Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/sg9doX7LtOUIipr0BVPyEKielgQ.roa
File: sg9doX7LtOUIipr0BVPyEKielgQ.roa (raw, json)
Hash identifier: MUR9Y9fx5d+Dp3oFnxAEhROfy6af5gixr3iQWKqZM/M=
Subject key identifier: B2:0F:5D:A1:7E:CB:B4:E5:08:8A:9A:F4:05:53:F2:10:A8:9E:96:04
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 1C75
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/sg9doX7LtOUIipr0BVPyEKielgQ.roa
Signing time: Sat 14 Jun 2025 00:40:14 +0000
ROA not before: Sat 14 Jun 2025 00:40:14 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7285 (0x1c75)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 14 00:40:14 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=B20F5DA17ECBB4E5088A9AF40553F210A89E9604
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:4b:8a:28:bd:42:4f:a4:20:ea:1a:2a:cb:1f:
96:c9:b2:fc:b3:95:aa:bd:4e:46:5f:98:2c:a6:ce:
ed:ac:1e:77:c8:cd:24:f1:3f:b6:9d:05:4a:d6:94:
ef:01:52:a6:48:1e:13:50:92:f6:6f:6e:19:61:6a:
3c:7d:94:e7:7a:41:0c:6a:29:e6:f1:77:17:8d:be:
84:ea:0b:c5:7f:9e:ee:2c:4d:cf:fe:46:24:46:46:
9f:28:cc:af:bb:5a:12:aa:21:91:7c:14:5a:66:62:
17:c5:2f:7c:85:6d:59:7b:79:e7:a0:72:71:59:09:
20:78:82:6d:f2:3e:61:0f:fb:e1:1a:ef:97:fa:bc:
7d:1d:7d:33:ba:c1:3f:37:9d:7d:a9:63:eb:cc:47:
7f:5f:fd:14:9f:b1:e9:85:b7:f8:45:35:07:0e:ca:
6f:f1:ac:78:ca:94:8c:6d:50:88:57:2e:ef:c4:65:
bf:ab:23:f9:04:ce:d2:bb:89:cd:09:b1:28:a7:78:
b3:df:ad:27:78:a4:47:4b:9b:71:c8:02:22:9c:0f:
cc:c4:d7:45:e0:70:a3:cb:6e:23:1c:aa:e4:c1:31:
98:f8:da:73:07:8b:4f:bd:43:0c:77:2f:3f:48:8c:
74:2f:12:b9:13:c6:df:61:53:f5:5c:d6:88:92:51:
b1:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:0F:5D:A1:7E:CB:B4:E5:08:8A:9A:F4:05:53:F2:10:A8:9E:96:04
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/sg9doX7LtOUIipr0BVPyEKielgQ.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
14:76:b6:c4:d9:3b:86:d7:99:7e:a4:04:fe:4c:ff:17:72:18:
cc:dc:b1:db:a1:57:4c:82:80:3b:a1:6e:52:b7:bf:b3:eb:01:
92:bd:9e:09:fb:af:2c:cc:e9:1e:a7:1d:64:57:a1:c7:7b:69:
dc:2b:1d:b8:21:da:09:8c:f8:2e:9a:19:37:df:71:1c:24:43:
11:bc:2c:ec:f4:16:93:01:6b:a1:48:56:0c:9b:0c:b5:3d:6f:
9d:1d:85:82:c9:2f:61:63:c1:e3:37:11:c3:b4:f0:13:83:95:
4e:9d:ab:10:b0:33:93:31:2a:b0:06:6e:07:88:55:53:fb:5d:
61:5c:84:97:f4:01:c5:ce:62:09:7e:0e:55:1d:11:65:1d:2e:
8e:66:01:af:c4:6b:fb:a9:54:5c:67:95:80:71:0d:2a:aa:04:
a6:69:86:e1:fe:0e:d2:26:a7:40:7f:76:09:db:08:50:64:ab:
ab:d7:6b:c9:3b:c8:10:d9:59:58:1b:d4:a7:92:73:00:1c:79:
8f:18:52:2b:90:96:c2:d7:df:6f:51:6a:8f:aa:35:7b:2f:f0:
39:ee:25:c1:ea:1f:dd:a5:03:17:e8:dc:ef:fc:8c:ec:66:1b:
ba:13:87:4e:7e:96:96:6e:9b:95:aa:72:68:b2:2c:5f:f4:bf:
90:df:07:f4
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICHHUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MTQw
MDQwMTRaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEIyMEY1REExN0VDQkI0
RTUwODhBOUFGNDA1NTNGMjEwQTg5RTk2MDQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDaS4oovUJPpCDqGirLH5bJsvyzlaq9TkZfmCymzu2sHnfIzSTx
P7adBUrWlO8BUqZIHhNQkvZvbhlhajx9lOd6QQxqKebxdxeNvoTqC8V/nu4sTc/+
RiRGRp8ozK+7WhKqIZF8FFpmYhfFL3yFbVl7eeegcnFZCSB4gm3yPmEP++Ea75f6
vH0dfTO6wT83nX2pY+vMR39f/RSfsemFt/hFNQcOym/xrHjKlIxtUIhXLu/EZb+r
I/kEztK7ic0JsSineLPfrSd4pEdLm3HIAiKcD8zE10XgcKPLbiMcquTBMZj42nMH
i0+9Qwx3Lz9IjHQvErkTxt9hU/Vc1oiSUbGBAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUsg9doX7LtOUIipr0BVPyEKielgQwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9zZzlkb1g3THRPVUlpcHIw
QlZQeUVLaWVsZ1Eucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBABR2tsTZO4bXmX6kBP5M/xdyGMzcsduhV0yC
gDuhblK3v7PrAZK9ngn7ryzM6R6nHWRXocd7adwrHbgh2gmM+C6aGTffcRwkQxG8
LOz0FpMBa6FIVgybDLU9b50dhYLJL2FjweM3EcO08BODlU6dqxCwM5MxKrAGbgeI
VVP7XWFchJf0AcXOYgl+DlUdEWUdLo5mAa/Ea/upVFxnlYBxDSqqBKZphuH+DtIm
p0B/dgnbCFBkq6vXa8k7yBDZWVgb1KeScwAceY8YUiuQlsLX329Rao+qNXsv8Dnu
JcHqH92lAxfo3O/8jOxmG7oTh05+lpZum5WqcmiyLF/0v5DfB/Q=
-----END CERTIFICATE-----
Generated at Sun Jun 22 05:34:46 2025 by rpki-client