Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/fsB3dg7yNvE-bUoNOWtjMsHW4Ow.roa
File: fsB3dg7yNvE-bUoNOWtjMsHW4Ow.roa (raw, json)
Hash identifier: 9KTjPyKaUUm4z4rmr69gVtpXL4yGeGr+4YICGcWX3eg=
Subject key identifier: 7E:C0:77:76:0E:F2:36:F1:3E:6D:4A:0D:39:6B:63:32:C1:D6:E0:EC
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 1965
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/fsB3dg7yNvE-bUoNOWtjMsHW4Ow.roa
Signing time: Mon 09 Jun 2025 22:39:39 +0000
ROA not before: Mon 09 Jun 2025 22:39:39 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6501 (0x1965)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 9 22:39:39 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=7EC077760EF236F13E6D4A0D396B6332C1D6E0EC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:a1:0c:e0:61:2e:2f:cc:64:f6:0a:38:87:99:
06:96:f1:45:23:12:98:2a:a9:d1:92:74:b6:c4:0e:
c5:f0:2c:90:2b:25:19:a7:b7:0b:5e:06:a6:b8:32:
58:00:4a:33:32:d2:b2:a3:2b:51:4e:f3:62:88:38:
1b:f9:49:77:41:d8:d8:59:fd:5d:7b:7a:62:cc:ef:
15:b6:5a:ab:c8:3f:91:73:f5:45:6d:a7:6f:68:53:
f2:dd:26:46:03:e8:83:3b:54:b1:99:29:ff:51:89:
0b:ef:d4:92:d3:04:d7:db:bf:12:d4:81:9d:83:5f:
2f:de:3c:a6:99:2e:9d:0b:ce:8e:2e:66:df:e6:5a:
60:1f:7d:02:5e:d0:ef:d1:4d:7f:bd:da:9a:54:18:
29:8f:f1:b5:8a:ed:24:be:73:2f:69:92:8d:73:03:
2b:94:45:38:80:b8:e7:65:e6:f8:4c:77:3a:7f:33:
aa:92:1c:d2:e9:5c:80:68:74:84:df:f6:41:61:96:
67:e2:2b:47:79:4d:22:c3:86:92:27:f8:1a:39:f9:
e3:e9:58:29:ee:c5:e5:f8:59:8b:c6:c0:00:dc:ab:
6e:f5:fe:6a:b2:8b:19:58:19:ab:fa:91:19:93:00:
8f:7b:af:8f:3c:f8:9e:01:98:84:6c:3d:53:6c:24:
da:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:C0:77:76:0E:F2:36:F1:3E:6D:4A:0D:39:6B:63:32:C1:D6:E0:EC
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/fsB3dg7yNvE-bUoNOWtjMsHW4Ow.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
38:1f:43:75:13:4f:85:b3:95:f4:dc:81:22:b2:19:fd:63:04:
7b:18:9b:1c:58:5a:87:ec:8a:14:e5:bf:96:50:d4:a3:01:f1:
66:87:a4:0c:61:6c:fc:a9:87:11:bc:ad:e9:b4:0e:17:97:9a:
c9:31:05:69:44:6d:7e:19:ae:40:1f:91:1d:e4:1b:ec:94:7c:
89:45:cc:48:d8:49:e0:8b:2a:2a:d3:9d:77:7e:1b:4e:de:d3:
bd:63:42:aa:c0:b3:1f:1c:20:84:07:e0:e4:3c:e4:82:f2:b0:
1f:93:4c:60:23:99:25:a9:51:e3:fe:87:83:e9:c5:bb:c7:a6:
7b:4e:17:90:d1:2e:d5:cb:94:0a:66:b1:a3:51:2c:28:d7:d1:
8f:2f:fc:b5:bd:ce:b3:13:ad:e5:c4:46:67:84:30:f8:12:d5:
6d:1f:7c:92:ec:1a:4c:e4:bb:6f:3d:50:91:ba:eb:92:7f:66:
22:77:7c:25:86:ec:15:0a:0d:95:8b:3d:53:21:a3:cd:37:26:
6d:17:70:be:44:d4:57:6f:a8:7c:06:08:dd:2e:b0:67:67:88:
e3:e2:02:b1:7d:30:e7:7f:cd:53:44:04:be:78:2a:46:45:81:
a3:bd:17:bd:c4:fe:fc:c4:8b:3f:46:e5:98:27:9a:bf:3c:f4:
65:38:2d:1c
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICGWUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MDky
MjM5MzlaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDdFQzA3Nzc2MEVGMjM2
RjEzRTZENEEwRDM5NkI2MzMyQzFENkUwRUMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCpoQzgYS4vzGT2CjiHmQaW8UUjEpgqqdGSdLbEDsXwLJArJRmn
twteBqa4MlgASjMy0rKjK1FO82KIOBv5SXdB2NhZ/V17emLM7xW2WqvIP5Fz9UVt
p29oU/LdJkYD6IM7VLGZKf9RiQvv1JLTBNfbvxLUgZ2DXy/ePKaZLp0Lzo4uZt/m
WmAffQJe0O/RTX+92ppUGCmP8bWK7SS+cy9pko1zAyuURTiAuOdl5vhMdzp/M6qS
HNLpXIBodITf9kFhlmfiK0d5TSLDhpIn+Bo5+ePpWCnuxeX4WYvGwADcq271/mqy
ixlYGav6kRmTAI97r488+J4BmIRsPVNsJNr7AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUfsB3dg7yNvE+bUoNOWtjMsHW4OwwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9mc0IzZGc3eU52RS1iVW9O
T1d0ak1zSFc0T3cucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBADgfQ3UTT4WzlfTcgSKyGf1jBHsYmxxYWofs
ihTlv5ZQ1KMB8WaHpAxhbPyphxG8rem0DheXmskxBWlEbX4ZrkAfkR3kG+yUfIlF
zEjYSeCLKirTnXd+G07e071jQqrAsx8cIIQH4OQ85ILysB+TTGAjmSWpUeP+h4Pp
xbvHpntOF5DRLtXLlApmsaNRLCjX0Y8v/LW9zrMTreXERmeEMPgS1W0ffJLsGkzk
u289UJG665J/ZiJ3fCWG7BUKDZWLPVMho803Jm0XcL5E1FdvqHwGCN0usGdniOPi
ArF9MOd/zVNEBL54KkZFgaO9F73E/vzEiz9G5Zgnmr889GU4LRw=
-----END CERTIFICATE-----
Generated at Sat Jun 21 12:07:09 2025 by rpki-client