Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/f2xsqa6eGGb-V-956OJNUIWhw6Q.roa
File: f2xsqa6eGGb-V-956OJNUIWhw6Q.roa (raw, json)
Hash identifier: GWFuh7+ZtpxqOUTRGe/0VzSCaf9Ym6ETSmMZxiCD76s=
Subject key identifier: 7F:6C:6C:A9:AE:9E:18:66:FE:57:EF:79:E8:E2:4D:50:85:A1:C3:A4
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0F39
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/f2xsqa6eGGb-V-956OJNUIWhw6Q.roa
Signing time: Tue 27 May 2025 09:08:48 +0000
ROA not before: Tue 27 May 2025 09:08:48 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3897 (0xf39)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 27 09:08:48 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=7F6C6CA9AE9E1866FE57EF79E8E24D5085A1C3A4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:fb:da:fc:47:cd:b2:2d:0f:48:60:4f:29:8c:
18:7a:b4:6d:d5:39:a6:fa:66:b6:ac:92:fd:4a:66:
2a:8f:29:f8:3f:63:eb:12:4e:27:56:6d:b4:5f:ee:
66:69:2d:ea:05:0f:e8:07:2f:d2:6c:ec:34:d8:32:
10:d9:9b:de:b2:a0:11:53:20:c3:9d:7c:16:e7:47:
fe:79:bb:6e:4f:c1:ff:66:cd:5c:63:55:d2:2d:89:
75:86:68:fc:48:51:38:1d:55:ff:3f:ec:37:11:65:
01:5e:b1:a4:45:f4:e9:73:82:fd:e3:3e:2c:d8:cc:
e8:3e:a6:d8:e4:ba:59:b4:03:87:b1:12:10:3d:be:
b3:69:74:bb:71:82:78:5e:d5:3d:9c:83:b3:4f:65:
90:32:55:0b:71:d9:49:25:52:c7:fc:d3:a8:89:95:
e9:98:1e:36:92:d7:94:d9:de:29:45:00:fa:b2:e9:
30:cd:da:34:49:83:4e:31:44:a5:7f:08:e9:b7:07:
26:55:49:16:93:53:a5:8f:7a:d9:17:04:75:ec:75:
c2:4d:26:87:27:fb:2b:ed:d3:87:dd:22:7c:c2:05:
59:ee:3c:5b:e7:7c:92:8b:36:0f:e3:5d:a4:4f:bb:
cd:08:e8:36:81:9f:e4:a4:b5:e1:62:ac:ae:3e:d8:
aa:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:6C:6C:A9:AE:9E:18:66:FE:57:EF:79:E8:E2:4D:50:85:A1:C3:A4
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/f2xsqa6eGGb-V-956OJNUIWhw6Q.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
39:06:cd:bb:0a:88:e2:4e:75:5b:2a:b2:51:44:84:f8:60:6d:
98:e8:ed:82:dd:de:c8:15:03:ca:67:21:48:fc:d4:76:0b:33:
75:33:e6:0b:38:a6:74:e7:05:78:3c:01:0a:fd:bb:61:23:4c:
f0:e8:e0:59:71:b3:7f:79:f0:bb:ba:b5:d4:e6:d6:ef:b3:8e:
08:e2:8a:65:58:b0:7d:83:ac:39:63:a6:8b:a5:98:be:ec:1e:
bc:de:83:25:75:21:e2:7e:44:00:4d:92:30:bf:61:35:5e:5d:
f4:88:2b:9b:e3:0e:9e:a8:4c:1f:01:bb:16:ad:d7:9c:45:36:
b4:80:bc:a2:60:cc:82:cc:96:8c:e2:85:f1:37:64:93:fb:ac:
60:f1:77:18:19:61:62:ec:56:a1:e6:33:d2:18:80:00:8a:9d:
74:a2:08:d8:55:d1:74:b8:b6:01:07:ef:1a:2b:fd:a8:5f:18:
9f:84:34:6f:23:7f:2c:7e:cc:ad:1a:95:65:21:35:4d:23:17:
5f:78:8d:2c:68:34:79:14:c4:2b:3b:a2:83:af:d6:58:14:52:
d0:fb:04:00:93:a6:c9:16:b8:30:d0:5b:10:4e:8a:9c:8a:dd:
bd:91:fc:3a:d4:b5:76:52:e0:29:f4:98:9a:9f:eb:7b:ce:e4:
d5:91:07:db
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICDzkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1Mjcw
OTA4NDhaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDdGNkM2Q0E5QUU5RTE4
NjZGRTU3RUY3OUU4RTI0RDUwODVBMUMzQTQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCc+9r8R82yLQ9IYE8pjBh6tG3VOab6Zraskv1KZiqPKfg/Y+sS
TidWbbRf7mZpLeoFD+gHL9Js7DTYMhDZm96yoBFTIMOdfBbnR/55u25Pwf9mzVxj
VdItiXWGaPxIUTgdVf8/7DcRZQFesaRF9Olzgv3jPizYzOg+ptjkulm0A4exEhA9
vrNpdLtxgnhe1T2cg7NPZZAyVQtx2UklUsf806iJlemYHjaS15TZ3ilFAPqy6TDN
2jRJg04xRKV/COm3ByZVSRaTU6WPetkXBHXsdcJNJocn+yvt04fdInzCBVnuPFvn
fJKLNg/jXaRPu80I6DaBn+SkteFirK4+2KpTAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUf2xsqa6eGGb+V+956OJNUIWhw6QwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9mMnhzcWE2ZUdHYi1WLTk1
Nk9KTlVJV2h3NlEucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBADkGzbsKiOJOdVsqslFEhPhgbZjo7YLd3sgV
A8pnIUj81HYLM3Uz5gs4pnTnBXg8AQr9u2EjTPDo4Flxs3958Lu6tdTm1u+zjgji
imVYsH2DrDljpoulmL7sHrzegyV1IeJ+RABNkjC/YTVeXfSIK5vjDp6oTB8Buxat
15xFNrSAvKJgzILMlozihfE3ZJP7rGDxdxgZYWLsVqHmM9IYgACKnXSiCNhV0XS4
tgEH7xor/ahfGJ+ENG8jfyx+zK0alWUhNU0jF194jSxoNHkUxCs7ooOv1lgUUtD7
BACTpskWuDDQWxBOipyK3b2R/DrUtXZS4Cn0mJqf63vO5NWRB9s=
-----END CERTIFICATE-----
Generated at Fri Jun 20 21:22:43 2025 by rpki-client