Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/xAuN-9V3BJyrnFWO44tLTnfDE8s.roa
File: xAuN-9V3BJyrnFWO44tLTnfDE8s.roa (raw, json)
Hash identifier: WIvWkCOtN15e2fLoExG2CC0+SlXS902ZkToAoCxmwNw=
Subject key identifier: C4:0B:8D:FB:D5:77:04:9C:AB:9C:55:8E:E3:8B:4B:4E:77:C3:13:CB
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 1441
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/xAuN-9V3BJyrnFWO44tLTnfDE8s.roa
Signing time: Tue 03 Jun 2025 02:09:14 +0000
ROA not before: Tue 03 Jun 2025 02:09:14 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5185 (0x1441)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 3 02:09:14 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=C40B8DFBD577049CAB9C558EE38B4B4E77C313CB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:11:78:c0:2a:75:d7:f2:dd:f8:f2:8e:df:42:
fc:a3:e9:ba:40:31:22:ad:9f:97:59:a6:94:a6:1b:
b6:a9:13:12:87:a9:36:ff:9d:17:95:ac:e4:5a:aa:
a6:4c:a2:d2:f6:91:42:02:11:75:32:a0:ad:b1:df:
24:df:b1:94:73:e2:e3:4c:87:53:03:33:c6:1c:c5:
94:82:68:35:29:8b:a8:56:b3:38:a8:4b:8d:d8:be:
34:27:3e:68:b9:36:bf:c1:36:fe:dc:9a:39:5f:68:
87:b1:0f:bd:f0:57:c2:7e:48:ea:dc:a0:5b:11:73:
52:35:eb:6a:38:3b:b1:c3:76:9a:e1:a5:de:6f:9c:
67:95:ee:c4:e4:12:ae:6a:78:0e:bf:46:19:ee:a9:
88:cf:aa:c8:9a:8f:8c:36:b9:6a:7c:0f:96:92:b3:
82:c8:23:38:44:7b:0e:52:b5:8c:95:18:ee:ba:c4:
54:c9:1d:c1:55:ef:ac:01:81:c3:71:42:79:a3:e0:
07:a7:e4:b5:aa:86:a9:a8:50:58:2d:60:d3:39:52:
c0:89:74:09:e2:25:4f:fb:1a:87:5f:cc:63:be:fb:
5d:e6:30:76:e3:d4:4b:fd:c2:02:09:0f:6d:0d:77:
43:c2:7d:0c:a4:e1:45:bd:90:4a:b2:1b:08:ea:64:
57:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:0B:8D:FB:D5:77:04:9C:AB:9C:55:8E:E3:8B:4B:4E:77:C3:13:CB
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/xAuN-9V3BJyrnFWO44tLTnfDE8s.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
0a:06:60:0a:ed:f5:08:9f:80:6c:f3:6e:89:c2:78:5a:46:ee:
3a:41:d2:29:d7:fc:37:67:1c:f8:56:35:cb:b5:23:5a:28:85:
ac:bc:51:66:84:9d:e5:6a:52:cd:37:14:4c:56:36:6a:09:76:
6f:72:98:1e:2e:a2:c1:75:28:ce:1d:53:bd:14:14:c6:3e:6d:
ea:00:8b:13:d7:c3:de:e4:fc:ee:d1:53:47:70:d9:c7:8b:fa:
b7:c4:7c:72:e9:b0:6d:f5:53:63:fc:2a:e2:9c:ac:ae:1f:aa:
21:9d:3a:7a:f2:02:17:26:ea:12:ee:4b:1a:97:bb:00:b7:e2:
e8:5d:09:6e:07:d7:9e:14:29:a9:a8:4d:84:7d:99:60:ab:17:
e0:b6:84:22:9e:34:73:f5:36:d3:ba:a9:6b:31:ca:57:e8:9b:
68:56:a2:e1:b3:f4:c0:db:0b:ab:88:09:58:2f:3f:53:d6:41:
57:65:53:65:e9:59:f3:87:75:83:71:9d:0f:be:7e:32:ae:17:
28:31:2e:f8:87:01:1b:48:d5:c6:b2:bc:88:8b:ff:41:14:bf:
bd:be:10:67:43:fa:3e:27:67:12:ac:89:95:60:01:c6:2b:e6:
59:8d:67:1e:94:0f:5d:5e:4a:62:6d:a8:8e:e3:66:ba:4a:54:
11:ac:02:80
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICFEEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MDMw
MjA5MTRaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEM0MEI4REZCRDU3NzA0
OUNBQjlDNTU4RUUzOEI0QjRFNzdDMzEzQ0IwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDAEXjAKnXX8t348o7fQvyj6bpAMSKtn5dZppSmG7apExKHqTb/
nReVrORaqqZMotL2kUICEXUyoK2x3yTfsZRz4uNMh1MDM8YcxZSCaDUpi6hWszio
S43YvjQnPmi5Nr/BNv7cmjlfaIexD73wV8J+SOrcoFsRc1I162o4O7HDdprhpd5v
nGeV7sTkEq5qeA6/RhnuqYjPqsiaj4w2uWp8D5aSs4LIIzhEew5StYyVGO66xFTJ
HcFV76wBgcNxQnmj4Aen5LWqhqmoUFgtYNM5UsCJdAniJU/7GodfzGO++13mMHbj
1Ev9wgIJD20Nd0PCfQyk4UW9kEqyGwjqZFcxAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUxAuN+9V3BJyrnFWO44tLTnfDE8swHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni94QXVOLTlWM0JKeXJuRldP
NDR0TFRuZkRFOHMucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBAAoGYArt9QifgGzzbonCeFpG7jpB0inX/Ddn
HPhWNcu1I1oohay8UWaEneVqUs03FExWNmoJdm9ymB4uosF1KM4dU70UFMY+beoA
ixPXw97k/O7RU0dw2ceL+rfEfHLpsG31U2P8KuKcrK4fqiGdOnryAhcm6hLuSxqX
uwC34uhdCW4H154UKamoTYR9mWCrF+C2hCKeNHP1NtO6qWsxylfom2hWouGz9MDb
C6uICVgvP1PWQVdlU2XpWfOHdYNxnQ++fjKuFygxLviHARtI1cayvIiL/0EUv72+
EGdD+j4nZxKsiZVgAcYr5lmNZx6UD11eSmJtqI7jZrpKVBGsAoA=
-----END CERTIFICATE-----
Generated at Sun Jun 22 03:54:17 2025 by rpki-client