Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/2T8iVtKyh5N2mlyYa0SIA0hrqYE.roa
File: 2T8iVtKyh5N2mlyYa0SIA0hrqYE.roa (raw, json)
Hash identifier: mh+iluLTVwn/aBdIFudczTOy9RsXxQCHRtMP+Z3moCU=
Subject key identifier: D9:3F:22:56:D2:B2:87:93:76:9A:5C:98:6B:44:88:03:48:6B:A9:81
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 2335
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/2T8iVtKyh5N2mlyYa0SIA0hrqYE.roa
Signing time: Mon 23 Jun 2025 12:11:54 +0000
ROA not before: Mon 23 Jun 2025 12:11:54 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 9013 (0x2335)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 23 12:11:54 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=D93F2256D2B28793769A5C986B448803486BA981
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:b7:68:25:56:d4:d6:70:5b:e4:0a:9d:7b:73:
c0:40:c3:68:97:7f:52:fb:b8:15:8e:3d:51:93:db:
95:c1:aa:cc:f1:bc:cc:13:d3:f7:62:d9:b3:ee:fd:
50:36:48:9b:9a:45:f6:e2:a5:9f:06:52:7b:c4:e9:
2c:99:89:63:fb:7a:52:f9:1e:62:44:d3:c2:ea:aa:
cf:41:f4:a5:09:aa:9b:cd:90:11:c0:46:09:e5:cb:
93:43:4c:62:bf:bd:38:fa:8d:36:ae:07:65:80:ce:
3a:a4:b3:21:af:82:a6:75:33:d2:ff:28:5a:c3:ec:
d9:19:43:57:21:29:61:5a:61:aa:b9:2c:1f:1f:8f:
b0:45:54:c8:95:a7:30:0a:8e:3d:7e:c8:13:ee:28:
e7:64:c3:20:d2:ed:5f:03:4e:5c:96:c9:f7:3e:73:
97:db:1a:48:0a:3f:d7:c4:37:30:cd:65:57:dc:50:
35:de:e3:ea:35:89:a0:f8:fa:66:a5:7f:b4:8f:fc:
01:9a:6d:5e:70:9d:6b:70:82:65:98:90:53:c8:f0:
be:2d:76:cb:cb:2a:8b:fa:a5:b9:c4:05:ed:df:e0:
18:73:24:19:60:29:cb:01:14:52:5f:04:b2:64:97:
75:ff:37:8c:8e:5e:68:f9:81:06:26:20:a1:6f:f8:
d3:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:3F:22:56:D2:B2:87:93:76:9A:5C:98:6B:44:88:03:48:6B:A9:81
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/2T8iVtKyh5N2mlyYa0SIA0hrqYE.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
86:27:36:9e:cb:c5:d1:2b:59:14:bf:1c:1f:75:04:02:b3:90:
42:d6:ba:ca:a9:dc:32:e4:e5:aa:af:cf:3d:d7:98:08:d8:12:
7a:c1:fd:3f:0f:31:46:66:00:47:59:05:dd:52:40:71:1a:70:
36:53:b2:8d:50:fb:5a:fc:40:b1:3c:ca:26:76:e5:93:12:87:
bd:f8:63:5d:48:ad:f7:b2:53:22:80:da:c1:44:e7:3b:69:ef:
e4:d3:d1:0c:4c:a2:61:e8:f6:33:a1:5d:e7:91:e0:e1:6d:a9:
d0:f2:d1:08:c1:fd:d7:c0:7f:a5:64:7d:73:f0:13:a2:aa:b5:
ce:af:69:4f:41:cf:63:56:0e:2c:82:09:2a:21:3c:1c:c8:6e:
60:6a:d9:fc:e7:e5:f6:b5:f4:6e:f8:ed:cb:7b:64:df:25:33:
3a:4e:c1:4d:b8:0f:64:7b:26:44:c7:e3:da:13:ff:16:c6:1b:
2a:be:a6:21:6c:b5:49:34:71:64:91:3a:93:19:38:61:4f:f7:
bd:ae:3e:79:e4:3e:8e:fe:29:d7:6e:0e:a6:5c:2c:35:49:bf:
bc:6a:a5:23:3b:d3:4e:15:cd:85:93:75:8f:bb:73:33:9f:97:
86:49:3e:f1:e1:35:d0:ca:21:69:13:e7:c2:8c:fb:cf:1d:8e:
32:79:70:de
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICIzUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MjMx
MjExNTRaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEQ5M0YyMjU2RDJCMjg3
OTM3NjlBNUM5ODZCNDQ4ODAzNDg2QkE5ODEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDmt2glVtTWcFvkCp17c8BAw2iXf1L7uBWOPVGT25XBqszxvMwT
0/di2bPu/VA2SJuaRfbipZ8GUnvE6SyZiWP7elL5HmJE08Lqqs9B9KUJqpvNkBHA
Rgnly5NDTGK/vTj6jTauB2WAzjqksyGvgqZ1M9L/KFrD7NkZQ1chKWFaYaq5LB8f
j7BFVMiVpzAKjj1+yBPuKOdkwyDS7V8DTlyWyfc+c5fbGkgKP9fENzDNZVfcUDXe
4+o1iaD4+malf7SP/AGabV5wnWtwgmWYkFPI8L4tdsvLKov6pbnEBe3f4BhzJBlg
KcsBFFJfBLJkl3X/N4yOXmj5gQYmIKFv+NM3AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQU2T8iVtKyh5N2mlyYa0SIA0hrqYEwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni8yVDhpVnRLeWg1TjJtbHlZ
YTBTSUEwaHJxWUUucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBAIYnNp7LxdErWRS/HB91BAKzkELWusqp3DLk
5aqvzz3XmAjYEnrB/T8PMUZmAEdZBd1SQHEacDZTso1Q+1r8QLE8yiZ25ZMSh734
Y11IrfeyUyKA2sFE5ztp7+TT0QxMomHo9jOhXeeR4OFtqdDy0QjB/dfAf6VkfXPw
E6Kqtc6vaU9Bz2NWDiyCCSohPBzIbmBq2fzn5fa19G747ct7ZN8lMzpOwU24D2R7
JkTH49oT/xbGGyq+piFstUk0cWSROpMZOGFP972uPnnkPo7+KdduDqZcLDVJv7xq
pSM7004VzYWTdY+7czOfl4ZJPvHhNdDKIWkT58KM+88djjJ5cN4=
-----END CERTIFICATE-----
Generated at Sun Jul 20 13:20:30 2025 by rpki-client