Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/9mCQ8liecQFb1UILCnEUlRIH350.roa
File: 9mCQ8liecQFb1UILCnEUlRIH350.roa (raw, json)
Hash identifier: d6mag/I9l/CiCHs1iQrJuwgbW0m+iJkn0oIaOmal2Fw=
Subject key identifier: F6:60:90:F2:58:9E:71:01:5B:D5:42:0B:0A:71:14:95:12:07:DF:9D
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 23DD
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/9mCQ8liecQFb1UILCnEUlRIH350.roa
Signing time: Tue 24 Jun 2025 09:11:59 +0000
ROA not before: Tue 24 Jun 2025 09:11:59 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 9181 (0x23dd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 24 09:11:59 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=F66090F2589E71015BD5420B0A7114951207DF9D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:83:a4:84:85:16:68:63:90:9c:2c:66:6e:4e:
4d:ca:cc:f5:c1:43:67:25:94:27:d2:8c:85:0b:45:
3e:d6:18:06:99:93:e3:00:d8:51:1b:d8:b9:1b:16:
6d:9c:03:81:64:f9:a5:06:a4:c6:5d:ac:e4:90:f9:
ea:e7:7f:47:fc:97:8b:b1:b0:97:1e:bf:62:84:e7:
20:54:ad:65:4e:8d:c0:b0:85:02:f0:4c:22:af:69:
1a:43:0f:5c:d3:8c:df:a3:73:a5:53:6e:9c:bd:68:
50:fc:51:c1:5e:32:c2:8b:fe:91:07:60:88:25:e1:
e3:b7:bc:35:6c:62:73:04:07:65:3c:eb:b9:0d:fa:
7e:19:99:19:9a:bf:fc:f0:f9:f6:bb:58:64:fd:af:
87:74:5c:a6:55:0f:9b:ee:44:64:e7:2d:12:6a:49:
7d:3a:29:94:28:7b:71:a5:56:3a:fd:e6:b6:75:cb:
de:9a:63:50:ba:b9:f9:93:b3:ff:8b:fc:97:19:16:
6e:4c:d7:c5:b1:23:c5:f5:00:9d:6d:5a:4b:20:68:
09:3e:e4:62:69:ee:58:25:cb:78:e9:d6:8f:8e:b3:
3b:da:e5:3f:95:26:09:83:66:f9:ad:cf:8a:30:0d:
d3:15:9d:62:ce:59:87:25:cd:cd:9a:f0:ab:eb:21:
cb:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:60:90:F2:58:9E:71:01:5B:D5:42:0B:0A:71:14:95:12:07:DF:9D
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/9mCQ8liecQFb1UILCnEUlRIH350.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
11:66:a5:1f:56:82:40:50:5d:22:13:a1:60:2a:10:76:d7:d2:
09:11:70:25:ab:9a:91:3d:85:17:ec:04:87:71:0d:fe:8e:6a:
f5:aa:fb:63:86:24:65:a7:77:85:f4:10:35:ed:57:e1:ae:fd:
f1:e1:fa:bb:aa:bb:50:54:40:fe:d4:5d:6b:cc:1f:8b:f2:40:
04:7d:ca:3c:55:a1:ff:60:29:a6:79:22:cb:75:22:a5:86:c7:
2d:17:a8:d6:4c:f1:24:3a:d3:3c:96:58:84:ce:90:b2:5c:da:
28:d3:73:65:c8:80:a9:cf:3c:1b:57:88:2b:8d:ca:6e:57:a7:
6f:fe:57:41:eb:b2:68:d5:05:22:2b:3d:2f:7f:a0:30:76:fd:
59:45:d9:b5:81:4d:72:be:7a:be:0c:d5:e2:18:02:de:fb:a8:
97:31:5d:f8:1c:73:81:a3:6f:f9:51:b7:02:68:d0:6d:9b:92:
7d:9d:db:73:6e:88:b1:56:28:82:7a:57:e1:63:4a:83:99:e6:
b0:43:b5:2d:5d:33:e5:b2:51:9e:11:56:a2:2b:33:63:c2:79:
bd:a6:6c:a3:e1:11:de:de:b1:1c:67:74:56:55:07:40:2a:43:
f2:4d:6c:be:6c:d7:82:44:4d:4b:7c:19:76:65:e0:75:a0:bf:
75:82:56:60
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICI90wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MjQw
OTExNTlaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEY2NjA5MEYyNTg5RTcx
MDE1QkQ1NDIwQjBBNzExNDk1MTIwN0RGOUQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDKg6SEhRZoY5CcLGZuTk3KzPXBQ2cllCfSjIULRT7WGAaZk+MA
2FEb2LkbFm2cA4Fk+aUGpMZdrOSQ+ernf0f8l4uxsJcev2KE5yBUrWVOjcCwhQLw
TCKvaRpDD1zTjN+jc6VTbpy9aFD8UcFeMsKL/pEHYIgl4eO3vDVsYnMEB2U867kN
+n4ZmRmav/zw+fa7WGT9r4d0XKZVD5vuRGTnLRJqSX06KZQoe3GlVjr95rZ1y96a
Y1C6ufmTs/+L/JcZFm5M18WxI8X1AJ1tWksgaAk+5GJp7lgly3jp1o+Oszva5T+V
JgmDZvmtz4owDdMVnWLOWYclzc2a8KvrIct9AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQU9mCQ8liecQFb1UILCnEUlRIH350wHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni85bUNROGxpZWNRRmIxVUlM
Q25FVWxSSUgzNTAucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBABFmpR9WgkBQXSIToWAqEHbX0gkRcCWrmpE9
hRfsBIdxDf6OavWq+2OGJGWnd4X0EDXtV+Gu/fHh+ruqu1BUQP7UXWvMH4vyQAR9
yjxVof9gKaZ5Ist1IqWGxy0XqNZM8SQ60zyWWITOkLJc2ijTc2XIgKnPPBtXiCuN
ym5Xp2/+V0HrsmjVBSIrPS9/oDB2/VlF2bWBTXK+er4M1eIYAt77qJcxXfgcc4Gj
b/lRtwJo0G2bkn2d23NuiLFWKIJ6V+FjSoOZ5rBDtS1dM+WyUZ4RVqIrM2PCeb2m
bKPhEd7esRxndFZVB0AqQ/JNbL5s14JETUt8GXZl4HWgv3WCVmA=
-----END CERTIFICATE-----
Generated at Mon Jul 21 13:38:07 2025 by rpki-client