Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/CpWEb7Q__hiI-ZS1xeLbDQ0nCAQ.roa
File: CpWEb7Q__hiI-ZS1xeLbDQ0nCAQ.roa (raw, json)
Hash identifier: 4c0QkoA3Z1ZPu74bU+H7hpiZY8i6xzzodBn6kswxcKQ=
Subject key identifier: 0A:95:84:6F:B4:3F:FE:18:88:F9:94:B5:C5:E2:DB:0D:0D:27:08:04
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 2059
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/CpWEb7Q__hiI-ZS1xeLbDQ0nCAQ.roa
Signing time: Thu 19 Jun 2025 10:19:55 +0000
ROA not before: Thu 19 Jun 2025 10:19:55 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8281 (0x2059)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 19 10:19:55 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=0A95846FB43FFE1888F994B5C5E2DB0D0D270804
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:e8:71:23:a7:08:77:4c:ce:b4:a9:b6:51:38:
6b:70:d9:f1:b6:38:ca:cc:34:24:c8:b7:01:70:92:
b0:1c:4a:cb:8d:4b:6d:c0:d6:cb:e5:cb:50:14:ae:
a1:51:de:52:e1:e4:b2:ea:3d:a8:16:7b:0b:68:ef:
57:d5:93:61:11:b8:04:94:7e:f8:3b:0e:75:da:18:
e6:bd:74:2d:91:61:68:00:59:6f:83:1f:06:00:a3:
87:dc:78:f0:d2:ca:84:33:53:57:7c:51:86:71:6a:
05:d8:d1:47:70:ca:3c:59:bd:1a:bf:eb:d3:5d:9d:
8e:76:61:b9:30:d0:d1:7d:93:97:73:10:43:79:3e:
e3:cf:c2:45:c7:53:51:cc:2f:52:ea:ba:df:a9:dd:
ca:fb:47:d2:24:07:40:62:b5:71:a4:e4:ee:09:8c:
09:16:79:61:5b:0c:0f:be:5e:00:74:30:01:20:b8:
e5:ca:e1:32:b5:33:e2:9d:84:b5:b2:82:01:28:61:
1e:08:4e:13:95:53:a9:2c:28:c9:da:21:03:5e:52:
6c:0e:ee:81:40:7c:c5:13:e9:45:5e:c7:df:31:41:
35:fc:bb:a9:b1:bf:e6:4e:9a:07:50:a8:e5:26:43:
90:a1:d8:68:7c:11:26:94:8d:7d:a5:b1:27:0d:2c:
16:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:95:84:6F:B4:3F:FE:18:88:F9:94:B5:C5:E2:DB:0D:0D:27:08:04
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/CpWEb7Q__hiI-ZS1xeLbDQ0nCAQ.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
15:b5:bd:c7:e8:08:11:c1:73:56:cc:44:f8:ff:05:c1:9c:2b:
b1:d7:a5:09:7d:c3:a2:c9:c6:b7:e6:61:f4:5b:86:92:db:e7:
93:c6:52:c7:81:73:81:42:e2:9c:87:30:2f:6b:dc:59:17:eb:
08:09:41:ed:e6:00:25:89:4f:0f:11:8c:ba:89:58:ff:8f:a7:
62:b2:21:74:74:f6:f2:b4:d4:dd:f1:2f:f4:c4:ab:a6:16:6e:
3d:06:b9:9b:0a:6a:27:63:a7:08:ee:69:5e:52:74:3d:67:a0:
31:db:d8:1c:78:bd:c3:fc:4f:25:94:29:2b:16:f9:79:c9:cb:
df:2b:a4:50:2f:bd:54:13:bf:8b:18:59:bd:38:1c:3b:a2:f4:
12:9b:d9:9c:e3:2b:20:77:49:58:66:1b:9f:90:24:8f:d9:a6:
5f:45:da:7a:f6:e2:51:07:c1:3e:88:ad:21:b8:67:73:3e:65:
17:66:ae:80:c3:78:3f:bd:6d:9b:3a:7c:dd:01:98:76:d0:8d:
6e:db:31:28:33:ce:8f:2e:10:dc:0b:69:9a:f2:c0:17:0d:d3:
5b:5d:4d:2e:38:19:9f:c0:d5:88:9d:34:70:9d:20:45:a9:b7:
2c:9b:71:fd:3e:91:e4:07:f7:24:fc:42:4e:a3:31:17:d0:5e:
85:f9:e7:34
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICIFkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MTkx
MDE5NTVaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDBBOTU4NDZGQjQzRkZF
MTg4OEY5OTRCNUM1RTJEQjBEMEQyNzA4MDQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCj6HEjpwh3TM60qbZROGtw2fG2OMrMNCTItwFwkrAcSsuNS23A
1svly1AUrqFR3lLh5LLqPagWewto71fVk2ERuASUfvg7DnXaGOa9dC2RYWgAWW+D
HwYAo4fcePDSyoQzU1d8UYZxagXY0UdwyjxZvRq/69NdnY52Ybkw0NF9k5dzEEN5
PuPPwkXHU1HML1Lqut+p3cr7R9IkB0BitXGk5O4JjAkWeWFbDA++XgB0MAEguOXK
4TK1M+KdhLWyggEoYR4IThOVU6ksKMnaIQNeUmwO7oFAfMUT6UVex98xQTX8u6mx
v+ZOmgdQqOUmQ5Ch2Gh8ESaUjX2lsScNLBZbAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUCpWEb7Q//hiI+ZS1xeLbDQ0nCAQwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9DcFdFYjdRX19oaUktWlMx
eGVMYkRRMG5DQVEucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBABW1vcfoCBHBc1bMRPj/BcGcK7HXpQl9w6LJ
xrfmYfRbhpLb55PGUseBc4FC4pyHMC9r3FkX6wgJQe3mACWJTw8RjLqJWP+Pp2Ky
IXR09vK01N3xL/TEq6YWbj0GuZsKaidjpwjuaV5SdD1noDHb2Bx4vcP8TyWUKSsW
+XnJy98rpFAvvVQTv4sYWb04HDui9BKb2ZzjKyB3SVhmG5+QJI/Zpl9F2nr24lEH
wT6IrSG4Z3M+ZRdmroDDeD+9bZs6fN0BmHbQjW7bMSgzzo8uENwLaZrywBcN01td
TS44GZ/A1YidNHCdIEWptyybcf0+keQH9yT8Qk6jMRfQXoX55zQ=
-----END CERTIFICATE-----
Generated at Mon Jul 21 03:02:37 2025 by rpki-client