Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/uW2QXVt5zp4yjOKYRS5pVKOJQxE.roa
File: uW2QXVt5zp4yjOKYRS5pVKOJQxE.roa (raw, json)
Hash identifier: mXcgpAoOJkNf9pmNY/HBlHL0M4hvS5XwjGaQt1Xczto=
Subject key identifier: B9:6D:90:5D:5B:79:CE:9E:32:8C:E2:98:45:2E:69:54:A3:89:43:11
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 1C01
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/uW2QXVt5zp4yjOKYRS5pVKOJQxE.roa
Signing time: Fri 13 Jun 2025 10:09:55 +0000
ROA not before: Fri 13 Jun 2025 10:09:55 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7169 (0x1c01)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 13 10:09:55 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=B96D905D5B79CE9E328CE298452E6954A3894311
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:ea:4a:0e:5b:44:be:80:27:0a:a6:ee:2f:be:
dc:68:a9:55:83:98:38:92:38:5a:12:20:79:8c:59:
ef:03:6b:4c:86:0c:f6:21:6b:88:c1:b9:22:b5:00:
7b:38:8d:16:9e:14:78:c4:87:51:86:df:44:d1:b7:
cf:35:c2:25:0f:eb:6c:9d:8b:fa:1d:17:f5:14:3b:
09:02:64:b4:bf:4a:90:a4:8b:66:ed:4d:b2:9c:fc:
50:82:41:5a:a2:06:14:eb:25:f5:bf:b0:d9:4f:fd:
0d:94:59:7c:7a:61:a1:f6:7e:5d:4d:cb:f0:89:e6:
b2:dc:e8:e9:73:e2:1e:02:56:dc:49:11:40:b7:c4:
9c:3e:42:62:75:35:ef:53:9d:69:ef:8a:ab:44:41:
c6:5c:b4:ec:ba:23:19:05:53:36:da:96:60:1f:fb:
45:56:84:da:f6:10:66:25:33:44:b2:c5:70:c2:88:
ab:cd:be:75:68:f4:c8:9f:03:46:87:ef:25:c2:54:
f3:9f:75:49:4e:89:c8:09:2f:88:af:69:8d:98:e3:
27:43:1b:62:f4:68:fe:94:1b:3d:ab:18:d5:79:b4:
ef:97:98:7e:26:3c:93:a9:ee:03:1e:01:9c:48:87:
88:3c:d1:ae:08:66:9e:90:21:f8:71:ed:94:cc:c8:
d4:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:6D:90:5D:5B:79:CE:9E:32:8C:E2:98:45:2E:69:54:A3:89:43:11
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/uW2QXVt5zp4yjOKYRS5pVKOJQxE.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
19:55:37:e8:5f:4b:72:c8:86:7b:1b:0a:c1:b6:41:61:7b:e9:
1a:74:c2:a1:3b:24:85:dc:d4:0f:6a:b6:76:f2:4a:bb:d8:69:
7a:6f:3a:57:80:36:1d:ea:e2:7c:30:9d:67:20:a5:d3:7e:ac:
0e:2a:2b:21:7b:f5:b3:41:cc:b9:38:63:8e:28:b3:8e:90:45:
2f:96:d9:11:17:ba:95:ae:67:fa:f9:2f:47:98:25:d2:39:4f:
9e:30:8b:16:1a:f3:6f:49:07:ed:7b:b0:d5:52:66:18:71:6c:
40:81:a0:3d:bb:36:d2:30:75:68:ac:ff:99:36:60:6a:50:92:
60:36:ef:7b:5c:af:08:34:82:14:93:ba:02:60:26:76:58:28:
25:61:13:54:37:4f:29:01:41:3a:56:7d:22:68:f8:fa:78:4a:
cc:6c:82:ca:ed:9d:fd:26:22:c9:fe:38:f0:3b:ed:d0:32:9a:
d7:31:7c:6e:90:b7:be:fb:f0:4d:51:5f:45:b0:c8:fe:d8:d5:
5d:87:d6:20:c3:c5:68:07:14:38:3d:69:c5:cb:aa:00:21:c8:
b8:0d:dd:13:c3:63:52:48:d3:d4:d1:db:1f:bd:d4:63:ef:49:
c5:be:91:e0:4c:1b:bc:73:e7:fa:c7:05:0a:f6:a5:f5:7f:07:
92:7a:de:21
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICHAEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MTMx
MDA5NTVaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEI5NkQ5MDVENUI3OUNF
OUUzMjhDRTI5ODQ1MkU2OTU0QTM4OTQzMTEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCd6koOW0S+gCcKpu4vvtxoqVWDmDiSOFoSIHmMWe8Da0yGDPYh
a4jBuSK1AHs4jRaeFHjEh1GG30TRt881wiUP62ydi/odF/UUOwkCZLS/SpCki2bt
TbKc/FCCQVqiBhTrJfW/sNlP/Q2UWXx6YaH2fl1Ny/CJ5rLc6Olz4h4CVtxJEUC3
xJw+QmJ1Ne9TnWnviqtEQcZctOy6IxkFUzbalmAf+0VWhNr2EGYlM0SyxXDCiKvN
vnVo9MifA0aH7yXCVPOfdUlOicgJL4ivaY2Y4ydDG2L0aP6UGz2rGNV5tO+XmH4m
PJOp7gMeAZxIh4g80a4IZp6QIfhx7ZTMyNRLAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUuW2QXVt5zp4yjOKYRS5pVKOJQxEwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni91VzJRWFZ0NXpwNHlqT0tZ
UlM1cFZLT0pReEUucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBABlVN+hfS3LIhnsbCsG2QWF76Rp0wqE7JIXc
1A9qtnbySrvYaXpvOleANh3q4nwwnWcgpdN+rA4qKyF79bNBzLk4Y44os46QRS+W
2REXupWuZ/r5L0eYJdI5T54wixYa829JB+17sNVSZhhxbECBoD27NtIwdWis/5k2
YGpQkmA273tcrwg0ghSTugJgJnZYKCVhE1Q3TykBQTpWfSJo+Pp4Ssxsgsrtnf0m
Isn+OPA77dAymtcxfG6Qt7778E1RX0WwyP7Y1V2H1iDDxWgHFDg9acXLqgAhyLgN
3RPDY1JI09TR2x+91GPvScW+keBMG7xz5/rHBQr2pfV/B5J63iE=
-----END CERTIFICATE-----
Generated at Sun Jun 22 03:58:27 2025 by rpki-client