Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/ckJu-aoFlU29dmDrRaU18_4QGEg.roa
File: ckJu-aoFlU29dmDrRaU18_4QGEg.roa (raw, json)
Hash identifier: +UL6s2ke7fKzra98eFng6sr3yd29bfLkB0T+QwEq1sA=
Subject key identifier: 72:42:6E:F9:AA:05:95:4D:BD:76:60:EB:45:A5:35:F3:FE:10:18:48
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 1BB1
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/ckJu-aoFlU29dmDrRaU18_4QGEg.roa
Signing time: Fri 13 Jun 2025 00:09:51 +0000
ROA not before: Fri 13 Jun 2025 00:09:51 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7089 (0x1bb1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 13 00:09:51 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=72426EF9AA05954DBD7660EB45A535F3FE101848
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:f8:6d:78:8b:5a:75:c3:fe:71:fb:39:a4:ad:
2b:4b:13:a9:ab:b7:04:35:eb:00:21:e3:ba:de:46:
11:98:70:0d:39:87:3b:21:38:65:16:39:95:1b:08:
23:e5:50:da:85:36:60:01:81:55:2a:15:b6:7f:9b:
ca:e0:ea:bc:c1:7a:28:0f:3e:57:81:7a:12:76:5d:
0b:51:02:0e:cd:10:fc:cb:50:f6:51:52:48:7c:fa:
69:db:6d:61:3d:69:72:ef:a5:b5:a0:52:86:ff:bf:
80:40:3d:d1:66:64:bd:09:4f:1c:c5:88:3c:ab:56:
9d:ff:fe:32:65:b0:64:1b:8d:d9:ff:9f:8a:09:42:
b0:1d:21:68:2a:9f:e8:72:96:6c:d5:4d:a2:e9:f7:
c9:c8:f3:4b:02:40:31:d1:cb:c1:1d:09:d6:a8:99:
7d:46:8a:51:23:b2:c9:6b:2a:ea:c3:26:56:fc:0d:
99:fa:d0:66:18:a0:4e:5f:ce:c3:d3:da:25:51:0b:
b4:89:de:c7:a4:bb:7f:2d:78:35:0d:60:04:fc:65:
d3:57:44:57:7a:73:9b:40:bc:2b:be:bc:30:db:59:
43:03:9b:fc:25:a4:36:5f:a6:26:9e:24:5d:f4:34:
8a:1e:78:9e:d0:aa:f6:cf:15:d2:db:42:ca:b7:08:
83:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:42:6E:F9:AA:05:95:4D:BD:76:60:EB:45:A5:35:F3:FE:10:18:48
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/ckJu-aoFlU29dmDrRaU18_4QGEg.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
5e:1d:54:1e:a6:c0:3a:a9:45:72:41:fe:17:d4:6d:cd:79:75:
8d:fd:a3:6d:7a:b6:cc:db:10:40:95:20:ab:61:d5:ad:5c:1e:
05:82:d9:c7:0b:6b:0a:64:d7:1e:1d:ff:76:9e:1f:a2:38:a8:
23:88:1b:9e:a1:75:fc:92:0a:fa:08:36:b5:04:13:20:57:56:
25:ef:d9:0b:49:92:f0:a6:e0:76:b8:58:85:cf:f6:40:81:64:
50:f6:2d:0a:60:71:2b:bd:09:ce:eb:f9:68:ad:36:79:2b:98:
3d:df:e7:09:ff:83:ac:cb:75:81:7d:ba:e6:ca:31:dc:4c:61:
80:f0:2f:79:a7:00:b6:1c:25:ba:c2:0b:fd:e6:ba:bd:90:cd:
fe:de:a6:83:5d:a3:8d:41:ae:26:df:52:f6:c5:61:09:99:03:
1a:fd:d6:3f:44:ed:c1:54:1b:51:32:72:3d:e8:5f:ac:46:6e:
8b:88:09:49:52:40:38:65:14:5e:ba:af:93:51:a4:59:43:c3:
23:a6:d6:3a:bb:d1:92:fb:ca:e5:5c:58:b7:8a:04:e8:ba:9d:
81:ed:c2:d6:57:d0:67:5a:15:51:98:98:52:86:09:81:b0:ec:
5d:0b:ed:d2:62:f5:fb:a0:5d:4c:77:54:73:67:98:b1:fa:3b:
4b:98:2e:b0
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICG7EwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MTMw
MDA5NTFaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDcyNDI2RUY5QUEwNTk1
NERCRDc2NjBFQjQ1QTUzNUYzRkUxMDE4NDgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCf+G14i1p1w/5x+zmkrStLE6mrtwQ16wAh47reRhGYcA05hzsh
OGUWOZUbCCPlUNqFNmABgVUqFbZ/m8rg6rzBeigPPleBehJ2XQtRAg7NEPzLUPZR
Ukh8+mnbbWE9aXLvpbWgUob/v4BAPdFmZL0JTxzFiDyrVp3//jJlsGQbjdn/n4oJ
QrAdIWgqn+hylmzVTaLp98nI80sCQDHRy8EdCdaomX1GilEjsslrKurDJlb8DZn6
0GYYoE5fzsPT2iVRC7SJ3seku38teDUNYAT8ZdNXRFd6c5tAvCu+vDDbWUMDm/wl
pDZfpiaeJF30NIoeeJ7QqvbPFdLbQsq3CIP/AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUckJu+aoFlU29dmDrRaU18/4QGEgwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9ja0p1LWFvRmxVMjlkbURy
UmFVMThfNFFHRWcucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBAF4dVB6mwDqpRXJB/hfUbc15dY39o216tszb
EECVIKth1a1cHgWC2ccLawpk1x4d/3aeH6I4qCOIG56hdfySCvoINrUEEyBXViXv
2QtJkvCm4Ha4WIXP9kCBZFD2LQpgcSu9Cc7r+WitNnkrmD3f5wn/g6zLdYF9uubK
MdxMYYDwL3mnALYcJbrCC/3mur2Qzf7epoNdo41BribfUvbFYQmZAxr91j9E7cFU
G1Eycj3oX6xGbouICUlSQDhlFF66r5NRpFlDwyOm1jq70ZL7yuVcWLeKBOi6nYHt
wtZX0GdaFVGYmFKGCYGw7F0L7dJi9fugXUx3VHNnmLH6O0uYLrA=
-----END CERTIFICATE-----
Generated at Sat Jun 21 23:23:49 2025 by rpki-client