Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/25oGE1LMr4dNLHDm5Hk2NrzDhXQ.roa
File: 25oGE1LMr4dNLHDm5Hk2NrzDhXQ.roa (raw, json)
Hash identifier: TqB9amB6arpVzA75JNSlHBCisIIbPnNVHKDY8CNfk50=
Subject key identifier: DB:9A:06:13:52:CC:AF:87:4D:2C:70:E6:E4:79:36:36:BC:C3:85:74
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0825
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/25oGE1LMr4dNLHDm5Hk2NrzDhXQ.roa
Signing time: Sat 17 May 2025 22:38:51 +0000
ROA not before: Sat 17 May 2025 22:38:51 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2085 (0x825)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 17 22:38:51 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=DB9A061352CCAF874D2C70E6E4793636BCC38574
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:9f:90:c1:6f:e0:f7:8a:0b:08:a2:93:1c:42:
a7:b7:db:44:b3:4c:9f:8a:1e:ae:2b:b8:82:5d:fb:
0d:ec:da:21:e7:86:ec:38:5e:58:3f:53:fd:80:0c:
25:ad:35:0c:c0:41:7d:23:15:f2:1a:fe:c9:d0:44:
b8:a6:b2:e8:13:4e:98:f9:c0:a1:9d:cd:92:fb:cd:
1b:b7:4d:cd:1f:dc:aa:ac:73:15:ee:ca:df:52:f0:
77:e1:ac:1e:77:6d:a2:00:b4:07:0b:5c:15:dd:9a:
fd:7b:8f:5c:90:9c:82:ff:77:42:81:eb:60:99:bf:
b0:40:15:b0:6d:00:37:64:aa:ee:cc:68:88:15:36:
3b:59:53:3c:08:31:a0:41:bd:8c:ac:b3:4b:42:28:
84:6f:02:26:d7:16:71:b7:93:73:56:c2:3b:c7:dc:
3a:cb:89:0f:48:2f:84:e4:68:83:ef:c6:67:f7:ce:
05:16:3d:7f:80:df:78:02:9e:c6:19:cb:fb:07:97:
c4:16:54:5b:af:f4:9d:e9:9e:68:2e:01:bb:c2:0b:
00:6d:df:80:78:d0:8c:d7:ef:4e:80:23:1a:c5:d2:
ab:d6:3a:fe:e7:21:9e:b0:59:ea:20:0c:f8:22:99:
77:2b:63:1f:2e:fc:68:8a:c8:97:3c:d1:96:d1:21:
b8:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:9A:06:13:52:CC:AF:87:4D:2C:70:E6:E4:79:36:36:BC:C3:85:74
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/25oGE1LMr4dNLHDm5Hk2NrzDhXQ.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
3f:69:d5:c7:2a:9c:a5:1e:a8:d5:8b:72:08:fd:8a:9c:f6:53:
61:a5:ea:0f:20:f7:51:27:8a:8f:33:a2:3f:88:fb:9b:b3:da:
b1:97:f7:c1:17:1f:f7:36:6b:0a:69:47:8f:86:3d:fe:1d:03:
07:05:e7:10:30:30:21:6b:e4:6f:e8:90:d4:72:cc:67:01:18:
51:9e:cf:9e:3e:d9:0b:de:bc:85:ad:73:17:36:1f:c4:2a:33:
d2:7d:d5:36:82:23:86:c1:0b:4e:f6:98:c5:3b:9b:dc:b0:fd:
c7:61:35:c7:30:6c:06:22:12:06:da:4e:7a:5c:3f:8b:87:58:
2f:1a:4b:5e:89:29:80:b8:29:56:2e:51:c9:a3:b6:1b:b2:14:
f3:6b:f5:77:47:1c:58:e2:b4:61:6a:09:8f:7b:32:b7:bf:1a:
c3:ff:d0:dd:97:a6:85:bd:a3:09:e3:20:f7:d6:e4:6f:81:de:
75:27:bf:cf:c4:41:36:5b:9d:bc:27:6c:25:6e:c3:ed:5d:d4:
c3:88:8a:e2:5e:9f:d6:b5:16:62:ae:6c:a4:ee:44:f9:64:13:
2f:89:5e:c0:3b:84:ad:8f:0e:66:eb:2d:14:a8:91:61:da:8a:
fc:ee:b4:07:62:81:54:8b:88:3e:1a:74:07:c7:7d:10:07:49:
0b:f7:73:ae
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICCCUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTcy
MjM4NTFaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKERCOUEwNjEzNTJDQ0FG
ODc0RDJDNzBFNkU0NzkzNjM2QkNDMzg1NzQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDMn5DBb+D3igsIopMcQqe320SzTJ+KHq4ruIJd+w3s2iHnhuw4
Xlg/U/2ADCWtNQzAQX0jFfIa/snQRLimsugTTpj5wKGdzZL7zRu3Tc0f3KqscxXu
yt9S8HfhrB53baIAtAcLXBXdmv17j1yQnIL/d0KB62CZv7BAFbBtADdkqu7MaIgV
NjtZUzwIMaBBvYyss0tCKIRvAibXFnG3k3NWwjvH3DrLiQ9IL4TkaIPvxmf3zgUW
PX+A33gCnsYZy/sHl8QWVFuv9J3pnmguAbvCCwBt34B40IzX706AIxrF0qvWOv7n
IZ6wWeogDPgimXcrYx8u/GiKyJc80ZbRIbgfAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQU25oGE1LMr4dNLHDm5Hk2NrzDhXQwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni8yNW9HRTFMTXI0ZE5MSERt
NUhrMk5yekRoWFEucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBAD9p1ccqnKUeqNWLcgj9ipz2U2Gl6g8g91En
io8zoj+I+5uz2rGX98EXH/c2awppR4+GPf4dAwcF5xAwMCFr5G/okNRyzGcBGFGe
z54+2QvevIWtcxc2H8QqM9J91TaCI4bBC072mMU7m9yw/cdhNccwbAYiEgbaTnpc
P4uHWC8aS16JKYC4KVYuUcmjthuyFPNr9XdHHFjitGFqCY97Mre/GsP/0N2XpoW9
ownjIPfW5G+B3nUnv8/EQTZbnbwnbCVuw+1d1MOIiuJen9a1FmKubKTuRPlkEy+J
XsA7hK2PDmbrLRSokWHaivzutAdigVSLiD4adAfHfRAHSQv3c64=
-----END CERTIFICATE-----
Generated at Wed Jun 4 00:57:31 2025 by rpki-client