Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/1kXSPWrQEOV1xZoDQt0joRJ_eWA.roa
File: 1kXSPWrQEOV1xZoDQt0joRJ_eWA.roa (raw, json)
Hash identifier: sYJJ8ywT7z6gZPOJNMpraQllcMVTQMQZ/fRYK/V7sm8=
Subject key identifier: D6:45:D2:3D:6A:D0:10:E5:75:C5:9A:03:42:DD:23:A1:12:7F:79:60
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 1D91
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/1kXSPWrQEOV1xZoDQt0joRJ_eWA.roa
Signing time: Sun 15 Jun 2025 12:11:01 +0000
ROA not before: Sun 15 Jun 2025 12:11:01 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7569 (0x1d91)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 15 12:11:01 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=D645D23D6AD010E575C59A0342DD23A1127F7960
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:74:62:63:c2:97:9b:e2:fa:de:23:81:40:eb:
c0:57:77:a9:c0:e8:ea:15:e2:57:bd:1d:88:9d:7f:
db:bf:b2:80:83:e9:54:01:19:37:ef:23:09:97:c5:
11:27:29:53:56:75:c2:a4:2c:09:9c:d1:4a:79:fa:
8a:19:68:ba:e9:c8:0b:6d:b5:ed:d6:e2:95:13:f5:
d3:34:fb:43:60:1d:b7:3d:09:80:71:d0:33:e7:df:
3c:da:6a:67:4c:05:11:e2:05:21:58:54:ca:5d:58:
a7:a1:88:da:de:84:55:7b:e3:e1:49:f2:89:00:43:
55:23:c7:a4:ce:b8:ce:96:be:19:60:af:21:3a:e9:
73:78:06:9c:02:49:56:47:9f:9f:ca:58:d3:b9:02:
61:79:44:8c:ba:3e:7c:f4:05:f6:c7:56:c5:c2:68:
ba:11:e5:21:4f:70:14:91:d0:fe:b0:af:61:ba:18:
21:32:c9:62:3b:1e:19:11:20:65:3a:08:96:14:c1:
d2:19:e9:c2:65:1d:19:07:d9:f9:79:61:4f:9d:ca:
73:e3:f0:4e:4f:7f:27:ed:85:fa:ab:e2:f9:1f:22:
cd:b6:64:a7:1d:ee:57:b1:7f:45:a8:a1:60:a3:b0:
c5:29:a6:e9:e2:a2:6c:1e:68:c5:a2:e6:0f:0b:51:
a9:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:45:D2:3D:6A:D0:10:E5:75:C5:9A:03:42:DD:23:A1:12:7F:79:60
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/1kXSPWrQEOV1xZoDQt0joRJ_eWA.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
45:96:8f:72:2c:b1:9e:b4:3c:95:dd:7b:b1:7c:f0:55:27:18:
db:d8:27:cc:9b:9c:b0:7a:61:2d:a6:d2:fb:4f:72:66:7d:35:
f1:c0:7c:67:46:ed:b7:bb:01:78:31:57:cb:96:60:0c:9a:db:
f6:e1:d4:31:76:50:11:39:e9:e8:29:14:d2:ec:37:57:90:23:
56:3b:64:38:4a:08:d7:b4:66:5c:06:34:aa:84:fb:c0:94:d7:
77:14:a8:a9:d7:34:df:e3:63:fa:3f:bd:27:5d:d3:bc:8a:15:
2c:ff:03:cc:7f:b5:3c:f4:d4:eb:37:f3:7f:8e:dc:0a:7e:54:
b5:2a:05:4a:f4:32:ee:29:90:e0:7b:1f:6c:e8:2f:d7:a0:3c:
2c:65:96:ec:20:79:d1:b7:e8:c4:3a:ee:a8:e2:bb:cc:18:26:
e3:ac:45:fc:00:6d:91:af:f4:cd:d6:12:5a:22:0a:13:b9:7a:
a7:c7:b9:dd:78:6d:d8:d8:25:b6:d6:cb:0a:6e:97:af:31:e3:
ad:53:26:35:73:b2:a3:fc:58:c4:96:6d:0f:c3:06:9e:3b:2f:
ce:58:95:e7:9a:4c:4e:83:09:96:36:0d:f2:a0:05:cf:7f:21:
11:ef:2e:6a:f1:4b:2c:27:af:67:ec:bd:b5:47:5a:86:ce:15:
d7:59:8c:19
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICHZEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MTUx
MjExMDFaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEQ2NDVEMjNENkFEMDEw
RTU3NUM1OUEwMzQyREQyM0ExMTI3Rjc5NjAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC9dGJjwpeb4vreI4FA68BXd6nA6OoV4le9HYidf9u/soCD6VQB
GTfvIwmXxREnKVNWdcKkLAmc0Up5+ooZaLrpyAttte3W4pUT9dM0+0NgHbc9CYBx
0DPn3zzaamdMBRHiBSFYVMpdWKehiNrehFV74+FJ8okAQ1Ujx6TOuM6WvhlgryE6
6XN4BpwCSVZHn5/KWNO5AmF5RIy6Pnz0BfbHVsXCaLoR5SFPcBSR0P6wr2G6GCEy
yWI7HhkRIGU6CJYUwdIZ6cJlHRkH2fl5YU+dynPj8E5Pfyfthfqr4vkfIs22ZKcd
7lexf0WooWCjsMUppuniomweaMWi5g8LUamRAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQU1kXSPWrQEOV1xZoDQt0joRJ/eWAwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni8xa1hTUFdyUUVPVjF4Wm9E
UXQwam9SSl9lV0Eucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBAEWWj3IssZ60PJXde7F88FUnGNvYJ8ybnLB6
YS2m0vtPcmZ9NfHAfGdG7be7AXgxV8uWYAya2/bh1DF2UBE56egpFNLsN1eQI1Y7
ZDhKCNe0ZlwGNKqE+8CU13cUqKnXNN/jY/o/vSdd07yKFSz/A8x/tTz01Os383+O
3Ap+VLUqBUr0Mu4pkOB7H2zoL9egPCxlluwgedG36MQ67qjiu8wYJuOsRfwAbZGv
9M3WEloiChO5eqfHud14bdjYJbbWywpul68x461TJjVzsqP8WMSWbQ/DBp47L85Y
leeaTE6DCZY2DfKgBc9/IRHvLmrxSywnr2fsvbVHWobOFddZjBk=
-----END CERTIFICATE-----
Generated at Sun Jul 20 22:54:52 2025 by rpki-client