Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/0hpoQmS-vDXdR0vSPLQVaFcy8KA.roa
File: 0hpoQmS-vDXdR0vSPLQVaFcy8KA.roa (raw, json)
Hash identifier: lamwlQgjeL+exOh278VGFUjDBOXXzkBWrtep1dNY2Nk=
Subject key identifier: D2:1A:68:42:64:BE:BC:35:DD:47:4B:D2:3C:B4:15:68:57:32:F0:A0
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 2455
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/0hpoQmS-vDXdR0vSPLQVaFcy8KA.roa
Signing time: Wed 25 Jun 2025 00:12:00 +0000
ROA not before: Wed 25 Jun 2025 00:12:00 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 9301 (0x2455)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 25 00:12:00 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=D21A684264BEBC35DD474BD23CB415685732F0A0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:59:1a:e4:da:f7:16:c4:12:8b:5c:a0:53:62:
c5:a7:4a:d9:4a:62:e5:6e:ab:c2:f4:7e:9b:35:3a:
56:f1:8e:6d:0b:c1:57:d5:ca:da:db:24:14:ec:a5:
35:e2:3f:d8:93:fc:ee:67:6e:b2:1c:e8:26:2f:28:
68:35:6e:87:04:37:f4:e5:bd:fa:74:bf:fa:3a:d0:
91:c1:9c:ef:b4:29:76:3b:32:e0:94:25:0c:d9:23:
39:a7:ec:75:8d:92:02:6c:07:69:89:6a:bb:ec:05:
be:3a:94:32:26:ac:12:65:95:80:b2:8e:4b:1a:ba:
92:63:d5:97:11:78:50:10:2e:75:dd:f1:e8:44:ea:
86:8e:92:f5:e0:ec:97:05:c1:9e:1c:9e:56:99:6c:
48:3c:04:cb:5c:a7:51:c9:ce:b0:98:ea:17:6e:43:
c7:48:b8:e1:68:c3:de:45:88:d8:93:23:1c:0b:d1:
11:3c:10:f1:96:93:e2:28:55:5a:ca:df:78:9e:5d:
05:4f:85:f5:f3:4b:f2:2f:4a:03:c1:54:74:b8:aa:
41:41:91:1b:f1:55:af:2f:b4:b2:54:fe:1b:27:64:
5b:03:52:10:49:c7:0a:36:5e:e3:97:94:9b:0e:b4:
ea:d6:14:4b:d5:10:ec:5f:27:f6:e7:6f:f9:94:19:
48:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:1A:68:42:64:BE:BC:35:DD:47:4B:D2:3C:B4:15:68:57:32:F0:A0
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/0hpoQmS-vDXdR0vSPLQVaFcy8KA.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
35:54:6f:cc:78:d8:cd:2d:c1:74:9b:27:82:ac:08:fc:8e:2f:
37:2f:b9:08:36:86:d3:64:d3:90:7b:aa:6d:60:3b:e9:6c:a0:
a5:5b:c8:33:e5:d7:5f:08:ba:b0:25:84:10:18:09:9f:a7:a1:
64:67:61:88:ad:90:5b:27:be:d0:34:31:7a:5f:d2:fd:05:1e:
43:1a:79:86:ad:c0:12:ac:4f:a1:a3:91:59:c3:9b:97:65:7b:
bb:9c:85:e6:ea:82:b1:2c:42:57:b4:5c:a7:1e:48:bb:f5:d9:
7c:b2:06:a5:12:e2:9c:d0:06:fd:c9:ed:06:d7:fd:48:08:f6:
63:8a:0e:b3:9c:c0:b5:9c:41:c5:c1:9d:02:38:9b:d7:9a:ef:
c3:36:e1:72:c5:f3:de:82:07:1e:71:66:27:1b:4b:5d:8a:87:
72:da:ea:60:4e:da:5c:d1:09:d4:5f:99:5a:54:e0:c9:02:94:
79:71:fe:34:df:7c:30:07:e8:24:17:2f:0d:25:8c:03:05:fc:
af:6e:50:75:f4:53:88:53:d0:67:e4:06:eb:93:05:de:e6:ad:
6b:04:07:74:7a:ab:e9:e9:20:dd:51:a1:41:9b:16:91:32:7b:
dd:0f:22:d5:f4:15:c7:ee:1f:5e:75:69:46:b8:f4:aa:6c:1f:
58:cc:c4:84
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICJFUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MjUw
MDEyMDBaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEQyMUE2ODQyNjRCRUJD
MzVERDQ3NEJEMjNDQjQxNTY4NTczMkYwQTAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDNWRrk2vcWxBKLXKBTYsWnStlKYuVuq8L0fps1Olbxjm0LwVfV
ytrbJBTspTXiP9iT/O5nbrIc6CYvKGg1bocEN/Tlvfp0v/o60JHBnO+0KXY7MuCU
JQzZIzmn7HWNkgJsB2mJarvsBb46lDImrBJllYCyjksaupJj1ZcReFAQLnXd8ehE
6oaOkvXg7JcFwZ4cnlaZbEg8BMtcp1HJzrCY6hduQ8dIuOFow95FiNiTIxwL0RE8
EPGWk+IoVVrK33ieXQVPhfXzS/IvSgPBVHS4qkFBkRvxVa8vtLJU/hsnZFsDUhBJ
xwo2XuOXlJsOtOrWFEvVEOxfJ/bnb/mUGUhnAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQU0hpoQmS+vDXdR0vSPLQVaFcy8KAwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni8waHBvUW1TLXZEWGRSMHZT
UExRVmFGY3k4S0Eucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBADVUb8x42M0twXSbJ4KsCPyOLzcvuQg2htNk
05B7qm1gO+lsoKVbyDPl118IurAlhBAYCZ+noWRnYYitkFsnvtA0MXpf0v0FHkMa
eYatwBKsT6GjkVnDm5dle7uchebqgrEsQle0XKceSLv12XyyBqUS4pzQBv3J7QbX
/UgI9mOKDrOcwLWcQcXBnQI4m9ea78M24XLF896CBx5xZicbS12Kh3La6mBO2lzR
CdRfmVpU4MkClHlx/jTffDAH6CQXLw0ljAMF/K9uUHX0U4hT0GfkBuuTBd7mrWsE
B3R6q+npIN1RoUGbFpEye90PItX0FcfuH151aUa49KpsH1jMxIQ=
-----END CERTIFICATE-----
Generated at Sun Jul 20 19:09:29 2025 by rpki-client