuKO1EBmEjzazCxp2xye5rH2s9cbyPIkk2QHQYHfmxfjy9KdW
/1rVctNgOGwYB9BEvwdOyPVDoU0/5wMCOWMFHpTbkZtQf7vuLPzMU2D2DeDUKInD
IlqsxJggTrNPWYDx5Y9//cZjZ3Kp/8YbpvGrK6HX9IswyFkRLPABict4T2wYZvPx
/YDr8MGEY1dGDU5NHYuz7TwvN3cesFlxCfAagrMKR4mTYQ11mVBoDS1J/Knz+wz8
mzUq/bjZi4k98YX6J0ORzN8IddvXJJejEllPbkRgBzSADrhP4Fw=
-----END CERTIFICATE-----
Generated at Sat Jun 21 13:40:47 2025 by rpki-client