Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/FyVoz226IU7X5QjYlgN-MdN_CR0.roa
File: FyVoz226IU7X5QjYlgN-MdN_CR0.roa (raw, json)
Hash identifier: H64bHk8+DbzkOSy2rPACvBetzBjpAJ/KlxUbwYXnZKk=
Subject key identifier: 17:25:68:CF:6D:BA:21:4E:D7:E5:08:D8:96:03:7E:31:D3:7F:09:1D
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 2155
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/FyVoz226IU7X5QjYlgN-MdN_CR0.roa
Signing time: Sat 21 Jun 2025 00:11:43 +0000
ROA not before: Sat 21 Jun 2025 00:11:43 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8533 (0x2155)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 21 00:11:43 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=172568CF6DBA214ED7E508D896037E31D37F091D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:55:3f:3a:91:9c:d9:3c:19:34:78:5a:9d:7f:
b9:e1:9a:4f:a7:57:74:4a:77:ab:3d:cb:0a:82:31:
23:9d:93:f5:6c:52:00:27:ce:37:6b:db:22:5e:80:
7c:bf:66:c8:e5:c5:a0:a8:29:db:e5:44:bc:58:ce:
0c:2e:f9:92:84:3a:a1:7d:aa:01:5f:2f:81:af:8c:
1b:12:ea:76:6c:a0:fa:79:7d:5b:b7:a6:63:26:e7:
4d:4c:f9:43:bf:7a:ff:02:27:55:5c:6a:9e:de:69:
2f:ad:fb:10:db:eb:11:8a:35:89:f9:76:0a:24:ed:
ee:4b:88:b8:6f:6b:0c:59:f2:22:4d:51:02:aa:3c:
2e:e1:a8:ff:18:b5:f0:0b:50:17:16:5a:bd:c6:cd:
8d:c4:f2:ca:71:68:d8:68:fa:9b:9f:16:f1:79:f7:
07:a5:f1:46:e4:7e:30:e5:42:cc:62:12:db:6e:75:
f1:60:0b:ba:5f:b0:5b:0c:ca:6a:65:dc:63:12:9f:
73:c4:05:c7:16:8c:c6:64:1b:68:79:41:1c:f4:5f:
a2:bc:bf:83:ee:13:94:cb:09:80:ff:2a:37:1f:e2:
22:76:52:77:67:ca:25:15:91:9b:e0:2f:75:23:62:
40:c6:b0:3a:b0:40:a1:ba:0f:de:10:4f:06:cf:bb:
2d:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:25:68:CF:6D:BA:21:4E:D7:E5:08:D8:96:03:7E:31:D3:7F:09:1D
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/FyVoz226IU7X5QjYlgN-MdN_CR0.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
37:ae:39:9f:fb:ce:86:26:91:34:24:ca:63:ea:f6:1b:04:c4:
8c:91:0b:54:5b:f6:ec:43:de:16:0e:a2:52:f7:67:bb:80:79:
84:ca:d3:8f:c4:7a:58:61:79:cf:5a:15:e6:d2:57:5d:09:bc:
87:64:83:bf:2d:af:14:99:f5:1f:af:e8:22:2f:ad:1f:fc:93:
7d:9e:92:65:85:76:0b:66:b2:48:08:8f:3a:c4:51:30:9c:14:
35:e8:6e:7c:f0:ed:93:72:40:09:21:27:6f:77:6c:90:3e:11:
d0:07:d4:0c:66:66:d6:36:c7:c2:58:11:7f:73:dd:f1:bf:ea:
a6:69:f7:6f:a9:24:bf:41:b2:e4:9c:73:0b:94:c8:9b:4e:17:
0f:68:b7:56:24:e7:30:b0:e9:29:03:f1:04:a3:e3:ca:b2:cb:
1e:21:7f:d7:89:35:51:71:82:78:5b:5b:e9:e7:5d:ed:2b:8c:
6f:21:d3:0a:04:dc:b5:99:df:a2:0a:fa:75:07:4d:c7:9c:e2:
c1:e3:6e:7e:46:eb:da:6a:27:3a:33:09:4b:38:bc:f2:08:26:
fc:18:a9:3f:13:9a:55:dd:ca:cf:f2:c0:df:bb:de:a8:58:d1:
c4:35:d8:2a:b8:30:83:34:b6:fe:47:0c:68:f3:71:a6:f5:a9:
bc:2f:4f:65
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICIVUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MjEw
MDExNDNaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDE3MjU2OENGNkRCQTIx
NEVEN0U1MDhEODk2MDM3RTMxRDM3RjA5MUQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCkVT86kZzZPBk0eFqdf7nhmk+nV3RKd6s9ywqCMSOdk/VsUgAn
zjdr2yJegHy/ZsjlxaCoKdvlRLxYzgwu+ZKEOqF9qgFfL4GvjBsS6nZsoPp5fVu3
pmMm501M+UO/ev8CJ1Vcap7eaS+t+xDb6xGKNYn5dgok7e5LiLhvawxZ8iJNUQKq
PC7hqP8YtfALUBcWWr3GzY3E8spxaNho+pufFvF59wel8UbkfjDlQsxiEttudfFg
C7pfsFsMympl3GMSn3PEBccWjMZkG2h5QRz0X6K8v4PuE5TLCYD/Kjcf4iJ2Undn
yiUVkZvgL3UjYkDGsDqwQKG6D94QTwbPuy37AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUFyVoz226IU7X5QjYlgN+MdN/CR0wHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9GeVZvejIyNklVN1g1UWpZ
bGdOLU1kTl9DUjAucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBADeuOZ/7zoYmkTQkymPq9hsExIyRC1Rb9uxD
3hYOolL3Z7uAeYTK04/Eelhhec9aFebSV10JvIdkg78trxSZ9R+v6CIvrR/8k32e
kmWFdgtmskgIjzrEUTCcFDXobnzw7ZNyQAkhJ293bJA+EdAH1AxmZtY2x8JYEX9z
3fG/6qZp92+pJL9BsuSccwuUyJtOFw9ot1Yk5zCw6SkD8QSj48qyyx4hf9eJNVFx
gnhbW+nnXe0rjG8h0woE3LWZ36IK+nUHTcec4sHjbn5G69pqJzozCUs4vPIIJvwY
qT8TmlXdys/ywN+73qhY0cQ12Cq4MIM0tv5HDGjzcab1qbwvT2U=
-----END CERTIFICATE-----
Generated at Mon Jul 21 08:28:41 2025 by rpki-client