Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/F1A-FIVGt8yzs2YBrwaFUfy1AKY.roa
File: F1A-FIVGt8yzs2YBrwaFUfy1AKY.roa (raw, json)
Hash identifier: FUGHFT9vVMuiCE9CDL+zO7dQrCZbu+6zHNYMtp1sQm4=
Subject key identifier: 17:50:3E:14:85:46:B7:CC:B3:B3:66:01:AF:06:85:51:FC:B5:00:A6
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 147D
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/F1A-FIVGt8yzs2YBrwaFUfy1AKY.roa
Signing time: Tue 03 Jun 2025 09:39:15 +0000
ROA not before: Tue 03 Jun 2025 09:39:15 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5245 (0x147d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 3 09:39:15 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=17503E148546B7CCB3B36601AF068551FCB500A6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:be:65:31:61:a0:fd:ed:cc:78:b2:0d:51:04:
56:a0:de:02:02:41:77:39:63:dd:44:06:bd:62:95:
ca:90:70:e7:c9:5b:e2:96:8d:b0:3a:07:ec:df:df:
a8:ba:20:ed:d3:e9:68:1a:66:0b:25:b5:88:b4:a1:
67:0f:07:56:ef:3d:de:da:97:49:20:ea:8c:02:95:
27:2d:c5:ca:58:57:59:e3:ed:49:0e:51:60:79:69:
3f:52:e4:2d:8a:10:94:a9:33:64:a8:fa:e0:df:78:
1d:fb:5d:e0:51:27:99:69:df:e9:bd:d3:df:95:ff:
56:b7:35:21:b7:0e:59:0e:56:43:42:00:25:3e:e6:
b8:ea:87:0e:e4:4b:19:78:0b:32:f3:ce:ee:07:8c:
ed:3d:46:03:d1:e1:1b:f4:94:ce:7c:0b:1e:77:67:
b3:9c:27:ed:5b:33:28:2c:d0:be:b3:f5:6f:79:ee:
39:2c:9f:fe:55:f9:72:e9:d1:f0:5c:f1:8a:da:e6:
7d:d4:9c:a8:71:20:60:1b:f4:fc:e7:17:89:b4:f4:
9d:c3:f7:ab:57:61:4b:9c:c6:4a:c3:aa:39:61:ed:
bb:a8:53:27:b8:bc:df:e4:a5:91:24:33:da:55:cf:
c4:c2:0b:d1:5a:1d:bf:bc:d1:80:5a:31:5d:4e:b6:
a2:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:50:3E:14:85:46:B7:CC:B3:B3:66:01:AF:06:85:51:FC:B5:00:A6
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/F1A-FIVGt8yzs2YBrwaFUfy1AKY.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
10:f4:83:95:48:07:64:61:65:2e:02:a6:cb:90:47:3c:53:1d:
ea:1a:56:0a:ce:4c:f2:52:c6:90:dd:95:d3:37:28:b7:82:5e:
16:4a:fc:65:e8:1e:cd:4a:f4:eb:fd:1b:06:57:14:82:e6:b8:
3a:2e:7f:35:dd:64:65:8c:75:ee:d9:91:05:a2:f1:7c:d3:df:
30:c5:bb:d9:35:a7:91:76:95:42:03:67:e7:10:2b:06:81:5a:
d1:9e:21:14:89:5e:d8:25:54:20:75:44:80:dc:0a:a0:7c:38:
e1:a9:a6:67:02:58:94:4e:23:8e:d4:c2:00:85:79:84:70:0e:
c7:28:2b:c6:5b:aa:da:29:2e:89:be:2b:03:8f:a0:32:0a:09:
06:1a:9c:44:ec:4e:22:e8:82:0b:e1:62:07:71:f5:ec:92:e1:
29:11:75:4b:e7:97:ad:fe:75:04:87:70:84:26:6b:76:ce:b7:
5c:57:0f:fb:a1:1d:e5:97:82:36:68:6b:2d:81:3c:b3:3a:cd:
40:8a:50:cf:8b:6f:7c:12:bf:63:4e:51:8f:bf:22:2a:56:8a:
c0:5b:8a:7c:42:3f:3e:ba:ab:a5:16:4c:34:0d:9b:7d:5f:a8:
14:26:3e:4c:9c:75:20:58:85:1a:d6:e0:8f:73:d5:3c:cd:02:
e5:09:e2:e2
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICFH0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MDMw
OTM5MTVaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDE3NTAzRTE0ODU0NkI3
Q0NCM0IzNjYwMUFGMDY4NTUxRkNCNTAwQTYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDCvmUxYaD97cx4sg1RBFag3gICQXc5Y91EBr1ilcqQcOfJW+KW
jbA6B+zf36i6IO3T6WgaZgsltYi0oWcPB1bvPd7al0kg6owClSctxcpYV1nj7UkO
UWB5aT9S5C2KEJSpM2So+uDfeB37XeBRJ5lp3+m909+V/1a3NSG3DlkOVkNCACU+
5rjqhw7kSxl4CzLzzu4HjO09RgPR4Rv0lM58Cx53Z7OcJ+1bMygs0L6z9W957jks
n/5V+XLp0fBc8Yra5n3UnKhxIGAb9PznF4m09J3D96tXYUucxkrDqjlh7buoUye4
vN/kpZEkM9pVz8TCC9FaHb+80YBaMV1OtqLhAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUF1A+FIVGt8yzs2YBrwaFUfy1AKYwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9GMUEtRklWR3Q4eXpzMllC
cndhRlVmeTFBS1kucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBABD0g5VIB2RhZS4CpsuQRzxTHeoaVgrOTPJS
xpDdldM3KLeCXhZK/GXoHs1K9Ov9GwZXFILmuDoufzXdZGWMde7ZkQWi8XzT3zDF
u9k1p5F2lUIDZ+cQKwaBWtGeIRSJXtglVCB1RIDcCqB8OOGppmcCWJROI47UwgCF
eYRwDscoK8ZbqtopLom+KwOPoDIKCQYanETsTiLoggvhYgdx9eyS4SkRdUvnl63+
dQSHcIQma3bOt1xXD/uhHeWXgjZoay2BPLM6zUCKUM+Lb3wSv2NOUY+/IipWisBb
inxCPz66q6UWTDQNm31fqBQmPkycdSBYhRrW4I9z1TzNAuUJ4uI=
-----END CERTIFICATE-----
Generated at Sun Jul 20 13:26:26 2025 by rpki-client