Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/5ZZ7tDQumkrAwlUFT1RLXFJ4ADI.roa
File: 5ZZ7tDQumkrAwlUFT1RLXFJ4ADI.roa (raw, json)
Hash identifier: D4NkOAuHZeKbUIQlYttObQpU2Pv/IoUx2Q+7OTNUqpQ=
Subject key identifier: E5:96:7B:B4:34:2E:9A:4A:C0:C2:55:05:4F:54:4B:5C:52:78:00:32
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 221D
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/5ZZ7tDQumkrAwlUFT1RLXFJ4ADI.roa
Signing time: Sun 22 Jun 2025 01:12:41 +0000
ROA not before: Sun 22 Jun 2025 01:12:41 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8733 (0x221d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 22 01:12:41 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=E5967BB4342E9A4AC0C255054F544B5C52780032
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:46:0b:11:9a:b1:c9:7c:6b:bf:13:65:ee:16:
29:7e:84:73:82:6e:3a:d6:eb:4b:d2:b3:14:5b:6d:
2c:3e:8d:72:53:06:03:47:99:99:8d:03:b0:89:99:
0a:d5:84:6a:11:b8:6e:d3:fd:a4:47:d8:d1:ab:96:
29:78:71:d3:a4:bb:cd:c4:36:1f:6d:d3:52:4a:72:
f2:73:82:a9:c5:19:ca:c2:76:46:05:43:79:75:1e:
04:e6:75:34:42:0c:2d:aa:07:d9:12:79:8c:80:03:
27:c4:31:fe:a0:cd:ed:ba:fe:0c:c6:47:04:24:4b:
39:8a:cf:33:bf:23:09:07:18:18:1d:16:f5:32:e4:
29:44:7c:b7:0d:f5:3b:8c:d7:07:30:d3:d5:a2:50:
51:a6:f0:ca:a5:91:a1:c3:df:b0:73:86:31:ba:b8:
76:51:0f:9e:14:54:69:f4:79:a8:22:2c:84:6e:5f:
a3:8d:cd:f9:b2:42:1f:41:57:d8:aa:8e:2b:04:1f:
52:cf:50:05:b6:ca:be:73:28:b4:d7:02:dc:f1:e4:
d1:1b:69:a4:13:af:7c:4c:e2:9e:d8:df:39:3a:31:
73:7e:e1:99:00:7e:ac:6c:a9:81:ff:b8:cc:42:5f:
4a:ae:c3:82:c9:5c:d1:82:60:2a:8a:a0:7c:d6:64:
75:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:96:7B:B4:34:2E:9A:4A:C0:C2:55:05:4F:54:4B:5C:52:78:00:32
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/5ZZ7tDQumkrAwlUFT1RLXFJ4ADI.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
5f:43:77:c8:bd:f1:bd:3e:fd:7f:ba:cd:a1:c8:d0:24:b1:bf:
7d:e3:9a:75:16:fe:0e:49:30:23:f9:c2:69:e0:1e:78:ea:e7:
13:0d:96:4e:74:39:98:1d:ce:36:de:1d:1c:d4:41:36:de:60:
9a:05:01:d6:29:8a:58:f7:e9:60:99:11:3a:83:bd:80:32:08:
f9:d3:44:a8:70:e1:5b:9f:da:5f:7f:d2:d4:71:44:a3:67:30:
91:47:95:d5:99:c2:10:f6:08:54:00:ca:6a:14:ca:e9:86:e2:
54:3c:b7:f7:8b:8d:85:13:90:4f:85:36:fb:2b:b9:8e:d6:20:
0c:0e:f4:1e:78:7e:08:a5:f1:a2:37:e5:e1:6b:b1:aa:48:34:
af:f6:31:b1:af:3e:c6:45:93:7f:85:2d:60:d6:39:a8:5e:5e:
c5:dc:ce:97:01:63:2b:af:be:b8:e1:d5:fd:17:e9:52:ae:51:
ee:52:1f:7e:cc:29:0e:4b:53:83:6c:8d:cf:71:4b:11:80:1c:
d8:78:a6:1c:5f:c1:54:89:61:7e:92:ba:60:8d:76:29:d6:b1:
a6:2f:17:e1:05:19:94:a8:8a:49:b6:bf:f4:e4:2d:84:2f:33:
44:cc:bb:93:d4:d7:aa:9e:a0:fb:5b:38:e2:6b:37:d2:e1:bc:
a5:4a:d6:5f
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICIh0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MjIw
MTEyNDFaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEU1OTY3QkI0MzQyRTlB
NEFDMEMyNTUwNTRGNTQ0QjVDNTI3ODAwMzIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQClRgsRmrHJfGu/E2XuFil+hHOCbjrW60vSsxRbbSw+jXJTBgNH
mZmNA7CJmQrVhGoRuG7T/aRH2NGrlil4cdOku83ENh9t01JKcvJzgqnFGcrCdkYF
Q3l1HgTmdTRCDC2qB9kSeYyAAyfEMf6gze26/gzGRwQkSzmKzzO/IwkHGBgdFvUy
5ClEfLcN9TuM1wcw09WiUFGm8MqlkaHD37BzhjG6uHZRD54UVGn0eagiLIRuX6ON
zfmyQh9BV9iqjisEH1LPUAW2yr5zKLTXAtzx5NEbaaQTr3xM4p7Y3zk6MXN+4ZkA
fqxsqYH/uMxCX0quw4LJXNGCYCqKoHzWZHXFAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQU5ZZ7tDQumkrAwlUFT1RLXFJ4ADIwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni81Wlo3dERRdW1rckF3bFVG
VDFSTFhGSjRBREkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBAF9Dd8i98b0+/X+6zaHI0CSxv33jmnUW/g5J
MCP5wmngHnjq5xMNlk50OZgdzjbeHRzUQTbeYJoFAdYpilj36WCZETqDvYAyCPnT
RKhw4Vuf2l9/0tRxRKNnMJFHldWZwhD2CFQAymoUyumG4lQ8t/eLjYUTkE+FNvsr
uY7WIAwO9B54fgil8aI35eFrsapINK/2MbGvPsZFk3+FLWDWOaheXsXczpcBYyuv
vrjh1f0X6VKuUe5SH37MKQ5LU4Nsjc9xSxGAHNh4phxfwVSJYX6SumCNdinWsaYv
F+EFGZSoikm2v/TkLYQvM0TMu5PU16qeoPtbOOJrN9LhvKVK1l8=
-----END CERTIFICATE-----
Generated at Sun Jul 20 19:05:31 2025 by rpki-client