Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/bSH1ILQfZySF25UeaE2QCgtPirs.roa
File: bSH1ILQfZySF25UeaE2QCgtPirs.roa (raw, json)
Hash identifier: lMBAVz8dzbTtw2Qe4RibAkU+gqHg3ZcKq4r67LkyYig=
Subject key identifier: 6D:21:F5:20:B4:1F:67:24:85:DB:95:1E:68:4D:90:0A:0B:4F:8A:BB
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 18CD
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/bSH1ILQfZySF25UeaE2QCgtPirs.roa
Signing time: Mon 09 Jun 2025 03:39:44 +0000
ROA not before: Mon 09 Jun 2025 03:39:44 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6349 (0x18cd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 9 03:39:44 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=6D21F520B41F672485DB951E684D900A0B4F8ABB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:79:29:89:08:04:a2:a8:22:6d:94:ba:2a:df:
34:72:33:39:50:6c:45:67:5b:47:8a:62:75:de:71:
5a:33:0a:99:4d:84:1d:22:b2:0a:cb:5b:a0:d6:c9:
05:f5:75:ce:9d:fd:fe:2a:b9:2a:e2:05:7f:af:bd:
3b:40:75:ce:69:02:fe:9f:2f:e3:7b:f2:ba:c3:89:
b7:1c:c2:66:c7:ce:dd:85:18:e2:0f:0e:7f:b9:10:
f6:e9:d5:9c:b5:46:db:19:9a:b3:c3:5f:bf:46:b5:
b8:76:48:a0:1f:aa:67:44:e5:d8:e4:d5:34:de:0c:
03:7b:37:9d:94:26:8d:15:45:56:55:91:ec:23:50:
81:70:a2:9e:5a:40:0f:99:36:a5:16:66:76:b9:b1:
c2:a3:b8:4e:f2:0d:89:bf:83:d3:4d:1a:2d:b0:75:
4f:7f:5d:02:7e:d8:20:b1:18:f1:95:79:f0:67:a4:
4b:7b:46:f7:1c:1c:3b:e2:a5:de:18:e8:cd:7c:b0:
27:5e:9e:8b:49:26:13:d2:b3:71:d5:e8:87:56:63:
af:ec:9d:c7:57:64:74:32:e9:2b:94:1a:74:9d:98:
0c:e1:ed:56:73:fa:62:10:f1:67:77:56:b7:66:d9:
72:a5:ab:57:e2:93:5c:4b:c3:3c:6d:a4:79:a9:4a:
69:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:21:F5:20:B4:1F:67:24:85:DB:95:1E:68:4D:90:0A:0B:4F:8A:BB
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/bSH1ILQfZySF25UeaE2QCgtPirs.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
92:b5:7b:3d:e5:5c:a8:48:8c:f0:30:c2:a5:71:49:e2:79:87:
c1:22:c2:e8:fc:b4:96:5f:e8:39:fc:63:69:c4:03:53:66:40:
ee:6f:8d:bf:d8:0e:37:06:b1:2a:26:9e:30:9b:55:9a:0a:a1:
6c:6d:09:9d:00:04:8c:d5:48:c6:25:1c:e0:2d:5e:d1:fe:52:
68:ad:a7:7f:fd:7d:3e:b5:a5:1e:5e:42:a8:ed:bf:e5:e8:47:
37:82:9f:9a:de:ea:46:21:5b:4e:de:2b:e1:c3:74:a4:e1:a2:
4f:87:30:65:8a:1f:1a:95:c8:d3:2c:03:c8:79:22:72:ee:85:
30:69:37:a2:fb:9b:b5:4b:b2:fb:5a:28:6c:15:66:86:56:58:
5f:3d:a3:84:64:3a:46:ee:6f:da:d5:5f:cb:3e:46:91:3e:6c:
4e:97:d7:38:70:c7:66:e4:33:71:0a:b2:80:49:8f:08:52:db:
1e:3e:bb:ba:a7:83:a6:14:ed:75:82:af:cb:13:a2:9d:9a:57:
03:28:b5:9e:06:01:2e:09:0b:87:e1:c5:78:5a:ea:19:5f:38:
6f:94:ae:92:ee:9a:2c:87:71:c1:84:37:9f:6d:96:e3:50:c1:
ac:64:68:e4:d7:50:e7:d6:84:08:4d:1f:4b:f9:dd:ad:be:35:
10:5b:f4:e8
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICGM0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MDkw
MzM5NDRaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDZEMjFGNTIwQjQxRjY3
MjQ4NURCOTUxRTY4NEQ5MDBBMEI0RjhBQkIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDheSmJCASiqCJtlLoq3zRyMzlQbEVnW0eKYnXecVozCplNhB0i
sgrLW6DWyQX1dc6d/f4quSriBX+vvTtAdc5pAv6fL+N78rrDibccwmbHzt2FGOIP
Dn+5EPbp1Zy1RtsZmrPDX79Gtbh2SKAfqmdE5djk1TTeDAN7N52UJo0VRVZVkewj
UIFwop5aQA+ZNqUWZna5scKjuE7yDYm/g9NNGi2wdU9/XQJ+2CCxGPGVefBnpEt7
RvccHDvipd4Y6M18sCdenotJJhPSs3HV6IdWY6/sncdXZHQy6SuUGnSdmAzh7VZz
+mIQ8Wd3Vrdm2XKlq1fik1xLwzxtpHmpSmlfAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUbSH1ILQfZySF25UeaE2QCgtPirswHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9iU0gxSUxRZlp5U0YyNVVl
YUUyUUNndFBpcnMucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBAJK1ez3lXKhIjPAwwqVxSeJ5h8Eiwuj8tJZf
6Dn8Y2nEA1NmQO5vjb/YDjcGsSomnjCbVZoKoWxtCZ0ABIzVSMYlHOAtXtH+Umit
p3/9fT61pR5eQqjtv+XoRzeCn5re6kYhW07eK+HDdKThok+HMGWKHxqVyNMsA8h5
InLuhTBpN6L7m7VLsvtaKGwVZoZWWF89o4RkOkbub9rVX8s+RpE+bE6X1zhwx2bk
M3EKsoBJjwhS2x4+u7qng6YU7XWCr8sTop2aVwMotZ4GAS4JC4fhxXha6hlfOG+U
rpLumiyHccGEN59tluNQwaxkaOTXUOfWhAhNH0v53a2+NRBb9Og=
-----END CERTIFICATE-----
Generated at Fri Jun 20 23:06:47 2025 by rpki-client