Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/9QwA7MiDDjJpJ7TZQ_B7JSZ_6JA.roa
File: 9QwA7MiDDjJpJ7TZQ_B7JSZ_6JA.roa (raw, json)
Hash identifier: O/xQCV20cujc+rW7gvpzjcP8U6l6Og7X5T9lGUaXNug=
Subject key identifier: F5:0C:00:EC:C8:83:0E:32:69:27:B4:D9:43:F0:7B:25:26:7F:E8:90
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 203D
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/9QwA7MiDDjJpJ7TZQ_B7JSZ_6JA.roa
Signing time: Thu 19 Jun 2025 06:32:45 +0000
ROA not before: Thu 19 Jun 2025 06:32:45 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8253 (0x203d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 19 06:32:45 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=F50C00ECC8830E326927B4D943F07B25267FE890
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:ac:e7:01:35:71:a1:70:73:b5:f4:f2:c4:7c:
ef:36:7b:7c:b9:b6:c7:ae:4f:0f:97:9a:f9:a4:30:
75:ba:c7:8e:16:25:a8:56:a4:88:c9:4c:94:51:a6:
86:5a:3c:9a:66:15:67:07:76:b6:b1:2e:6c:e9:83:
a2:eb:0b:c7:0f:0e:b9:a7:80:54:f6:ab:8b:49:c3:
5c:da:a9:10:ed:86:46:4c:2f:3b:2d:da:8d:74:6b:
7f:8b:08:6d:b5:c7:20:37:7b:07:f2:3b:dc:4d:a1:
9b:4d:07:fc:0d:36:0f:2a:1d:86:a9:2d:57:68:9f:
b6:b8:31:e6:76:24:2d:64:35:88:fa:77:1a:f1:90:
5c:6d:56:e5:3d:e2:9e:7b:34:b0:82:0b:7e:6d:e4:
21:b9:80:67:a8:16:1e:48:19:ba:5a:9f:24:0f:82:
7b:3d:0d:ce:ec:0c:72:60:a3:a7:ee:ab:c2:8c:f6:
20:90:e2:cb:47:4e:db:d1:04:e6:35:e0:b2:de:33:
34:35:f8:74:d3:dc:6f:f0:76:56:81:d7:ef:22:17:
54:bf:50:42:63:dd:5c:01:9b:49:82:7f:79:3f:ef:
7d:81:f5:bb:20:ca:19:1a:65:ed:0e:d4:c4:18:44:
10:09:0d:b0:de:ef:20:88:16:ec:7a:8c:15:c6:8b:
25:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:0C:00:EC:C8:83:0E:32:69:27:B4:D9:43:F0:7B:25:26:7F:E8:90
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/9QwA7MiDDjJpJ7TZQ_B7JSZ_6JA.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
92:dd:d0:82:c5:91:a8:db:95:f3:6a:37:24:5a:a3:84:f6:59:
1d:ac:4e:2e:11:02:6c:5c:d0:ea:92:38:fa:f3:70:0e:ff:14:
c4:2e:b9:f4:59:e5:d8:e8:b1:76:d1:1d:3c:22:50:8f:48:62:
e3:2b:9f:08:3f:a5:dd:0b:47:20:a4:4c:9a:cc:bb:5c:08:86:
d1:fb:52:76:23:a9:7a:b5:53:b8:f1:6f:73:05:cf:a1:ba:7c:
b2:fe:4e:2f:50:1c:09:93:c3:bb:45:0e:93:24:2b:60:b5:6a:
75:7e:14:a7:58:f5:82:77:d9:2f:21:78:00:27:53:dd:e7:e3:
f5:e3:44:39:69:24:ff:aa:28:72:d4:26:e4:0b:07:d4:15:c8:
9e:55:5c:76:30:94:01:2c:2b:61:5f:e6:8c:d1:2a:64:b0:d7:
bb:99:7b:b6:46:bf:d9:4f:d7:7a:bb:dc:15:57:c8:7f:2b:46:
b7:b9:9f:de:4d:3d:9e:ec:bc:05:28:32:4c:20:4e:08:9b:03:
0d:11:ca:0b:12:72:48:8e:b3:56:ab:48:ed:15:d3:ea:7f:ce:
45:4f:cc:60:b2:8b:f3:b0:50:72:1e:03:13:cd:14:eb:55:ff:
d8:d2:d9:4c:7c:29:6d:4d:6c:02:60:94:d1:9c:98:64:a2:34:
64:b4:b1:a2
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICID0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MTkw
NjMyNDVaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEY1MEMwMEVDQzg4MzBF
MzI2OTI3QjREOTQzRjA3QjI1MjY3RkU4OTAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDTrOcBNXGhcHO19PLEfO82e3y5tseuTw+XmvmkMHW6x44WJahW
pIjJTJRRpoZaPJpmFWcHdraxLmzpg6LrC8cPDrmngFT2q4tJw1zaqRDthkZMLzst
2o10a3+LCG21xyA3ewfyO9xNoZtNB/wNNg8qHYapLVdon7a4MeZ2JC1kNYj6dxrx
kFxtVuU94p57NLCCC35t5CG5gGeoFh5IGbpanyQPgns9Dc7sDHJgo6fuq8KM9iCQ
4stHTtvRBOY14LLeMzQ1+HTT3G/wdlaB1+8iF1S/UEJj3VwBm0mCf3k/732B9bsg
yhkaZe0O1MQYRBAJDbDe7yCIFux6jBXGiyVrAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQU9QwA7MiDDjJpJ7TZQ/B7JSZ/6JAwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni85UXdBN01pRERqSnBKN1Ra
UV9CN0pTWl82SkEucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBAJLd0ILFkajblfNqNyRao4T2WR2sTi4RAmxc
0OqSOPrzcA7/FMQuufRZ5djosXbRHTwiUI9IYuMrnwg/pd0LRyCkTJrMu1wIhtH7
UnYjqXq1U7jxb3MFz6G6fLL+Ti9QHAmTw7tFDpMkK2C1anV+FKdY9YJ32S8heAAn
U93n4/XjRDlpJP+qKHLUJuQLB9QVyJ5VXHYwlAEsK2Ff5ozRKmSw17uZe7ZGv9lP
13q73BVXyH8rRre5n95NPZ7svAUoMkwgTgibAw0RygsSckiOs1arSO0V0+p/zkVP
zGCyi/OwUHIeAxPNFOtV/9jS2Ux8KW1NbAJglNGcmGSiNGS0saI=
-----END CERTIFICATE-----
Generated at Sun Jul 20 19:09:02 2025 by rpki-client