Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/4fVYDgEdEaxX_QSiZeREV5tODf8.roa
File: 4fVYDgEdEaxX_QSiZeREV5tODf8.roa (raw, json)
Hash identifier: +PurJAHjITsv8eAGma2NDGPZXFIeOCpl/A9ouPmHrMw=
Subject key identifier: E1:F5:58:0E:01:1D:11:AC:57:FD:04:A2:65:E4:44:57:9B:4E:0D:FF
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 1F51
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/4fVYDgEdEaxX_QSiZeREV5tODf8.roa
Signing time: Tue 17 Jun 2025 20:18:51 +0000
ROA not before: Tue 17 Jun 2025 20:18:51 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8017 (0x1f51)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 17 20:18:51 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=E1F5580E011D11AC57FD04A265E444579B4E0DFF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:8e:11:6f:ca:99:ee:ea:4c:f8:f3:1d:4b:9a:
e7:90:a1:b3:e4:83:2c:95:b8:f3:ef:c1:97:05:e6:
c9:c5:96:1b:da:53:2d:dd:a6:b3:a6:16:ca:f7:ed:
07:ae:bc:dc:5d:b2:9d:5d:4b:ea:2f:2a:3b:9e:f3:
bf:25:20:9b:6d:37:aa:6a:55:20:fb:6f:59:80:5d:
ba:7f:5a:56:c5:76:3b:1a:f9:24:83:6c:80:0f:0f:
6f:d1:40:68:8b:3a:fd:d0:3e:d0:fd:f9:63:52:5b:
60:af:3e:a4:52:23:e3:70:0c:9e:ad:f1:e8:57:67:
1b:61:0f:3f:33:8a:92:d5:c1:57:49:b5:a6:20:9f:
f7:fc:9f:af:e9:d2:fc:c6:f3:77:8b:27:18:44:a5:
13:80:e6:a4:63:53:f6:5b:86:52:a7:10:9a:2b:77:
ba:0c:9a:c4:bf:49:89:55:c7:81:6d:1d:e0:6c:c9:
45:7e:d9:ce:f3:ec:78:47:d2:bb:ac:e5:24:8f:54:
d9:4b:60:56:8e:a7:18:f1:ae:54:3c:3d:97:e8:af:
64:7c:08:aa:5f:8b:b0:53:fd:5a:e7:3a:b1:c0:c7:
98:c2:0f:d7:b7:35:ea:59:a4:93:ec:07:8d:e4:71:
32:f4:ac:51:f7:52:25:1f:32:5e:70:c1:f6:71:eb:
bb:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:F5:58:0E:01:1D:11:AC:57:FD:04:A2:65:E4:44:57:9B:4E:0D:FF
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/4fVYDgEdEaxX_QSiZeREV5tODf8.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
42:6e:57:27:12:1c:18:76:db:5f:b1:55:54:07:74:e6:2c:05:
4f:9d:77:44:ec:97:1c:70:d3:00:a8:f8:23:3a:1c:16:63:36:
c8:78:2d:06:96:e5:c5:cd:e7:a6:72:44:a3:60:ee:58:6e:e6:
30:5d:17:02:1b:ff:ab:d3:11:52:50:6e:4e:63:a8:6b:fe:94:
68:d7:ce:55:ae:66:b0:a8:63:da:c9:02:55:53:4b:34:5b:b7:
c6:44:ee:3a:cc:f4:e1:ea:c3:a9:85:88:f3:3f:6d:92:37:41:
14:8d:1f:5b:72:3a:65:f9:60:92:f4:3c:3b:6e:4b:cb:96:e1:
83:9a:bf:96:b6:04:e4:2e:09:ed:91:a2:9a:8b:4b:ab:98:e1:
53:3c:cc:ca:25:b5:81:b5:c8:71:ee:ed:51:65:43:07:6a:e5:
6c:7d:46:a2:eb:f0:58:03:c5:f3:3f:55:de:3a:e7:00:e6:9e:
0d:2a:5c:b2:21:25:a0:f6:43:5c:7f:e9:45:20:90:45:dc:91:
09:bd:2d:da:39:1e:c1:c8:0f:56:cd:a1:0a:9f:68:f7:65:1a:
9c:11:38:6d:32:ff:05:33:d2:f9:f5:23:38:4f:6c:b3:9f:63:
fe:43:5d:69:bc:01:17:5d:9c:a6:e4:2b:12:62:4e:16:a8:9c:
3f:01:d3:12
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICH1EwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MTcy
MDE4NTFaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEUxRjU1ODBFMDExRDEx
QUM1N0ZEMDRBMjY1RTQ0NDU3OUI0RTBERkYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDTjhFvypnu6kz48x1LmueQobPkgyyVuPPvwZcF5snFlhvaUy3d
prOmFsr37QeuvNxdsp1dS+ovKjue878lIJttN6pqVSD7b1mAXbp/WlbFdjsa+SSD
bIAPD2/RQGiLOv3QPtD9+WNSW2CvPqRSI+NwDJ6t8ehXZxthDz8zipLVwVdJtaYg
n/f8n6/p0vzG83eLJxhEpROA5qRjU/ZbhlKnEJord7oMmsS/SYlVx4FtHeBsyUV+
2c7z7HhH0rus5SSPVNlLYFaOpxjxrlQ8PZfor2R8CKpfi7BT/VrnOrHAx5jCD9e3
NepZpJPsB43kcTL0rFH3UiUfMl5wwfZx67u5AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQU4fVYDgEdEaxX/QSiZeREV5tODf8wHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni80ZlZZRGdFZEVheFhfUVNp
WmVSRVY1dE9EZjgucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBAEJuVycSHBh221+xVVQHdOYsBU+dd0Tslxxw
0wCo+CM6HBZjNsh4LQaW5cXN56ZyRKNg7lhu5jBdFwIb/6vTEVJQbk5jqGv+lGjX
zlWuZrCoY9rJAlVTSzRbt8ZE7jrM9OHqw6mFiPM/bZI3QRSNH1tyOmX5YJL0PDtu
S8uW4YOav5a2BOQuCe2RopqLS6uY4VM8zMoltYG1yHHu7VFlQwdq5Wx9RqLr8FgD
xfM/Vd465wDmng0qXLIhJaD2Q1x/6UUgkEXckQm9Ldo5HsHID1bNoQqfaPdlGpwR
OG0y/wUz0vn1IzhPbLOfY/5DXWm8ARddnKbkKxJiThaonD8B0xI=
-----END CERTIFICATE-----
Generated at Sun Jul 20 13:15:45 2025 by rpki-client