Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/GQizSorMPJErWnzILOsEu4ywbwk.roa
File: GQizSorMPJErWnzILOsEu4ywbwk.roa (raw, json)
Hash identifier: WgSqFPKF3Gx20FWruO+PYlm4YyLThqig6qw23oL7Eko=
Subject key identifier: 19:08:B3:4A:8A:CC:3C:91:2B:5A:7C:C8:2C:EB:04:BB:8C:B0:6F:09
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 1FF1
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/GQizSorMPJErWnzILOsEu4ywbwk.roa
Signing time: Wed 18 Jun 2025 16:52:16 +0000
ROA not before: Wed 18 Jun 2025 16:52:16 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8177 (0x1ff1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 18 16:52:16 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=1908B34A8ACC3C912B5A7CC82CEB04BB8CB06F09
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:47:7d:ed:8f:19:91:af:6c:0d:95:04:d3:06:
f0:7c:8c:ec:98:26:d6:2e:3f:86:fb:eb:06:bf:d9:
8b:ec:db:b9:24:97:3c:b9:f6:b9:27:34:92:95:55:
56:c9:18:38:72:30:49:00:22:28:e3:25:d9:28:71:
19:94:be:c0:07:26:e2:84:1c:91:4a:2e:86:72:65:
ee:bb:f4:0b:29:ed:b7:78:4b:3e:b3:c9:e4:ea:09:
4d:7f:a3:a4:c0:c5:d5:5e:bd:db:9d:f8:de:99:f3:
f2:02:4f:4e:09:46:07:6a:4a:45:fd:79:00:07:ea:
e4:e6:cb:67:71:e8:a5:1f:60:ce:ee:12:2e:16:8d:
e4:23:26:de:22:2f:04:81:09:fb:27:e1:82:6a:bf:
e4:f3:e9:62:7a:66:44:e3:d5:96:33:c8:0b:64:b2:
b0:e4:a5:e9:54:cb:52:1f:ae:69:e3:93:ef:84:74:
f9:60:b8:68:13:4b:eb:1c:4b:76:f1:4a:b7:2b:55:
5d:01:19:2d:2e:7f:b3:47:a2:ec:fe:45:3c:36:1e:
03:cd:5a:d9:73:72:9e:c6:9a:de:73:d6:60:93:fa:
b1:cc:9d:3d:ed:29:c6:de:e0:0b:65:7d:65:af:34:
5e:6b:f8:d2:5a:67:4d:69:8a:d3:f1:75:8e:19:3d:
56:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:08:B3:4A:8A:CC:3C:91:2B:5A:7C:C8:2C:EB:04:BB:8C:B0:6F:09
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/GQizSorMPJErWnzILOsEu4ywbwk.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
34:50:4f:ab:be:65:88:00:76:d2:64:f0:fb:3a:76:bc:fa:dc:
54:1a:34:18:66:c4:79:7b:d0:ed:2a:b8:64:45:35:28:16:b3:
c0:a0:ec:0e:5e:05:55:f5:a7:3d:18:c5:f5:de:70:e8:8a:6f:
62:47:76:8c:63:b7:39:18:59:b6:32:b9:20:70:ae:27:b4:bd:
1e:45:7c:14:37:73:f6:fc:03:ce:33:24:ea:31:4a:59:d1:7c:
9d:69:4c:6e:c2:e6:78:59:7d:09:08:01:e8:7f:47:d5:ab:54:
40:bd:55:9d:2b:27:bf:9f:2f:1b:85:d8:41:a6:3b:9d:94:10:
5a:3b:32:15:47:ed:3b:04:d4:89:7e:3f:49:f8:ee:1e:0a:04:
6c:00:e6:69:95:6f:d9:69:b3:58:de:1d:5e:67:3d:09:05:47:
d3:32:05:83:0e:bd:f5:53:51:c6:fc:8d:50:80:e8:fe:c0:88:
96:31:2e:69:01:f7:4d:ac:a5:6f:a9:db:13:23:4c:e2:8e:3c:
d7:f5:a0:d4:4e:09:bc:31:ae:fe:e7:78:3b:41:4e:f7:99:11:
52:41:94:cd:5b:73:b1:82:aa:94:fb:2a:7b:ae:a3:1a:d5:6f:
3c:6e:00:3f:19:31:ae:cc:72:99:be:22:3b:22:4f:1e:cf:3e:
e6:0e:0c:ec
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICH/EwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MTgx
NjUyMTZaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDE5MDhCMzRBOEFDQzND
OTEyQjVBN0NDODJDRUIwNEJCOENCMDZGMDkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDiR33tjxmRr2wNlQTTBvB8jOyYJtYuP4b76wa/2Yvs27kklzy5
9rknNJKVVVbJGDhyMEkAIijjJdkocRmUvsAHJuKEHJFKLoZyZe679Asp7bd4Sz6z
yeTqCU1/o6TAxdVevdud+N6Z8/ICT04JRgdqSkX9eQAH6uTmy2dx6KUfYM7uEi4W
jeQjJt4iLwSBCfsn4YJqv+Tz6WJ6ZkTj1ZYzyAtksrDkpelUy1Ifrmnjk++EdPlg
uGgTS+scS3bxSrcrVV0BGS0uf7NHouz+RTw2HgPNWtlzcp7Gmt5z1mCT+rHMnT3t
Kcbe4AtlfWWvNF5r+NJaZ01pitPxdY4ZPVbJAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUGQizSorMPJErWnzILOsEu4ywbwkwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9HUWl6U29yTVBKRXJXbnpJ
TE9zRXU0eXdid2sucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBADRQT6u+ZYgAdtJk8Ps6drz63FQaNBhmxHl7
0O0quGRFNSgWs8Cg7A5eBVX1pz0YxfXecOiKb2JHdoxjtzkYWbYyuSBwrie0vR5F
fBQ3c/b8A84zJOoxSlnRfJ1pTG7C5nhZfQkIAeh/R9WrVEC9VZ0rJ7+fLxuF2EGm
O52UEFo7MhVH7TsE1Il+P0n47h4KBGwA5mmVb9lps1jeHV5nPQkFR9MyBYMOvfVT
Ucb8jVCA6P7AiJYxLmkB902spW+p2xMjTOKOPNf1oNROCbwxrv7neDtBTveZEVJB
lM1bc7GCqpT7KnuuoxrVbzxuAD8ZMa7Mcpm+IjsiTx7PPuYODOw=
-----END CERTIFICATE-----
Generated at Mon Jul 21 08:18:51 2025 by rpki-client