Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/jZ-gR24mcBKYLfHpNddpG-ZDsEE.roa
File: jZ-gR24mcBKYLfHpNddpG-ZDsEE.roa (raw, json)
Hash identifier: B3D/UQeoFfUoPhIcVXwJEcH4pyZFhIHzGpepqp04Y7k=
Subject key identifier: 8D:9F:A0:47:6E:26:70:12:98:2D:F1:E9:35:D7:69:1B:E6:43:B0:41
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 16F1
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/jZ-gR24mcBKYLfHpNddpG-ZDsEE.roa
Signing time: Fri 06 Jun 2025 16:09:28 +0000
ROA not before: Fri 06 Jun 2025 16:09:28 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5873 (0x16f1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 6 16:09:28 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=8D9FA0476E267012982DF1E935D7691BE643B041
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:60:20:dc:22:57:e2:47:83:63:d9:a9:9a:91:
87:55:f8:c7:f3:89:5d:73:56:8e:70:4f:80:e0:a3:
1b:f1:e2:38:03:38:58:c6:1d:df:18:21:c5:40:2b:
ee:56:89:25:d3:02:a1:20:43:45:de:98:f6:57:94:
88:30:51:01:2f:8d:0f:80:0a:e3:e4:b9:01:5c:af:
42:1e:41:06:f5:bd:b6:17:98:f6:88:87:04:69:10:
89:74:d3:0b:8e:ed:6f:78:80:8d:5d:5b:02:69:17:
eb:5a:cc:4a:20:d1:3c:7b:1b:e8:bd:0e:ea:fe:f2:
82:7d:53:53:e0:a7:ec:90:3d:93:2f:41:ee:8b:91:
a6:e1:8b:b8:c9:b8:fd:6b:67:41:16:11:14:ab:41:
f0:d7:c8:67:ee:5f:55:81:58:2d:57:bc:6b:e7:9d:
93:85:cc:20:be:10:45:a1:e6:72:54:eb:c8:7f:23:
c2:82:30:52:61:a4:1d:23:10:82:f1:25:57:ea:62:
bf:69:75:97:0d:b8:b7:1e:52:2e:c0:47:0f:1e:f7:
09:74:fa:31:ef:ec:e4:9e:30:49:50:83:0e:75:73:
a3:5c:e7:cb:a6:5a:46:47:bc:7b:05:85:01:c0:6d:
c0:3c:21:73:ca:08:82:02:7b:66:00:fa:d9:10:d0:
fd:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:9F:A0:47:6E:26:70:12:98:2D:F1:E9:35:D7:69:1B:E6:43:B0:41
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/jZ-gR24mcBKYLfHpNddpG-ZDsEE.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
92:9a:a7:61:65:56:0f:ae:f9:53:87:3e:d0:78:69:dc:72:97:
94:1c:93:4a:da:e0:ce:97:93:98:11:99:1a:07:b9:cd:ab:e8:
8a:74:30:35:38:f7:3b:0c:d7:5b:c4:17:b2:d1:69:29:85:f4:
94:80:79:24:20:2a:bf:7e:db:64:76:ee:63:2a:d9:c0:57:bd:
82:ed:53:e0:80:28:85:a9:00:52:3a:36:a4:c6:0d:ed:f5:f0:
33:ff:ec:b9:49:22:17:1d:6a:72:0d:24:2b:6d:65:57:7d:83:
74:77:5e:75:05:48:78:be:85:04:5f:d0:d2:7d:28:91:0c:24:
42:14:ad:98:68:28:95:b0:18:87:4b:ba:18:97:8d:e8:0d:71:
b9:b4:9d:cc:fe:6f:c3:2d:f6:60:03:88:02:91:d0:60:f6:f1:
36:77:97:38:3a:af:79:5b:d0:4d:94:28:d7:b7:d0:7f:4c:c6:
3b:2f:8c:e9:01:ac:cc:80:08:32:44:ef:d0:fd:59:14:d9:d7:
5c:ca:c9:65:81:5c:3d:00:51:b2:87:06:c0:1f:b3:7e:a7:93:
f6:ba:92:15:2b:23:f3:29:b4:73:36:ec:13:b4:de:a9:bf:30:
88:d4:3b:e6:70:bc:84:b3:1d:71:2b:ff:2b:ff:c5:9f:5a:2c:
f9:54:b8:56
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICFvEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MDYx
NjA5MjhaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDhEOUZBMDQ3NkUyNjcw
MTI5ODJERjFFOTM1RDc2OTFCRTY0M0IwNDEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDAYCDcIlfiR4Nj2amakYdV+MfziV1zVo5wT4Dgoxvx4jgDOFjG
Hd8YIcVAK+5WiSXTAqEgQ0XemPZXlIgwUQEvjQ+ACuPkuQFcr0IeQQb1vbYXmPaI
hwRpEIl00wuO7W94gI1dWwJpF+tazEog0Tx7G+i9Dur+8oJ9U1Pgp+yQPZMvQe6L
kabhi7jJuP1rZ0EWERSrQfDXyGfuX1WBWC1XvGvnnZOFzCC+EEWh5nJU68h/I8KC
MFJhpB0jEILxJVfqYr9pdZcNuLceUi7ARw8e9wl0+jHv7OSeMElQgw51c6Nc58um
WkZHvHsFhQHAbcA8IXPKCIICe2YA+tkQ0P0JAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUjZ+gR24mcBKYLfHpNddpG+ZDsEEwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9qWi1nUjI0bWNCS1lMZkhw
TmRkcEctWkRzRUUucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBAJKap2FlVg+u+VOHPtB4adxyl5Qck0ra4M6X
k5gRmRoHuc2r6Ip0MDU49zsM11vEF7LRaSmF9JSAeSQgKr9+22R27mMq2cBXvYLt
U+CAKIWpAFI6NqTGDe318DP/7LlJIhcdanINJCttZVd9g3R3XnUFSHi+hQRf0NJ9
KJEMJEIUrZhoKJWwGIdLuhiXjegNcbm0ncz+b8Mt9mADiAKR0GD28TZ3lzg6r3lb
0E2UKNe30H9MxjsvjOkBrMyACDJE79D9WRTZ11zKyWWBXD0AUbKHBsAfs36nk/a6
khUrI/MptHM27BO03qm/MIjUO+ZwvISzHXEr/yv/xZ9aLPlUuFY=
-----END CERTIFICATE-----
Generated at Sun Jun 22 23:49:50 2025 by rpki-client