Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/A9bwWqJilKfzu6PpFG9HtQqGXi0.roa
File: A9bwWqJilKfzu6PpFG9HtQqGXi0.roa (raw, json)
Hash identifier: 3siXG9Kq+8bctyXmw55BShDqenXP5HjNNcGIBsG1wY0=
Subject key identifier: 03:D6:F0:5A:A2:62:94:A7:F3:BB:A3:E9:14:6F:47:B5:0A:86:5E:2D
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 1245
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/A9bwWqJilKfzu6PpFG9HtQqGXi0.roa
Signing time: Sat 31 May 2025 10:39:06 +0000
ROA not before: Sat 31 May 2025 10:39:06 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4677 (0x1245)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 31 10:39:06 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=03D6F05AA26294A7F3BBA3E9146F47B50A865E2D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:b3:78:a2:d3:1f:19:7a:16:d2:10:3b:b5:df:
12:b0:ee:f6:48:f4:7e:70:38:78:c4:e7:e0:b8:2a:
87:90:b4:f7:77:4b:f2:ef:11:e7:57:35:29:00:14:
17:fc:ce:48:50:cb:1d:7a:0f:0c:54:8a:44:5a:bc:
72:43:c0:57:c3:4e:76:4d:91:e4:43:36:73:24:61:
15:5e:c3:12:96:8e:a0:6d:9f:57:ff:f0:73:c1:6d:
7d:b9:09:0b:3a:a4:f0:ae:3c:d3:89:e3:c3:25:64:
f0:d8:2e:87:b9:f8:89:31:7f:0c:63:88:63:35:10:
bd:ea:d2:77:c3:34:6c:70:24:68:df:55:6b:ea:05:
82:c5:16:60:da:9c:b8:45:22:a9:01:9e:08:7f:43:
94:c7:56:1e:c3:a6:81:a5:7c:ef:34:1d:2f:58:64:
7f:99:9d:9d:9f:35:29:70:4a:f5:fc:f7:06:4b:1b:
90:a5:d2:d4:ae:43:51:0c:14:aa:d3:c7:a3:90:d9:
21:d3:20:06:23:ab:40:ba:10:ad:0d:65:b9:55:27:
3f:89:b4:1c:79:8b:2c:e4:37:ae:8b:d7:f5:0f:4c:
47:2f:ef:e7:c0:c0:2f:6c:5c:0d:7c:e3:ff:7a:69:
32:5c:49:55:98:16:ba:e5:75:e8:1a:54:f7:61:10:
e2:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:D6:F0:5A:A2:62:94:A7:F3:BB:A3:E9:14:6F:47:B5:0A:86:5E:2D
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/A9bwWqJilKfzu6PpFG9HtQqGXi0.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
a7:d7:50:74:f5:64:72:96:0f:ff:e0:57:61:cf:86:ff:f3:d9:
75:0e:bf:71:d5:36:f9:47:d6:dd:08:2e:b5:d7:7c:91:10:4c:
76:89:20:4e:45:d3:54:0e:69:33:fa:2f:c0:12:b2:20:f3:bd:
02:5b:cd:d8:88:70:47:e9:b2:70:d4:4e:b0:11:b2:48:fb:a3:
90:5f:41:fd:2e:3b:a7:14:40:05:c1:3c:e4:5e:1a:3d:c4:36:
13:d5:99:c4:07:a1:dc:5b:b2:c0:f5:d2:a6:d1:a8:c2:6e:f7:
08:64:b9:ed:27:61:6b:6f:40:98:2d:84:98:cc:ce:49:99:8f:
55:5a:5e:09:8d:37:04:59:12:f6:13:4c:02:e6:71:ca:ab:c3:
79:30:fc:37:6f:38:37:3a:26:c7:42:df:ae:e5:8b:1e:d4:0b:
0a:08:41:58:f3:31:65:10:ea:6d:75:66:97:67:4d:91:68:65:
9f:81:ba:ce:12:1d:fd:20:31:f5:f2:d2:58:fb:f4:3a:fd:05:
ab:48:b2:f0:bc:a4:86:79:2e:3a:11:bb:1c:a3:33:d8:74:91:
a1:a6:a6:8a:08:ae:e3:7d:6d:b3:2e:66:59:ac:3f:4c:90:bd:
d0:80:81:af:bd:cb:f8:e3:a9:64:34:0f:43:ad:fd:50:34:84:
9f:c5:73:31
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICEkUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MzEx
MDM5MDZaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDAzRDZGMDVBQTI2Mjk0
QTdGM0JCQTNFOTE0NkY0N0I1MEE4NjVFMkQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDTs3ii0x8ZehbSEDu13xKw7vZI9H5wOHjE5+C4KoeQtPd3S/Lv
EedXNSkAFBf8zkhQyx16DwxUikRavHJDwFfDTnZNkeRDNnMkYRVewxKWjqBtn1f/
8HPBbX25CQs6pPCuPNOJ48MlZPDYLoe5+IkxfwxjiGM1EL3q0nfDNGxwJGjfVWvq
BYLFFmDanLhFIqkBngh/Q5THVh7DpoGlfO80HS9YZH+ZnZ2fNSlwSvX89wZLG5Cl
0tSuQ1EMFKrTx6OQ2SHTIAYjq0C6EK0NZblVJz+JtBx5iyzkN66L1/UPTEcv7+fA
wC9sXA184/96aTJcSVWYFrrldegaVPdhEOLnAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUA9bwWqJilKfzu6PpFG9HtQqGXi0wHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9BOWJ3V3FKaWxLZnp1NlBw
Rkc5SHRRcUdYaTAucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBAKfXUHT1ZHKWD//gV2HPhv/z2XUOv3HVNvlH
1t0ILrXXfJEQTHaJIE5F01QOaTP6L8ASsiDzvQJbzdiIcEfpsnDUTrARskj7o5Bf
Qf0uO6cUQAXBPOReGj3ENhPVmcQHodxbssD10qbRqMJu9whkue0nYWtvQJgthJjM
zkmZj1VaXgmNNwRZEvYTTALmccqrw3kw/DdvODc6JsdC367lix7UCwoIQVjzMWUQ
6m11ZpdnTZFoZZ+Bus4SHf0gMfXy0lj79Dr9BatIsvC8pIZ5LjoRuxyjM9h0kaGm
pooIruN9bbMuZlmsP0yQvdCAga+9y/jjqWQ0D0Ot/VA0hJ/FczE=
-----END CERTIFICATE-----
Generated at Wed Jun 4 01:09:33 2025 by rpki-client