Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/AAJBJBXpsBSH61MnsTIq_UrRDzw.roa
File: AAJBJBXpsBSH61MnsTIq_UrRDzw.roa (raw, json)
Hash identifier: wplR3N/1g2rqRav+1hkpuISwBdjR1uA9ai0b1mj3/dA=
Subject key identifier: 00:02:41:24:15:E9:B0:14:87:EB:53:27:B1:32:2A:FD:4A:D1:0F:3C
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 2379
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/AAJBJBXpsBSH61MnsTIq_UrRDzw.roa
Signing time: Mon 23 Jun 2025 20:42:01 +0000
ROA not before: Mon 23 Jun 2025 20:42:01 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 9081 (0x2379)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 23 20:42:01 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=0002412415E9B01487EB5327B1322AFD4AD10F3C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:52:b5:3d:ed:da:64:0b:38:37:47:5d:0b:8a:
c4:4c:6b:60:47:fc:bd:6a:fe:f0:9b:cb:63:93:fb:
10:56:92:8d:ba:a6:8b:4c:50:0e:48:42:73:ca:16:
12:89:d5:5b:ab:51:29:be:a0:26:18:2d:ca:d0:d7:
0f:16:c2:2d:89:83:f2:db:32:16:89:8a:53:08:77:
1a:05:a1:b1:b8:5a:5d:79:c6:72:80:68:e1:dc:eb:
70:a3:e4:19:4d:b0:40:5c:38:69:eb:57:26:f0:6e:
e0:eb:1e:a9:40:e1:8f:fb:23:f7:f7:99:0d:d5:27:
48:b7:ed:3a:de:f2:f7:3e:bf:a6:a1:74:52:46:36:
e7:4b:bd:84:5a:42:f9:8d:a3:b8:e3:c4:2a:57:d4:
fd:b4:32:62:18:7b:22:c0:dd:a4:88:24:3b:25:8d:
6c:8e:82:a4:d7:b6:37:7e:b3:15:96:32:7e:61:13:
03:2a:9d:8f:d2:b7:b0:65:2e:e4:f7:0d:26:53:b8:
0c:5c:43:52:8d:78:3d:db:93:75:a1:0c:05:9c:31:
bf:dd:67:9a:6f:39:11:2e:1a:9f:a2:e4:36:84:89:
4a:06:34:d7:c5:0b:7f:44:e3:b8:22:62:45:21:c4:
2d:d2:aa:64:16:28:65:e3:b7:c0:4d:35:d5:3d:a6:
6d:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:02:41:24:15:E9:B0:14:87:EB:53:27:B1:32:2A:FD:4A:D1:0F:3C
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/AAJBJBXpsBSH61MnsTIq_UrRDzw.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
7e:d1:73:81:65:06:98:15:64:81:02:2a:39:fc:bc:a5:e9:45:
46:7f:3a:ea:12:8a:cc:9f:5a:39:f5:17:97:0c:6a:14:ff:2c:
30:78:08:77:d7:5a:fd:0c:10:7c:0c:61:53:00:12:2f:ba:de:
bb:05:b4:6e:7a:96:9b:8c:4e:8c:1e:a6:7f:bb:c4:74:c7:77:
ef:3f:8e:e5:2e:82:78:18:8b:8f:39:f7:05:a5:6f:40:d0:8f:
d1:65:c3:d3:d1:24:63:96:93:9a:43:58:68:91:32:04:2d:eb:
78:b1:93:df:f4:c6:00:b5:aa:4d:5c:cb:a9:ae:d0:29:ef:78:
68:8f:3f:dd:68:c0:a5:db:4b:2c:4a:75:61:02:2d:2a:6c:8c:
8a:e0:6c:ea:d2:62:08:da:a1:39:e2:4c:a5:6f:f0:76:c5:0c:
cd:30:3e:02:60:ea:3a:c0:0c:cf:56:c2:98:99:84:14:3e:11:
99:04:b5:da:b0:99:01:07:2c:13:fa:21:74:c8:12:12:43:06:
bd:6a:5f:36:0f:4c:2d:7e:15:13:dc:30:71:ce:72:a2:c8:6b:
b1:69:4d:f4:00:36:38:de:6a:13:6c:a5:13:db:18:2c:bf:d8:
62:b4:db:ad:d5:1c:04:c2:66:08:5f:5c:18:69:bd:9f:19:bb:
14:ab:86:ea
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICI3kwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MjMy
MDQyMDFaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDAwMDI0MTI0MTVFOUIw
MTQ4N0VCNTMyN0IxMzIyQUZENEFEMTBGM0MwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCuUrU97dpkCzg3R10LisRMa2BH/L1q/vCby2OT+xBWko26potM
UA5IQnPKFhKJ1VurUSm+oCYYLcrQ1w8Wwi2Jg/LbMhaJilMIdxoFobG4Wl15xnKA
aOHc63Cj5BlNsEBcOGnrVybwbuDrHqlA4Y/7I/f3mQ3VJ0i37Tre8vc+v6ahdFJG
NudLvYRaQvmNo7jjxCpX1P20MmIYeyLA3aSIJDsljWyOgqTXtjd+sxWWMn5hEwMq
nY/St7BlLuT3DSZTuAxcQ1KNeD3bk3WhDAWcMb/dZ5pvOREuGp+i5DaEiUoGNNfF
C39E47giYkUhxC3SqmQWKGXjt8BNNdU9pm2fAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUAAJBJBXpsBSH61MnsTIq/UrRDzwwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9BQUpCSkJYcHNCU0g2MU1u
c1RJcV9VclJEencucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBAH7Rc4FlBpgVZIECKjn8vKXpRUZ/OuoSisyf
Wjn1F5cMahT/LDB4CHfXWv0MEHwMYVMAEi+63rsFtG56lpuMTowepn+7xHTHd+8/
juUugngYi4859wWlb0DQj9Flw9PRJGOWk5pDWGiRMgQt63ixk9/0xgC1qk1cy6mu
0CnveGiPP91owKXbSyxKdWECLSpsjIrgbOrSYgjaoTniTKVv8HbFDM0wPgJg6jrA
DM9WwpiZhBQ+EZkEtdqwmQEHLBP6IXTIEhJDBr1qXzYPTC1+FRPcMHHOcqLIa7Fp
TfQANjjeahNspRPbGCy/2GK0263VHATCZghfXBhpvZ8ZuxSrhuo=
-----END CERTIFICATE-----
Generated at Sun Jul 20 23:10:06 2025 by rpki-client