Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/agFY9IYYxN8AWhurvY8fTbRUOD0.roa
File: agFY9IYYxN8AWhurvY8fTbRUOD0.roa (raw, json)
Hash identifier: AjSqyJDKSXpHIP1E7QuydGLFDbWhVvaGkgvWY38YpGE=
Subject key identifier: 6A:01:58:F4:86:18:C4:DF:00:5A:1B:AB:BD:8F:1F:4D:B4:54:38:3D
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 1835
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/agFY9IYYxN8AWhurvY8fTbRUOD0.roa
Signing time: Sun 08 Jun 2025 08:39:44 +0000
ROA not before: Sun 08 Jun 2025 08:39:44 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6197 (0x1835)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 8 08:39:44 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=6A0158F48618C4DF005A1BABBD8F1F4DB454383D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:3b:e4:5b:c5:6c:8a:f2:e5:bd:fc:48:52:ed:
6e:5b:46:06:00:43:f9:a3:d7:6c:de:d6:2d:39:1a:
15:94:dc:ad:cc:ed:f7:49:16:31:02:07:ae:15:e5:
d9:de:34:5a:56:1a:04:a9:5d:44:91:ac:a5:e5:c6:
8c:92:13:b2:2d:81:06:c8:e0:6f:6f:a2:27:c1:a4:
9f:75:8e:65:78:b7:f7:97:ea:0a:eb:f2:69:a0:3c:
1d:45:bd:b5:80:29:4b:a9:b8:bf:26:6a:c0:28:9d:
94:70:af:d5:0f:0a:c6:eb:51:7a:0a:25:e3:75:25:
36:96:c2:f3:8f:6a:58:4a:71:92:97:cc:a6:e6:71:
8a:cf:4d:95:b0:8f:31:96:fd:dc:fb:6e:6e:7f:b0:
65:c0:4d:04:d9:60:56:4e:40:ec:8a:48:3e:02:3e:
a8:7a:c6:bf:96:28:f4:9e:74:e3:61:79:b4:34:2d:
88:2c:4b:dd:ad:2b:5a:ad:f2:94:14:6c:cd:75:1f:
ea:8a:42:22:90:21:4d:1b:fd:14:c7:41:53:b9:f8:
92:4f:1b:7d:c0:ec:02:1a:3d:c4:53:8e:00:fc:6a:
4f:84:55:14:1e:94:52:43:cc:11:67:62:81:80:79:
66:8b:d5:f3:fc:5d:80:85:c0:28:1c:e6:9b:6f:28:
45:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:01:58:F4:86:18:C4:DF:00:5A:1B:AB:BD:8F:1F:4D:B4:54:38:3D
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/agFY9IYYxN8AWhurvY8fTbRUOD0.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
a7:5d:76:c7:98:cf:6c:af:1c:f9:fb:5f:60:7d:3c:32:d2:c2:
c4:38:3e:ac:65:c9:ba:c8:70:9f:6d:31:61:45:61:9e:72:24:
7f:d6:57:af:80:18:e4:ee:a4:63:b2:df:43:dc:4c:a4:4d:b6:
b8:d4:4c:f4:c3:6d:e1:9a:66:88:b4:71:09:f2:25:ec:df:12:
e0:4b:18:2a:ac:72:e0:0e:4e:78:1f:b4:a4:88:92:43:5b:3e:
43:36:6d:3b:ab:1e:6b:fb:1f:4c:ee:fe:4c:62:c8:c5:aa:ba:
06:9c:a6:8c:dd:60:73:20:7e:c3:d2:01:cb:9c:05:e0:d6:6e:
f7:27:55:f1:47:de:fd:5e:25:0b:dc:c8:22:22:50:46:79:db:
d9:f2:92:c8:8e:f1:64:37:af:0b:27:e4:ef:be:d7:52:a3:67:
d1:47:b0:44:54:37:ed:8a:a3:2c:0f:d3:07:54:17:68:21:6e:
5e:b4:ac:40:44:07:2d:46:69:59:83:37:32:b9:e2:1a:63:6a:
03:67:3f:80:ad:4b:26:53:46:60:fb:ae:7f:25:c7:1a:f8:66:
2f:ee:be:3d:7a:f3:0c:cd:f0:42:3c:9a:3b:aa:3b:a9:6a:14:
32:8a:27:c2:e8:37:83:ff:c0:e2:81:57:5f:84:ae:2c:f9:ce:
f3:20:af:c7
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICGDUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MDgw
ODM5NDRaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDZBMDE1OEY0ODYxOEM0
REYwMDVBMUJBQkJEOEYxRjREQjQ1NDM4M0QwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDLO+RbxWyK8uW9/EhS7W5bRgYAQ/mj12ze1i05GhWU3K3M7fdJ
FjECB64V5dneNFpWGgSpXUSRrKXlxoySE7ItgQbI4G9voifBpJ91jmV4t/eX6grr
8mmgPB1FvbWAKUupuL8masAonZRwr9UPCsbrUXoKJeN1JTaWwvOPalhKcZKXzKbm
cYrPTZWwjzGW/dz7bm5/sGXATQTZYFZOQOyKSD4CPqh6xr+WKPSedONhebQ0LYgs
S92tK1qt8pQUbM11H+qKQiKQIU0b/RTHQVO5+JJPG33A7AIaPcRTjgD8ak+EVRQe
lFJDzBFnYoGAeWaL1fP8XYCFwCgc5ptvKEV5AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUagFY9IYYxN8AWhurvY8fTbRUOD0wHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9hZ0ZZOUlZWXhOOEFXaHVy
dlk4ZlRiUlVPRDAucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBAKdddseYz2yvHPn7X2B9PDLSwsQ4PqxlybrI
cJ9tMWFFYZ5yJH/WV6+AGOTupGOy30PcTKRNtrjUTPTDbeGaZoi0cQnyJezfEuBL
GCqscuAOTngftKSIkkNbPkM2bTurHmv7H0zu/kxiyMWqugacpozdYHMgfsPSAcuc
BeDWbvcnVfFH3v1eJQvcyCIiUEZ529nyksiO8WQ3rwsn5O++11KjZ9FHsERUN+2K
oywP0wdUF2ghbl60rEBEBy1GaVmDNzK54hpjagNnP4CtSyZTRmD7rn8lxxr4Zi/u
vj168wzN8EI8mjuqO6lqFDKKJ8LoN4P/wOKBV1+Eriz5zvMgr8c=
-----END CERTIFICATE-----
Generated at Sun Jun 22 05:21:13 2025 by rpki-client