Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/sjEFEDafcKPigjzVDLEAi-GJxhE.roa
File: sjEFEDafcKPigjzVDLEAi-GJxhE.roa (raw, json)
Hash identifier: qrN32vmhEarVFBBfjbU8HemQavxkpwZhXOscL5xuq/0=
Subject key identifier: B2:31:05:10:36:9F:70:A3:E2:82:3C:D5:0C:B1:00:8B:E1:89:C6:11
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 13F1
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/sjEFEDafcKPigjzVDLEAi-GJxhE.roa
Signing time: Mon 02 Jun 2025 16:09:13 +0000
ROA not before: Mon 02 Jun 2025 16:09:13 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5105 (0x13f1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 2 16:09:13 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=B2310510369F70A3E2823CD50CB1008BE189C611
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:48:4e:3d:a3:4b:10:17:cb:24:a0:06:a9:e1:
5c:47:41:20:fd:df:4c:66:32:19:e7:0f:eb:6e:eb:
46:d1:92:64:3b:2d:64:fc:16:19:a4:21:e0:37:aa:
59:54:80:81:27:d4:ae:64:21:6c:3e:95:7a:a1:d7:
75:47:3d:c4:f9:ba:fe:f9:04:e5:6c:f2:eb:5d:3b:
aa:de:2f:a2:99:af:a7:ff:30:39:49:1a:ee:97:65:
3d:83:82:0e:c2:ca:70:cb:95:3c:87:c1:26:e6:c6:
a8:d2:91:fe:09:4e:ed:18:3a:be:29:e0:e3:16:fb:
6d:df:ea:73:3d:73:9a:bb:ad:e7:54:f6:2d:45:ea:
ab:70:cd:ff:c4:a8:42:45:0d:14:57:bd:f7:39:6f:
2e:3d:f7:77:bd:61:6b:34:bb:8d:6b:c1:33:4b:c3:
25:f9:0b:3e:0e:e2:25:91:15:e2:67:4b:46:a2:cc:
81:0a:d7:a9:a2:f5:6a:9d:d6:74:3d:6c:16:38:0a:
90:3d:59:5f:b9:88:e7:5c:07:06:04:a7:1a:65:27:
3d:78:6d:4b:c6:af:c6:a4:7f:3d:c3:4f:73:ef:03:
31:17:69:f7:8b:19:59:b8:86:7c:7e:82:64:cb:fc:
12:86:1c:16:d4:a8:53:78:8b:4b:62:65:5e:42:39:
c1:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:31:05:10:36:9F:70:A3:E2:82:3C:D5:0C:B1:00:8B:E1:89:C6:11
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/sjEFEDafcKPigjzVDLEAi-GJxhE.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
1f:20:92:cd:66:a4:0e:7c:70:be:eb:8d:08:af:c5:df:9c:d1:
8f:d6:a2:91:0e:cd:aa:99:d9:32:cd:2d:ba:5b:7e:f4:0b:09:
e5:12:f5:5b:67:8b:de:3c:59:32:a7:1e:1d:56:61:f9:66:91:
7d:7b:fb:fe:e6:71:46:8f:c5:96:c3:54:eb:0b:c8:e7:37:33:
ba:b5:cf:6a:6a:d3:45:26:e7:99:49:56:ba:00:d4:0e:ed:13:
92:48:62:5d:f2:aa:a9:20:c1:99:2e:e2:3e:1a:58:2a:48:f1:
b5:76:52:ab:73:13:52:2a:d6:4f:80:5c:ea:12:cd:f8:39:ac:
64:d8:b6:e4:f3:32:88:19:52:4c:29:6a:93:0f:80:67:ac:82:
96:91:73:c7:ec:96:b8:e7:38:78:8d:fd:9d:55:ca:fe:58:a9:
f4:65:55:a0:28:59:eb:b2:7d:59:77:66:b6:e8:e0:1e:01:42:
8b:e7:92:52:3c:d6:ac:72:90:77:10:71:72:9a:ad:7d:88:d2:
de:bf:99:84:34:ef:77:62:45:6b:73:fb:1d:5c:b6:c4:ae:f3:
e6:20:a8:58:4e:53:a6:c1:17:88:82:f9:d0:5a:bf:fa:e3:0e:
d9:54:8b:26:37:74:5c:ac:a4:06:e0:44:45:80:85:ad:68:fe:
ca:5d:26:c7
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICE/EwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MDIx
NjA5MTNaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEIyMzEwNTEwMzY5Rjcw
QTNFMjgyM0NENTBDQjEwMDhCRTE4OUM2MTEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCqSE49o0sQF8skoAap4VxHQSD930xmMhnnD+tu60bRkmQ7LWT8
FhmkIeA3qllUgIEn1K5kIWw+lXqh13VHPcT5uv75BOVs8utdO6reL6KZr6f/MDlJ
Gu6XZT2Dgg7CynDLlTyHwSbmxqjSkf4JTu0YOr4p4OMW+23f6nM9c5q7redU9i1F
6qtwzf/EqEJFDRRXvfc5by4993e9YWs0u41rwTNLwyX5Cz4O4iWRFeJnS0aizIEK
16mi9Wqd1nQ9bBY4CpA9WV+5iOdcBwYEpxplJz14bUvGr8akfz3DT3PvAzEXafeL
GVm4hnx+gmTL/BKGHBbUqFN4i0tiZV5COcGbAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUsjEFEDafcKPigjzVDLEAi+GJxhEwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9zakVGRURhZmNLUGlnanpW
RExFQWktR0p4aEUucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBAB8gks1mpA58cL7rjQivxd+c0Y/WopEOzaqZ
2TLNLbpbfvQLCeUS9Vtni948WTKnHh1WYflmkX17+/7mcUaPxZbDVOsLyOc3M7q1
z2pq00Um55lJVroA1A7tE5JIYl3yqqkgwZku4j4aWCpI8bV2UqtzE1Iq1k+AXOoS
zfg5rGTYtuTzMogZUkwpapMPgGesgpaRc8fslrjnOHiN/Z1Vyv5YqfRlVaAoWeuy
fVl3Zrbo4B4BQovnklI81qxykHcQcXKarX2I0t6/mYQ073diRWtz+x1ctsSu8+Yg
qFhOU6bBF4iC+dBav/rjDtlUiyY3dFyspAbgREWAha1o/spdJsc=
-----END CERTIFICATE-----
Generated at Sat Jun 21 23:30:21 2025 by rpki-client