Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/0Aq5K6sitzNJoMQeaWHwL1ed_Rg.roa
File: 0Aq5K6sitzNJoMQeaWHwL1ed_Rg.roa (raw, json)
Hash identifier: Q9i1gywR0Al2aGJCiYg1wWlEFUUWXiLSLXIdZ8D2FCg=
Subject key identifier: D0:0A:B9:2B:AB:22:B7:33:49:A0:C4:1E:69:61:F0:2F:57:9D:FD:18
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 1ABD
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/0Aq5K6sitzNJoMQeaWHwL1ed_Rg.roa
Signing time: Wed 11 Jun 2025 17:39:46 +0000
ROA not before: Wed 11 Jun 2025 17:39:46 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6845 (0x1abd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 11 17:39:46 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=D00AB92BAB22B73349A0C41E6961F02F579DFD18
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:61:c8:0e:46:83:b4:63:86:e2:f3:54:7a:3e:
37:4d:f0:4c:d8:d0:90:a3:83:f5:cc:cf:e3:79:58:
2b:f4:9a:e3:ae:2f:8a:11:4a:84:c1:32:8a:dc:7f:
2a:5c:32:ab:ef:ed:5b:89:e4:3e:f8:74:0c:92:d5:
bb:db:49:6f:77:1f:54:9e:af:c1:73:ab:7a:22:be:
a9:8d:81:48:55:9a:ec:2a:41:f3:c6:52:e2:25:c0:
5f:66:3b:e2:42:75:0f:dc:47:37:d0:87:75:87:f1:
94:89:0b:20:f3:f4:4a:9e:f6:c9:fc:5c:6a:9b:0f:
62:a0:67:8c:f8:51:3b:ee:8a:72:14:4c:6b:07:de:
e8:0d:c0:a7:d4:1c:20:9a:ed:9a:41:0e:78:08:fb:
4a:7c:5c:f5:a2:e4:7f:c7:0a:90:7f:ec:ed:64:b6:
0e:02:04:99:ab:18:f5:e8:ee:ea:02:82:af:bd:d5:
98:f7:eb:19:c4:93:fd:8a:2d:9c:47:64:c7:28:2e:
b5:28:aa:90:13:22:5d:e9:59:3e:84:8a:70:25:c7:
1a:31:89:ca:5d:79:36:ab:72:03:3f:01:43:10:ab:
24:06:af:84:41:a0:d9:48:d6:ba:e5:d6:ea:c8:32:
fa:21:a9:43:07:b8:7e:3f:bd:70:bd:66:b1:d2:ab:
b9:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:0A:B9:2B:AB:22:B7:33:49:A0:C4:1E:69:61:F0:2F:57:9D:FD:18
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/0Aq5K6sitzNJoMQeaWHwL1ed_Rg.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
2c:8c:9d:6d:58:a0:66:f8:1d:bc:71:5e:f7:7b:b1:cb:2d:b4:
fd:e9:3a:a0:38:1d:28:ec:05:b5:64:c9:24:4d:80:8d:04:c6:
cc:a9:40:60:5f:53:fa:fc:55:11:dc:ee:2f:53:67:1c:fd:5e:
e6:d2:e5:e1:2a:37:d7:2e:ca:f0:2b:24:25:31:c4:4a:bb:14:
51:dd:8c:a6:99:c6:3e:4e:a2:55:f4:72:c4:a2:5d:6d:54:5f:
c1:b7:7d:6d:d8:b0:55:e5:5a:55:0a:44:54:d9:d2:21:8d:73:
66:f6:ae:c1:f6:fd:b3:34:cc:26:a9:ca:c1:4f:cd:7b:c8:50:
b2:0f:87:34:d8:34:f0:4f:01:1b:70:d8:c9:1a:08:87:50:ba:
e0:56:6f:1a:30:e8:2a:6d:94:6c:d3:db:d7:0d:14:97:d3:1d:
83:81:31:0c:30:d1:26:2e:50:f2:49:d0:e3:7c:a6:a0:d9:73:
02:ad:a3:eb:e5:6c:95:21:19:e0:40:05:36:51:91:a1:d6:ef:
a1:aa:0e:b2:85:a7:78:76:79:0f:fb:f3:6a:07:10:84:76:4f:
37:04:2c:43:b8:b4:6d:c5:6a:58:f5:05:da:61:c5:96:ac:49:
cd:b9:67:18:c9:62:ca:b0:ea:3b:77:68:5d:e4:c3:30:15:db:
ae:7d:da:69
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICGr0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MTEx
NzM5NDZaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEQwMEFCOTJCQUIyMkI3
MzM0OUEwQzQxRTY5NjFGMDJGNTc5REZEMTgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC3YcgORoO0Y4bi81R6PjdN8EzY0JCjg/XMz+N5WCv0muOuL4oR
SoTBMorcfypcMqvv7VuJ5D74dAyS1bvbSW93H1Ser8Fzq3oivqmNgUhVmuwqQfPG
UuIlwF9mO+JCdQ/cRzfQh3WH8ZSJCyDz9Eqe9sn8XGqbD2KgZ4z4UTvuinIUTGsH
3ugNwKfUHCCa7ZpBDngI+0p8XPWi5H/HCpB/7O1ktg4CBJmrGPXo7uoCgq+91Zj3
6xnEk/2KLZxHZMcoLrUoqpATIl3pWT6EinAlxxoxicpdeTarcgM/AUMQqyQGr4RB
oNlI1rrl1urIMvohqUMHuH4/vXC9ZrHSq7k3AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQU0Aq5K6sitzNJoMQeaWHwL1ed/RgwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni8wQXE1SzZzaXR6TkpvTVFl
YVdId0wxZWRfUmcucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBACyMnW1YoGb4HbxxXvd7scsttP3pOqA4HSjs
BbVkySRNgI0ExsypQGBfU/r8VRHc7i9TZxz9XubS5eEqN9cuyvArJCUxxEq7FFHd
jKaZxj5OolX0csSiXW1UX8G3fW3YsFXlWlUKRFTZ0iGNc2b2rsH2/bM0zCapysFP
zXvIULIPhzTYNPBPARtw2MkaCIdQuuBWbxow6CptlGzT29cNFJfTHYOBMQww0SYu
UPJJ0ON8pqDZcwKto+vlbJUhGeBABTZRkaHW76GqDrKFp3h2eQ/782oHEIR2TzcE
LEO4tG3Falj1BdphxZasSc25ZxjJYsqw6jt3aF3kwzAV26592mk=
-----END CERTIFICATE-----
Generated at Sun Jul 20 19:05:12 2025 by rpki-client