Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/oAVC82rvDDtSBxo3iT_We-Wm8yg.roa
File: oAVC82rvDDtSBxo3iT_We-Wm8yg.roa (raw, json)
Hash identifier: yATlUgU8jPa6OlIBTwIa7sxzxn6AIwxTtdNrs1F+PFE=
Subject key identifier: A0:05:42:F3:6A:EF:0C:3B:52:07:1A:37:89:3F:D6:7B:E5:A6:F3:28
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 1779
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/oAVC82rvDDtSBxo3iT_We-Wm8yg.roa
Signing time: Sat 07 Jun 2025 09:09:33 +0000
ROA not before: Sat 07 Jun 2025 09:09:33 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6009 (0x1779)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 7 09:09:33 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=A00542F36AEF0C3B52071A37893FD67BE5A6F328
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:65:89:4b:ee:35:52:f3:3e:b0:87:13:79:fb:
1f:42:2b:41:16:2b:16:e8:82:df:bc:85:a8:59:83:
45:a8:dc:c5:69:d3:f7:47:04:90:1f:ab:8c:58:6e:
4d:e2:d1:5b:d8:03:93:0d:cb:fc:43:f1:da:98:c3:
2b:9e:c5:7a:01:51:3a:f2:a3:23:a5:24:d3:10:17:
57:c7:d9:ff:6f:dc:7f:03:ac:12:e1:07:10:42:d7:
4b:8d:d8:9c:0b:18:fc:b6:cc:6b:d1:28:6b:3e:5a:
a2:b4:6c:e3:0d:8c:62:80:4c:b1:4f:1e:35:7c:0b:
2b:e8:93:13:60:6e:60:39:c2:df:4c:30:ab:92:45:
77:a6:e3:f6:1c:c2:3d:c5:d3:0d:ea:d4:0d:6b:fc:
48:b1:06:1d:1d:67:b7:3c:dc:81:c1:d2:67:61:15:
33:ba:0b:db:f9:bb:8a:e8:5d:97:e0:67:d5:d8:ee:
9b:c1:ef:2e:29:db:d3:2a:0b:77:86:db:b0:9f:f4:
00:a8:f6:a9:a3:a5:1b:97:f0:40:a1:01:35:04:52:
7e:20:09:3b:b5:5b:03:1e:13:11:30:38:e9:b5:10:
20:4e:89:b2:f3:33:76:ec:cc:09:2a:f3:54:66:37:
21:05:3f:98:c4:0a:10:66:c4:ce:a8:ce:d7:bd:84:
9a:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:05:42:F3:6A:EF:0C:3B:52:07:1A:37:89:3F:D6:7B:E5:A6:F3:28
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/oAVC82rvDDtSBxo3iT_We-Wm8yg.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
9b:4f:db:fa:d6:73:49:fa:13:a3:7f:75:8b:5a:74:fb:d2:c5:
d6:ab:7a:7c:15:dd:80:bf:1b:a1:41:9e:dd:7d:dd:4a:d5:86:
4b:9a:35:00:e3:c8:94:ee:b4:00:17:d5:d4:1b:df:59:9f:30:
72:f9:fb:be:f6:7b:3f:b0:11:e5:55:8a:9f:86:70:8f:b2:37:
cc:98:13:11:fd:b2:74:d8:c7:c7:83:e5:e8:76:b7:96:eb:55:
be:d3:72:b8:67:4e:e4:a5:67:cd:28:37:48:b2:00:4b:34:57:
05:81:52:32:47:39:71:e2:91:3b:b1:47:08:4a:f2:69:fb:28:
e6:7d:02:1f:03:87:ec:39:ef:ce:23:6e:cf:07:ab:ea:17:fb:
f9:ca:f5:6a:dd:c5:e0:e0:55:ba:71:d9:a0:42:08:c7:38:71:
53:c5:19:d5:d2:f1:2f:d8:1f:85:9a:1e:74:83:e9:7b:10:7c:
13:6a:31:c3:f4:21:55:3d:ea:5c:45:23:39:ef:b2:9c:f0:8f:
19:e0:3d:89:ee:6d:29:68:a9:e4:03:6f:c9:52:37:5d:da:1e:
c6:7a:3f:04:10:3c:cf:86:4c:8e:40:d8:17:29:d4:16:f4:a3:
0b:aa:b3:20:54:f8:1c:ad:32:dc:70:b4:c5:07:e4:b6:fd:81:
3b:ce:f3:41
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICF3kwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MDcw
OTA5MzNaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEEwMDU0MkYzNkFFRjBD
M0I1MjA3MUEzNzg5M0ZENjdCRTVBNkYzMjgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDIZYlL7jVS8z6whxN5+x9CK0EWKxbogt+8hahZg0Wo3MVp0/dH
BJAfq4xYbk3i0VvYA5MNy/xD8dqYwyuexXoBUTryoyOlJNMQF1fH2f9v3H8DrBLh
BxBC10uN2JwLGPy2zGvRKGs+WqK0bOMNjGKATLFPHjV8CyvokxNgbmA5wt9MMKuS
RXem4/Ycwj3F0w3q1A1r/EixBh0dZ7c83IHB0mdhFTO6C9v5u4roXZfgZ9XY7pvB
7y4p29MqC3eG27Cf9ACo9qmjpRuX8EChATUEUn4gCTu1WwMeExEwOOm1ECBOibLz
M3bszAkq81RmNyEFP5jEChBmxM6ozte9hJpdAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUoAVC82rvDDtSBxo3iT/We+Wm8ygwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9vQVZDODJydkREdFNCeG8z
aVRfV2UtV204eWcucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBAJtP2/rWc0n6E6N/dYtadPvSxdarenwV3YC/
G6FBnt193UrVhkuaNQDjyJTutAAX1dQb31mfMHL5+772ez+wEeVVip+GcI+yN8yY
ExH9snTYx8eD5eh2t5brVb7TcrhnTuSlZ80oN0iyAEs0VwWBUjJHOXHikTuxRwhK
8mn7KOZ9Ah8Dh+w5784jbs8Hq+oX+/nK9WrdxeDgVbpx2aBCCMc4cVPFGdXS8S/Y
H4WaHnSD6XsQfBNqMcP0IVU96lxFIznvspzwjxngPYnubSloqeQDb8lSN13aHsZ6
PwQQPM+GTI5A2Bcp1Bb0owuqsyBU+BytMtxwtMUH5Lb9gTvO80E=
-----END CERTIFICATE-----
Generated at Sun Jun 22 02:16:25 2025 by rpki-client