Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/GRjJdA3hXliv_0QA4m4eHBcuqxg.roa
File: GRjJdA3hXliv_0QA4m4eHBcuqxg.roa (raw, json)
Hash identifier: T4oBz8J9o6MY6esZqhFX+3QI3YEBE3/ELhnNq4e7rxg=
Subject key identifier: 19:18:C9:74:0D:E1:5E:58:AF:FF:44:00:E2:6E:1E:1C:17:2E:AB:18
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 1EA1
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/GRjJdA3hXliv_0QA4m4eHBcuqxg.roa
Signing time: Mon 16 Jun 2025 22:13:13 +0000
ROA not before: Mon 16 Jun 2025 22:13:13 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7841 (0x1ea1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 16 22:13:13 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=1918C9740DE15E58AFFF4400E26E1E1C172EAB18
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:24:85:05:fa:89:5f:b4:13:79:3f:b7:f3:b3:
87:90:68:92:4c:b3:06:9a:9a:ef:b2:9b:d7:27:70:
f1:3c:f7:46:c0:72:ae:70:c0:6f:4c:3d:6e:8c:cf:
32:c7:d4:8c:4b:fd:9d:30:74:03:a9:34:c5:2c:94:
ba:e8:0f:9d:71:6f:16:0b:b1:62:29:ee:ab:a2:67:
05:47:3b:07:9a:a4:4f:19:fc:bc:a7:5d:6d:6d:78:
df:61:d0:fc:23:d7:05:94:b5:13:22:a5:86:e9:d1:
88:e8:2b:8f:16:7f:0e:3a:ab:76:49:2b:58:b7:4c:
b8:06:3f:a7:5d:1f:88:78:e9:19:22:44:a8:12:47:
1b:58:d7:08:47:a1:25:b2:9d:82:ed:cb:c5:de:1e:
7b:d0:50:59:03:61:94:85:83:33:89:17:a3:7b:b8:
97:4c:fe:c3:3d:a4:fa:47:2d:e4:13:a8:9e:6c:f9:
6b:93:7e:bb:86:a6:24:11:79:8c:80:4f:75:81:1f:
9c:c4:62:2e:e3:c9:a0:3a:48:75:00:da:0d:4b:f3:
0b:55:b4:3f:95:36:a0:41:50:f1:04:c4:7c:48:fc:
50:40:d0:db:a5:7e:b7:ad:dd:69:5e:11:46:c6:07:
ff:29:66:dd:2e:2b:a7:89:8d:c2:76:55:35:a9:15:
9a:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:18:C9:74:0D:E1:5E:58:AF:FF:44:00:E2:6E:1E:1C:17:2E:AB:18
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/GRjJdA3hXliv_0QA4m4eHBcuqxg.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
46:2e:fe:22:18:a6:8f:28:91:90:c8:00:fc:7e:2e:92:9f:61:
29:4e:6f:52:e3:80:39:ab:b5:35:17:23:a7:87:7e:4c:6e:77:
fe:14:c8:7b:b9:24:dd:f6:90:8d:b3:58:de:52:4a:a7:cd:cc:
30:d6:43:f6:84:87:2a:e6:22:39:e2:8b:dd:71:64:4f:cb:60:
0d:18:9d:c1:a3:50:6f:c7:85:28:52:36:d4:f0:24:02:2f:e5:
82:b8:2d:c4:fc:b1:20:51:45:b3:2f:f4:76:5f:68:7a:a4:99:
db:82:36:05:00:94:a9:1b:15:50:85:d7:36:d7:e1:3e:11:8d:
86:fb:15:79:58:0f:72:b0:3d:22:3c:b6:37:df:de:6c:9b:41:
23:ea:b0:7f:77:ad:5a:92:02:b5:a4:0c:ea:be:45:cb:60:9b:
f5:14:58:73:13:d1:54:35:d4:22:f7:18:c7:f6:48:e9:35:fa:
9e:b3:d1:a7:e3:15:52:71:7a:a1:0b:7b:cd:8f:5b:3e:e9:0b:
bd:0c:a6:7a:ae:84:9e:e8:3b:ef:7e:d0:6e:2e:39:03:26:64:
68:2b:d7:bd:88:e0:9e:cd:b4:44:c6:ae:42:cc:39:1f:d7:b9:
81:67:df:f7:80:bc:1a:89:b4:8c:f8:15:af:90:50:46:41:65:
17:91:03:45
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICHqEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MTYy
MjEzMTNaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDE5MThDOTc0MERFMTVF
NThBRkZGNDQwMEUyNkUxRTFDMTcyRUFCMTgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDbJIUF+olftBN5P7fzs4eQaJJMswaamu+ym9cncPE890bAcq5w
wG9MPW6MzzLH1IxL/Z0wdAOpNMUslLroD51xbxYLsWIp7quiZwVHOweapE8Z/Lyn
XW1teN9h0Pwj1wWUtRMipYbp0YjoK48Wfw46q3ZJK1i3TLgGP6ddH4h46RkiRKgS
RxtY1whHoSWynYLty8XeHnvQUFkDYZSFgzOJF6N7uJdM/sM9pPpHLeQTqJ5s+WuT
fruGpiQReYyAT3WBH5zEYi7jyaA6SHUA2g1L8wtVtD+VNqBBUPEExHxI/FBA0Nul
fret3WleEUbGB/8pZt0uK6eJjcJ2VTWpFZq7AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUGRjJdA3hXliv/0QA4m4eHBcuqxgwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9HUmpKZEEzaFhsaXZfMFFB
NG00ZUhCY3VxeGcucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBAEYu/iIYpo8okZDIAPx+LpKfYSlOb1LjgDmr
tTUXI6eHfkxud/4UyHu5JN32kI2zWN5SSqfNzDDWQ/aEhyrmIjnii91xZE/LYA0Y
ncGjUG/HhShSNtTwJAIv5YK4LcT8sSBRRbMv9HZfaHqkmduCNgUAlKkbFVCF1zbX
4T4RjYb7FXlYD3KwPSI8tjff3mybQSPqsH93rVqSArWkDOq+Rctgm/UUWHMT0VQ1
1CL3GMf2SOk1+p6z0afjFVJxeqELe82PWz7pC70MpnquhJ7oO+9+0G4uOQMmZGgr
172I4J7NtETGrkLMOR/XuYFn3/eAvBqJtIz4Fa+QUEZBZReRA0U=
-----END CERTIFICATE-----
Generated at Sun Jul 20 13:26:02 2025 by rpki-client