Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/bG6QkPMnWaaQibZhY8y8_2ybXg4.roa
File: bG6QkPMnWaaQibZhY8y8_2ybXg4.roa (raw, json)
Hash identifier: afDpByZZkHYxtQIplYERt0XcTyqhF0mN5BY/+HX11vA=
Subject key identifier: 6C:6E:90:90:F3:27:59:A6:90:89:B6:61:63:CC:BC:FF:6C:9B:5E:0E
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 179D
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/bG6QkPMnWaaQibZhY8y8_2ybXg4.roa
Signing time: Sat 07 Jun 2025 13:39:38 +0000
ROA not before: Sat 07 Jun 2025 13:39:38 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6045 (0x179d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 7 13:39:38 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=6C6E9090F32759A69089B66163CCBCFF6C9B5E0E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:98:79:63:af:d8:96:73:c9:87:6a:dc:e1:f1:
71:09:52:99:4f:68:74:a0:7c:ff:12:d1:8c:85:c1:
df:ae:94:8a:22:cb:0b:2f:e1:15:28:0a:25:d1:c3:
ac:1d:e4:1e:fe:00:59:35:69:24:b5:d8:83:32:6b:
2e:ed:f2:b9:ac:5b:c3:ae:54:f4:39:37:b5:24:7d:
0c:bc:f3:08:27:3a:cb:fd:60:bd:6a:dc:d4:c2:15:
8d:08:20:92:25:df:09:df:9e:f1:cb:99:aa:60:6b:
a8:78:68:b5:09:50:79:c2:b8:76:72:c1:64:4c:c5:
68:ef:a5:d6:82:cd:c2:f0:fe:d3:68:86:1a:6c:01:
eb:21:84:39:ce:dc:1d:53:65:c6:f9:94:44:73:80:
f0:8b:d7:21:2e:46:ab:6b:c7:ac:3c:aa:4c:73:66:
ce:af:87:5e:93:65:fd:92:33:e0:6d:d3:cf:92:63:
6f:f7:8f:e1:e1:8b:66:86:be:2e:92:56:ec:f9:ce:
87:20:5d:cd:13:0c:a3:40:c1:3d:29:ff:d3:45:a2:
1b:ee:9d:85:df:07:d7:21:f9:5b:af:5e:52:4b:19:
85:6e:3f:ee:0e:8b:8b:dd:28:41:d1:35:d4:de:d1:
29:06:e9:aa:d3:3e:92:1d:58:0b:b3:d0:db:06:8e:
e9:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:6E:90:90:F3:27:59:A6:90:89:B6:61:63:CC:BC:FF:6C:9B:5E:0E
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/bG6QkPMnWaaQibZhY8y8_2ybXg4.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
7a:a0:47:e0:d2:ca:3b:4e:e0:e4:52:46:a4:50:07:da:5c:6f:
c1:87:46:58:e4:96:15:38:30:cd:75:4e:86:ec:a3:82:30:fe:
57:07:7f:6a:98:de:a0:2c:d3:4e:25:13:ee:3f:29:6f:bf:77:
6b:d7:23:06:10:de:91:0f:ef:bb:2c:8f:15:a9:63:71:5f:82:
ea:ab:d1:a8:ff:5a:6a:0c:a3:65:21:5f:7e:b2:13:35:7d:01:
5f:43:e5:96:3b:53:9f:91:7a:36:ac:f1:b6:3c:9c:6f:c4:60:
6d:55:c5:36:7a:7c:6d:dd:ce:34:60:be:84:65:44:5c:c8:83:
a4:57:38:72:08:27:ac:30:3f:25:18:51:46:de:0d:3b:9e:87:
2a:fc:87:5a:c7:6a:65:37:8b:04:ba:11:30:3d:23:e3:d4:93:
0c:f0:2c:f0:d4:fa:9a:e1:55:6b:1a:84:70:fa:d3:d4:02:ab:
a7:6b:02:33:a3:90:4e:e0:83:da:60:4c:72:98:1a:f8:38:bf:
f0:88:6d:af:6d:73:d9:5f:4a:0c:d7:e5:10:ba:78:91:7d:e5:
cb:10:33:d4:92:f5:3f:c3:66:69:5d:5a:c9:24:21:6d:26:e5:
66:ff:ac:d7:33:12:c6:c2:cb:6e:31:b7:0a:ae:58:62:95:7d:
df:2c:4d:59
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICF50wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MDcx
MzM5MzhaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDZDNkU5MDkwRjMyNzU5
QTY5MDg5QjY2MTYzQ0NCQ0ZGNkM5QjVFMEUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDDmHljr9iWc8mHatzh8XEJUplPaHSgfP8S0YyFwd+ulIoiywsv
4RUoCiXRw6wd5B7+AFk1aSS12IMyay7t8rmsW8OuVPQ5N7UkfQy88wgnOsv9YL1q
3NTCFY0IIJIl3wnfnvHLmapga6h4aLUJUHnCuHZywWRMxWjvpdaCzcLw/tNohhps
AeshhDnO3B1TZcb5lERzgPCL1yEuRqtrx6w8qkxzZs6vh16TZf2SM+Bt08+SY2/3
j+Hhi2aGvi6SVuz5zocgXc0TDKNAwT0p/9NFohvunYXfB9ch+VuvXlJLGYVuP+4O
i4vdKEHRNdTe0SkG6arTPpIdWAuz0NsGjukHAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUbG6QkPMnWaaQibZhY8y8/2ybXg4wHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9iRzZRa1BNbldhYVFpYlpo
WTh5OF8yeWJYZzQucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBAHqgR+DSyjtO4ORSRqRQB9pcb8GHRljklhU4
MM11Tobso4Iw/lcHf2qY3qAs004lE+4/KW+/d2vXIwYQ3pEP77ssjxWpY3Ffguqr
0aj/WmoMo2UhX36yEzV9AV9D5ZY7U5+Rejas8bY8nG/EYG1VxTZ6fG3dzjRgvoRl
RFzIg6RXOHIIJ6wwPyUYUUbeDTuehyr8h1rHamU3iwS6ETA9I+PUkwzwLPDU+prh
VWsahHD609QCq6drAjOjkE7gg9pgTHKYGvg4v/CIba9tc9lfSgzX5RC6eJF95csQ
M9SS9T/DZmldWskkIW0m5Wb/rNczEsbCy24xtwquWGKVfd8sTVk=
-----END CERTIFICATE-----
Generated at Sun Jun 22 20:44:15 2025 by rpki-client