Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/ab7pIWhN7HIZimByWT2lximshmo.roa
File: ab7pIWhN7HIZimByWT2lximshmo.roa (raw, json)
Hash identifier: WTzuXu883wXnBiXRN8wM2AM8xdYQO7RSMkNiTW8vJZQ=
Subject key identifier: 69:BE:E9:21:68:4D:EC:72:19:8A:60:72:59:3D:A5:C6:29:AC:86:6A
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 1825
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/ab7pIWhN7HIZimByWT2lximshmo.roa
Signing time: Sun 08 Jun 2025 06:39:35 +0000
ROA not before: Sun 08 Jun 2025 06:39:35 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6181 (0x1825)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 8 06:39:35 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=69BEE921684DEC72198A6072593DA5C629AC866A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:55:78:0f:95:d7:73:de:b0:f3:b0:be:58:96:
7e:5e:c3:06:b1:84:01:ac:b9:b7:49:67:fd:53:0d:
60:dd:c5:98:7e:55:3a:7e:6b:a6:50:be:22:d0:21:
fc:04:5d:89:5a:11:b6:3c:f0:65:80:43:92:74:8a:
ac:d5:17:86:54:14:d9:72:c3:89:14:5d:c6:36:24:
37:8f:4b:7d:4e:66:11:bd:f9:62:14:3d:56:ec:69:
77:bd:60:bb:86:7a:26:1b:43:16:c8:65:05:7d:80:
c3:21:07:df:75:17:41:bf:52:9b:41:63:9d:51:9c:
e2:df:b5:11:a5:0d:e6:b4:f2:f6:d2:44:1b:a7:97:
8a:09:13:6c:2f:e8:64:d4:97:0c:e1:9a:ce:69:eb:
7c:69:eb:45:46:1d:13:8f:fc:88:e8:a8:93:7b:51:
20:c5:27:d1:55:e8:38:0d:08:0b:0c:30:c6:a9:71:
91:68:1a:f9:f8:6e:98:a2:d1:ed:cd:71:f2:02:31:
04:9f:e0:95:28:b3:26:e5:93:50:b9:37:af:56:16:
8d:76:59:cc:82:59:e1:4e:51:07:60:ac:e4:6d:83:
0d:d9:12:7d:c6:aa:28:b1:1a:5b:d3:39:a6:db:e2:
2b:2b:5d:4b:7b:5f:a3:fb:da:6a:cc:a6:73:4b:94:
33:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:BE:E9:21:68:4D:EC:72:19:8A:60:72:59:3D:A5:C6:29:AC:86:6A
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/ab7pIWhN7HIZimByWT2lximshmo.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
51:6a:f5:a7:2b:35:e3:62:08:b4:5c:84:59:74:6d:2b:81:49:
96:e2:88:49:2d:36:7a:a9:09:7b:0e:58:ed:88:49:82:17:0d:
d3:33:2f:d7:89:98:5e:7e:af:9b:1d:63:3b:af:2d:a9:4b:d5:
b9:bb:ca:0f:dc:9d:db:c1:76:a2:96:27:42:d9:c9:9e:85:c6:
9b:b4:d0:05:55:62:fc:73:84:78:4d:37:bf:62:97:13:b9:cb:
d3:1c:e5:d2:6b:fd:d3:ec:95:b0:be:ca:ec:e3:49:a7:4a:88:
82:f3:da:7f:82:5c:3f:41:d3:d8:05:02:90:64:d9:47:79:2f:
00:fe:fa:15:f6:6c:14:e5:cc:88:9b:e6:d3:28:0c:0c:67:1c:
98:b3:da:82:40:3b:6e:a2:2d:1e:87:cf:82:44:26:b6:4b:22:
b3:bb:a0:68:8e:63:f6:c2:47:38:ae:0b:67:cf:07:8e:08:39:
df:7f:1b:60:b6:7d:23:e4:0c:be:47:18:54:10:e2:61:ca:23:
ba:c2:17:01:40:ff:17:33:65:bd:57:2e:12:a2:66:2a:23:a1:
38:d0:e8:83:65:09:b0:44:8b:b5:a1:be:6a:d1:3d:f9:66:20:
2b:a3:16:77:6e:61:d3:d2:a3:eb:b7:b0:f8:ca:45:b5:b1:ac:
ca:a7:8e:da
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICGCUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MDgw
NjM5MzVaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDY5QkVFOTIxNjg0REVD
NzIxOThBNjA3MjU5M0RBNUM2MjlBQzg2NkEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCzVXgPlddz3rDzsL5Yln5ewwaxhAGsubdJZ/1TDWDdxZh+VTp+
a6ZQviLQIfwEXYlaEbY88GWAQ5J0iqzVF4ZUFNlyw4kUXcY2JDePS31OZhG9+WIU
PVbsaXe9YLuGeiYbQxbIZQV9gMMhB991F0G/UptBY51RnOLftRGlDea08vbSRBun
l4oJE2wv6GTUlwzhms5p63xp60VGHROP/IjoqJN7USDFJ9FV6DgNCAsMMMapcZFo
Gvn4bpii0e3NcfICMQSf4JUosyblk1C5N69WFo12WcyCWeFOUQdgrORtgw3ZEn3G
qiixGlvTOabb4isrXUt7X6P72mrMpnNLlDPDAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUab7pIWhN7HIZimByWT2lximshmowHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9hYjdwSVdoTjdISVppbUJ5
V1QybHhpbXNobW8ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBAFFq9acrNeNiCLRchFl0bSuBSZbiiEktNnqp
CXsOWO2ISYIXDdMzL9eJmF5+r5sdYzuvLalL1bm7yg/cndvBdqKWJ0LZyZ6Fxpu0
0AVVYvxzhHhNN79ilxO5y9Mc5dJr/dPslbC+yuzjSadKiILz2n+CXD9B09gFApBk
2Ud5LwD++hX2bBTlzIib5tMoDAxnHJiz2oJAO26iLR6Hz4JEJrZLIrO7oGiOY/bC
RziuC2fPB44IOd9/G2C2fSPkDL5HGFQQ4mHKI7rCFwFA/xczZb1XLhKiZiojoTjQ
6INlCbBEi7WhvmrRPflmICujFnduYdPSo+u3sPjKRbWxrMqnjto=
-----END CERTIFICATE-----
Generated at Sat Jun 21 18:31:37 2025 by rpki-client