Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/itSD5G9OBlfuL7-LqbGZARsO3XU.roa
File: itSD5G9OBlfuL7-LqbGZARsO3XU.roa (raw, json)
Hash identifier: tROMWT9+ccNWAt1aYwmsBGgReQU2oki/EINz5JQK/aY=
Subject key identifier: 8A:D4:83:E4:6F:4E:06:57:EE:2F:BF:8B:A9:B1:99:01:1B:0E:DD:75
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 16C9
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/itSD5G9OBlfuL7-LqbGZARsO3XU.roa
Signing time: Fri 06 Jun 2025 11:09:27 +0000
ROA not before: Fri 06 Jun 2025 11:09:27 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5833 (0x16c9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 6 11:09:27 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=8AD483E46F4E0657EE2FBF8BA9B199011B0EDD75
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:6b:65:bb:5e:19:d3:6e:fd:9d:e4:5d:60:7c:
5d:af:39:62:02:a8:95:ed:5f:23:33:81:5d:21:9c:
a8:df:5d:87:2e:88:be:65:ba:33:89:0f:32:89:38:
16:92:2e:ae:98:05:d3:19:85:8c:af:e4:ba:8a:e7:
f7:c8:51:e4:c3:db:ea:2b:47:8b:5a:fe:03:64:bf:
ab:96:a8:15:b7:c0:42:f6:0d:81:89:ce:93:eb:1d:
53:d8:70:d3:97:ec:a4:ca:5b:24:d9:ee:46:7d:60:
3a:20:0b:89:19:a1:96:42:af:fd:20:d3:85:d4:dc:
ec:2d:3a:11:b6:05:b3:38:5d:55:1b:c6:97:7f:6d:
19:65:4f:2c:95:25:f0:78:02:a9:71:ec:b7:51:d7:
c6:dd:2f:c3:09:c3:5d:f4:50:fb:67:45:98:79:4e:
cb:ac:79:35:72:1f:d0:77:8a:7b:8f:03:09:d5:04:
af:25:6f:74:0a:66:81:3e:a6:e8:85:23:91:a7:e1:
5f:7e:ea:47:54:d5:fd:d4:18:19:e6:1d:1e:46:a3:
c3:68:63:84:9a:f5:5d:f9:f4:82:25:a8:c1:46:5d:
5d:73:d7:38:a7:d2:67:63:ab:6f:9b:94:a9:e1:37:
4f:f7:fe:9f:84:1c:56:bf:27:bd:b8:ba:b9:54:49:
bd:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:D4:83:E4:6F:4E:06:57:EE:2F:BF:8B:A9:B1:99:01:1B:0E:DD:75
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/itSD5G9OBlfuL7-LqbGZARsO3XU.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
19:ca:18:df:79:60:c5:fc:aa:b7:c1:9f:38:31:12:0f:bd:2d:
15:ee:d5:ae:e0:bf:3b:38:a2:73:b8:6a:bf:44:d4:97:32:a9:
f4:16:e3:2a:32:2e:b8:62:ee:99:2d:98:ef:bf:d8:31:9e:2a:
2a:12:cc:09:80:07:44:9c:13:7c:b9:53:cc:da:d4:d6:5a:dd:
0f:a1:72:6b:df:30:a4:6d:4e:66:02:a6:51:8f:a3:09:85:8a:
46:a8:8d:8e:fa:e0:b7:c7:bd:3e:b7:52:e9:0a:ab:6d:cf:30:
e5:0a:dd:01:d6:24:8d:d9:69:fe:0c:ca:03:95:b3:d0:80:de:
f0:d2:31:99:a0:6a:d9:2d:8c:7d:11:fb:59:76:36:1d:d4:13:
35:4b:65:d7:1c:23:6b:42:1c:b7:8c:88:d5:5a:07:75:f1:32:
be:d3:3a:94:2f:28:9e:a4:b1:5c:da:e2:f6:5e:be:d2:50:31:
54:48:c5:8f:73:b3:e2:10:6c:b1:18:3a:9d:ee:e8:29:1f:a5:
41:a3:46:ac:1c:13:3b:fa:31:8c:c9:e3:75:50:a8:48:05:ae:
70:26:10:a5:6a:87:81:db:c1:d6:fc:97:16:ca:19:e2:23:0b:
b2:64:12:05:bf:8f:83:b3:bf:19:9c:8b:67:e9:7c:d3:68:36:
43:62:be:b4
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICFskwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MDYx
MTA5MjdaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDhBRDQ4M0U0NkY0RTA2
NTdFRTJGQkY4QkE5QjE5OTAxMUIwRURENzUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDpa2W7XhnTbv2d5F1gfF2vOWICqJXtXyMzgV0hnKjfXYcuiL5l
ujOJDzKJOBaSLq6YBdMZhYyv5LqK5/fIUeTD2+orR4ta/gNkv6uWqBW3wEL2DYGJ
zpPrHVPYcNOX7KTKWyTZ7kZ9YDogC4kZoZZCr/0g04XU3OwtOhG2BbM4XVUbxpd/
bRllTyyVJfB4Aqlx7LdR18bdL8MJw130UPtnRZh5TsuseTVyH9B3inuPAwnVBK8l
b3QKZoE+puiFI5Gn4V9+6kdU1f3UGBnmHR5Go8NoY4Sa9V359IIlqMFGXV1z1zin
0mdjq2+blKnhN0/3/p+EHFa/J724urlUSb0JAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUitSD5G9OBlfuL7+LqbGZARsO3XUwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9pdFNENUc5T0JsZnVMNy1M
cWJHWkFSc08zWFUucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBABnKGN95YMX8qrfBnzgxEg+9LRXu1a7gvzs4
onO4ar9E1JcyqfQW4yoyLrhi7pktmO+/2DGeKioSzAmAB0ScE3y5U8za1NZa3Q+h
cmvfMKRtTmYCplGPowmFikaojY764LfHvT63UukKq23PMOUK3QHWJI3Zaf4MygOV
s9CA3vDSMZmgatktjH0R+1l2Nh3UEzVLZdccI2tCHLeMiNVaB3XxMr7TOpQvKJ6k
sVza4vZevtJQMVRIxY9zs+IQbLEYOp3u6CkfpUGjRqwcEzv6MYzJ43VQqEgFrnAm
EKVqh4Hbwdb8lxbKGeIjC7JkEgW/j4Ozvxmci2fpfNNoNkNivrQ=
-----END CERTIFICATE-----
Generated at Fri Jun 20 17:51:24 2025 by rpki-client