Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/r5AwsZrqwgNulOh9rpz9d5S6j0M.roa
File: r5AwsZrqwgNulOh9rpz9d5S6j0M.roa (raw, json)
Hash identifier: 5Dhg8LoGdHdMviAhNNrlnRV3iB77iEtng0d8qBhcOqU=
Subject key identifier: AF:90:30:B1:9A:EA:C2:03:6E:94:E8:7D:AE:9C:FD:77:94:BA:8F:43
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 1C41
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/r5AwsZrqwgNulOh9rpz9d5S6j0M.roa
Signing time: Fri 13 Jun 2025 18:09:53 +0000
ROA not before: Fri 13 Jun 2025 18:09:53 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7233 (0x1c41)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 13 18:09:53 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=AF9030B19AEAC2036E94E87DAE9CFD7794BA8F43
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:94:99:32:1e:27:93:9a:c1:6e:eb:fc:7b:f6:
41:74:56:5a:ca:b0:e8:31:3b:a3:e6:ed:ef:c0:ac:
8c:be:20:33:d6:10:b7:a1:2d:18:b3:7e:46:5b:42:
54:0e:11:01:53:7a:4b:da:d2:1b:d0:fe:bc:16:e5:
67:29:48:8e:10:bb:66:93:40:4b:29:48:11:d2:56:
7e:f3:fa:c5:0f:a9:e5:2e:e9:14:2e:0b:98:6c:e6:
30:22:18:00:ce:32:d1:ae:00:e1:56:c9:66:65:02:
a6:a4:42:0c:11:10:da:c2:da:26:5b:c5:81:ff:34:
82:0a:f5:74:65:23:70:27:65:b8:fe:d4:63:aa:7b:
e2:f5:5f:aa:6f:e2:a9:41:4d:ea:c0:8c:a2:47:ff:
c0:e7:79:fc:da:2e:13:d5:11:d0:9c:9a:7a:36:15:
f9:2e:9a:32:99:88:57:ba:f0:06:8a:d8:0a:56:ae:
d2:51:2e:42:43:fd:8f:53:7a:b1:d1:62:9a:97:ae:
ef:32:5d:70:c2:e0:84:51:72:b7:eb:e7:36:d8:cd:
60:85:bf:52:36:5b:be:8f:d8:44:57:ad:ac:0e:25:
34:2e:df:1f:2c:b1:fd:ff:64:ae:21:28:86:61:91:
79:05:63:eb:2c:20:5f:a7:0e:8a:7a:b4:32:2a:4c:
18:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:90:30:B1:9A:EA:C2:03:6E:94:E8:7D:AE:9C:FD:77:94:BA:8F:43
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/r5AwsZrqwgNulOh9rpz9d5S6j0M.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
9c:e7:6a:ae:1c:e4:d6:93:e7:92:8b:f9:64:fa:63:8f:95:61:
4f:5e:06:7b:35:a1:c8:f9:e9:2d:5a:bd:50:ec:48:33:b1:1c:
73:55:c2:e0:fc:6b:56:93:d6:f1:be:48:cb:43:ab:20:e2:d3:
1b:ae:91:b5:ec:80:83:11:43:b1:e1:f0:c9:ab:a5:20:00:49:
34:24:c7:5a:39:f5:69:64:9e:56:09:54:db:ec:10:af:cc:30:
3d:7c:b5:b8:5f:be:14:58:14:51:3f:a9:2d:60:63:b4:3c:22:
f9:2d:c0:21:7b:57:5d:87:3d:9e:f6:6c:70:0a:09:3c:bc:62:
19:ff:e7:c1:0f:66:b6:0e:97:dc:94:79:52:3e:99:81:92:fa:
59:69:38:7a:d6:01:d7:ba:5d:19:bf:3a:58:e7:d0:5a:f0:a5:
70:d4:ba:eb:ca:30:6e:56:79:62:05:1f:5c:0a:32:8a:b3:9a:
5b:81:d4:ef:38:2b:81:98:74:4d:0e:07:e8:6b:33:3f:b1:25:
3a:c5:7c:fa:50:4b:c4:dc:f6:10:d2:a1:ee:a2:13:1a:34:a6:
06:90:bf:ad:0c:23:59:d8:d1:67:f7:43:7f:49:28:f2:e1:5c:
21:a8:18:bb:ea:49:f7:c8:3c:4f:b6:4c:8f:5a:51:88:df:0c:
25:e0:96:bd
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICHEEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MTMx
ODA5NTNaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEFGOTAzMEIxOUFFQUMy
MDM2RTk0RTg3REFFOUNGRDc3OTRCQThGNDMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCdlJkyHieTmsFu6/x79kF0VlrKsOgxO6Pm7e/ArIy+IDPWELeh
LRizfkZbQlQOEQFTekva0hvQ/rwW5WcpSI4Qu2aTQEspSBHSVn7z+sUPqeUu6RQu
C5hs5jAiGADOMtGuAOFWyWZlAqakQgwRENrC2iZbxYH/NIIK9XRlI3AnZbj+1GOq
e+L1X6pv4qlBTerAjKJH/8DnefzaLhPVEdCcmno2FfkumjKZiFe68AaK2ApWrtJR
LkJD/Y9TerHRYpqXru8yXXDC4IRRcrfr5zbYzWCFv1I2W76P2ERXrawOJTQu3x8s
sf3/ZK4hKIZhkXkFY+ssIF+nDop6tDIqTBgVAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUr5AwsZrqwgNulOh9rpz9d5S6j0MwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9yNUF3c1pycXdnTnVsT2g5
cnB6OWQ1UzZqME0ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBAJznaq4c5NaT55KL+WT6Y4+VYU9eBns1ocj5
6S1avVDsSDOxHHNVwuD8a1aT1vG+SMtDqyDi0xuukbXsgIMRQ7Hh8MmrpSAASTQk
x1o59WlknlYJVNvsEK/MMD18tbhfvhRYFFE/qS1gY7Q8IvktwCF7V12HPZ72bHAK
CTy8Yhn/58EPZrYOl9yUeVI+mYGS+llpOHrWAde6XRm/Oljn0FrwpXDUuuvKMG5W
eWIFH1wKMoqzmluB1O84K4GYdE0OB+hrMz+xJTrFfPpQS8Tc9hDSoe6iExo0pgaQ
v60MI1nY0Wf3Q39JKPLhXCGoGLvqSffIPE+2TI9aUYjfDCXglr0=
-----END CERTIFICATE-----
Generated at Sat Jun 21 12:19:52 2025 by rpki-client