Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/kfOsBMhPE2oVucbyrhc1lTUHnBs.roa
File: kfOsBMhPE2oVucbyrhc1lTUHnBs.roa (raw, json)
Hash identifier: tKlJdLK5MRT0fgY6oRcO/R3VWqSZVO5m8A+GOg6Kytk=
Subject key identifier: 91:F3:AC:04:C8:4F:13:6A:15:B9:C6:F2:AE:17:35:95:35:07:9C:1B
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 1BA5
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/kfOsBMhPE2oVucbyrhc1lTUHnBs.roa
Signing time: Thu 12 Jun 2025 22:39:56 +0000
ROA not before: Thu 12 Jun 2025 22:39:56 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7077 (0x1ba5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 12 22:39:56 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=91F3AC04C84F136A15B9C6F2AE17359535079C1B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:9b:19:a0:db:46:87:be:3b:0a:14:6c:f3:69:
50:c3:d4:0e:ff:9e:10:08:b2:d7:b5:f4:e9:5b:27:
c1:75:65:a6:95:47:85:16:2a:f6:ad:2d:ba:40:78:
e2:10:17:1a:33:f5:26:3c:2a:85:4e:3f:3d:97:50:
f8:ca:db:29:3f:43:b0:e6:bd:a6:66:36:87:16:2e:
3a:60:9e:c4:53:a3:21:27:7b:43:4c:23:3b:44:18:
c9:52:34:9a:90:db:db:2c:c5:9c:de:83:98:9f:8a:
9f:cf:ab:1b:2a:71:1e:8c:63:af:94:b7:d7:39:20:
ea:f2:1b:94:10:71:02:76:58:b5:8d:88:e7:7b:58:
73:fd:30:16:3f:20:ed:52:dd:aa:5a:a8:1e:7f:75:
13:09:f2:3a:d8:49:45:06:b1:80:ab:7a:7f:72:30:
8f:1a:dd:7a:dc:6a:8d:8e:41:87:39:97:49:bc:4d:
a4:6b:9d:f7:d2:78:4c:ba:21:e0:c4:72:d6:f5:46:
b8:64:f8:76:97:2d:05:9e:36:49:a9:ee:81:68:c7:
45:f2:cc:3f:d9:5c:42:7d:0c:33:55:9e:b0:77:ac:
af:06:17:91:65:eb:2b:12:a9:7f:09:89:cb:ba:f2:
50:83:3f:48:96:8b:bc:92:56:22:a4:c3:89:d8:28:
91:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:F3:AC:04:C8:4F:13:6A:15:B9:C6:F2:AE:17:35:95:35:07:9C:1B
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/kfOsBMhPE2oVucbyrhc1lTUHnBs.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
7a:ff:78:96:8a:3f:14:b4:7f:a4:d1:39:aa:6f:20:b5:bc:da:
8d:dc:dd:21:59:a0:eb:5b:59:8c:1e:ad:21:c8:27:46:a6:4e:
3c:9d:6c:4b:7b:fd:88:0a:0c:d0:a9:4f:55:1e:bf:a1:b6:db:
00:f6:59:fb:b9:d5:15:ea:82:c1:28:ef:45:cd:9a:f0:f1:4a:
8e:ea:98:51:1b:b2:6d:ab:a2:4a:a9:3d:71:56:0d:b2:34:cf:
6b:45:0f:8d:96:29:71:a9:60:a3:5b:1f:2a:e9:74:4b:e8:01:
5c:ca:66:e1:d6:f4:52:e2:8c:eb:7d:80:bc:01:4b:2d:b3:c2:
c7:df:54:22:fe:97:f6:e2:91:50:88:11:1c:11:19:51:94:fd:
7f:8e:cc:36:48:12:5d:ea:7f:ac:da:f7:ca:bd:67:54:b4:a4:
7a:23:1d:37:8b:58:2a:60:61:ff:e7:30:83:9c:ff:11:6f:55:
0d:b2:49:b8:4b:c6:68:a2:c3:f5:ad:32:5b:b6:8a:30:71:09:
bd:57:c6:47:51:8c:8c:6a:e9:74:2a:34:39:ae:58:c9:69:d2:
80:32:9f:8f:24:0f:ca:fe:8d:93:ed:e1:b7:34:c9:b0:59:61:
21:2b:38:41:84:64:04:63:ea:64:61:a8:00:37:77:ef:7b:26:
24:a9:d4:ec
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICG6UwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MTIy
MjM5NTZaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDkxRjNBQzA0Qzg0RjEz
NkExNUI5QzZGMkFFMTczNTk1MzUwNzlDMUIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC1mxmg20aHvjsKFGzzaVDD1A7/nhAIste19OlbJ8F1ZaaVR4UW
KvatLbpAeOIQFxoz9SY8KoVOPz2XUPjK2yk/Q7DmvaZmNocWLjpgnsRToyEne0NM
IztEGMlSNJqQ29ssxZzeg5ifip/PqxsqcR6MY6+Ut9c5IOryG5QQcQJ2WLWNiOd7
WHP9MBY/IO1S3apaqB5/dRMJ8jrYSUUGsYCren9yMI8a3Xrcao2OQYc5l0m8TaRr
nffSeEy6IeDEctb1Rrhk+HaXLQWeNkmp7oFox0XyzD/ZXEJ9DDNVnrB3rK8GF5Fl
6ysSqX8Jicu68lCDP0iWi7ySViKkw4nYKJHNAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUkfOsBMhPE2oVucbyrhc1lTUHnBswHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9rZk9zQk1oUEUyb1Z1Y2J5
cmhjMWxUVUhuQnMucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBAHr/eJaKPxS0f6TROapvILW82o3c3SFZoOtb
WYwerSHIJ0amTjydbEt7/YgKDNCpT1Uev6G22wD2Wfu51RXqgsEo70XNmvDxSo7q
mFEbsm2rokqpPXFWDbI0z2tFD42WKXGpYKNbHyrpdEvoAVzKZuHW9FLijOt9gLwB
Sy2zwsffVCL+l/bikVCIERwRGVGU/X+OzDZIEl3qf6za98q9Z1S0pHojHTeLWCpg
Yf/nMIOc/xFvVQ2ySbhLxmiiw/WtMlu2ijBxCb1XxkdRjIxq6XQqNDmuWMlp0oAy
n48kD8r+jZPt4bc0ybBZYSErOEGEZARj6mRhqAA3d+97JiSp1Ow=
-----END CERTIFICATE-----
Generated at Sat Jun 21 23:27:01 2025 by rpki-client