Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/84pcInhcVrSv4HHN-gtIdWYTVRo.roa
File: 84pcInhcVrSv4HHN-gtIdWYTVRo.roa (raw, json)
Hash identifier: h3sdo/C3Yh53WdH/QqJVk+dkOmguCVgt9Y/IQb09XC0=
Subject key identifier: F3:8A:5C:22:78:5C:56:B4:AF:E0:71:CD:FA:0B:48:75:66:13:55:1A
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 2285
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/84pcInhcVrSv4HHN-gtIdWYTVRo.roa
Signing time: Sun 22 Jun 2025 14:11:48 +0000
ROA not before: Sun 22 Jun 2025 14:11:48 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8837 (0x2285)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 22 14:11:48 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=F38A5C22785C56B4AFE071CDFA0B48756613551A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:d4:fb:fb:06:fb:67:4f:01:82:07:09:20:e4:
73:82:cd:c5:ca:70:f2:b3:2a:91:9f:09:4c:f0:4e:
d9:db:1d:24:a3:56:bb:c1:0b:a8:e2:f3:a3:7e:5e:
e3:5b:e7:17:12:a3:ea:52:aa:9d:0e:91:7c:0b:e6:
0e:b8:7d:2e:96:bf:ba:51:4a:33:ab:9e:ac:17:e4:
c9:50:81:99:73:f5:6a:be:93:33:97:f1:9f:12:f6:
04:d6:bf:48:27:4f:c7:89:af:a0:c3:e7:df:e8:b9:
0a:8f:59:96:ae:3f:61:d6:37:9d:f0:0d:54:c4:9c:
ea:9f:03:03:dd:ae:8a:8a:1f:e8:e4:d2:64:9d:7b:
fc:0b:a3:50:f8:69:29:24:7a:3f:63:c0:a4:43:a4:
ee:61:7c:c7:c5:42:25:68:c4:ac:5a:40:8b:15:4c:
f3:a6:27:0e:da:29:46:e3:e5:6c:32:b0:21:48:91:
3a:56:50:c7:16:ac:d5:80:00:ef:ac:36:6b:6a:6e:
88:0d:27:85:54:73:4b:3a:7e:66:a1:8b:dd:57:a6:
50:e1:e8:49:62:e5:11:e4:90:d9:90:14:0e:04:66:
38:d0:10:00:d1:5a:12:64:e6:2b:90:90:15:2b:56:
76:e2:7b:72:b1:de:b6:45:c8:a7:2f:c5:84:bc:70:
62:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:8A:5C:22:78:5C:56:B4:AF:E0:71:CD:FA:0B:48:75:66:13:55:1A
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/84pcInhcVrSv4HHN-gtIdWYTVRo.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
31:3e:10:c7:f6:70:2d:82:07:b8:7e:aa:bd:7e:8d:77:98:70:
76:10:87:3a:47:fc:82:8d:6b:d8:79:a9:cc:1c:72:67:d1:98:
d6:c3:ec:7a:77:0b:ea:ba:bc:cf:4b:cd:5f:c5:3a:b4:b1:3e:
3f:34:09:1a:00:3a:4d:7a:3c:bd:b6:b4:0e:2c:86:23:49:bb:
c2:e4:17:a9:67:3f:01:f3:ee:64:d4:7d:cd:d1:1d:11:c3:0b:
a3:40:31:4f:df:8f:c2:ab:32:1f:bd:f1:6d:f2:8c:48:24:05:
02:fc:31:64:73:49:91:0f:89:71:16:1c:c3:3b:6f:8f:84:d8:
25:be:3d:db:95:3d:bb:bd:9e:23:96:0e:ed:d8:a8:31:da:f8:
9f:1a:2f:18:b5:ae:e4:1f:f7:8e:aa:a6:61:6e:c7:69:b4:53:
35:98:eb:97:8b:df:cf:e1:99:f9:38:dc:16:15:45:7c:59:3c:
28:3d:40:64:e7:95:21:58:5f:1a:6c:44:7b:c1:38:19:78:81:
97:25:ea:e7:b9:d0:02:11:f1:b5:d3:a5:50:f6:5b:7f:b9:c9:
a2:e2:81:cf:68:a6:4c:f8:28:5e:9c:74:99:74:89:7e:f8:bc:
3a:e4:4d:17:1e:96:98:5a:2f:54:3e:97:34:3a:57:f6:3d:1a:
ba:46:01:04
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICIoUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MjIx
NDExNDhaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEYzOEE1QzIyNzg1QzU2
QjRBRkUwNzFDREZBMEI0ODc1NjYxMzU1MUEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDY1Pv7BvtnTwGCBwkg5HOCzcXKcPKzKpGfCUzwTtnbHSSjVrvB
C6ji86N+XuNb5xcSo+pSqp0OkXwL5g64fS6Wv7pRSjOrnqwX5MlQgZlz9Wq+kzOX
8Z8S9gTWv0gnT8eJr6DD59/ouQqPWZauP2HWN53wDVTEnOqfAwPdroqKH+jk0mSd
e/wLo1D4aSkkej9jwKRDpO5hfMfFQiVoxKxaQIsVTPOmJw7aKUbj5WwysCFIkTpW
UMcWrNWAAO+sNmtqbogNJ4VUc0s6fmahi91XplDh6Eli5RHkkNmQFA4EZjjQEADR
WhJk5iuQkBUrVnbie3Kx3rZFyKcvxYS8cGKpAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQU84pcInhcVrSv4HHN+gtIdWYTVRowHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni84NHBjSW5oY1ZyU3Y0SEhO
LWd0SWRXWVRWUm8ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBADE+EMf2cC2CB7h+qr1+jXeYcHYQhzpH/IKN
a9h5qcwccmfRmNbD7Hp3C+q6vM9LzV/FOrSxPj80CRoAOk16PL22tA4shiNJu8Lk
F6lnPwHz7mTUfc3RHRHDC6NAMU/fj8KrMh+98W3yjEgkBQL8MWRzSZEPiXEWHMM7
b4+E2CW+PduVPbu9niOWDu3YqDHa+J8aLxi1ruQf946qpmFux2m0UzWY65eL38/h
mfk43BYVRXxZPCg9QGTnlSFYXxpsRHvBOBl4gZcl6ue50AIR8bXTpVD2W3+5yaLi
gc9opkz4KF6cdJl0iX74vDrkTRcelphaL1Q+lzQ6V/Y9GrpGAQQ=
-----END CERTIFICATE-----
Generated at Sun Jul 20 13:22:33 2025 by rpki-client