Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/HD_DPzXTjqmIt0Tdt0bfc2LYIHM.roa
File: HD_DPzXTjqmIt0Tdt0bfc2LYIHM.roa (raw, json)
Hash identifier: HSpH4pt+Z16lyHZEENzC6oOAX7Wct8J6XoVBzpl8Izo=
Subject key identifier: 1C:3F:C3:3F:35:D3:8E:A9:88:B7:44:DD:B7:46:DF:73:62:D8:20:73
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 1EF5
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/HD_DPzXTjqmIt0Tdt0bfc2LYIHM.roa
Signing time: Tue 17 Jun 2025 08:40:04 +0000
ROA not before: Tue 17 Jun 2025 08:40:04 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7925 (0x1ef5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 17 08:40:04 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=1C3FC33F35D38EA988B744DDB746DF7362D82073
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:e1:3b:a0:85:0c:71:0e:a2:3e:af:2e:e8:2f:
9f:b8:2d:73:7b:a2:7c:fe:36:67:73:f9:47:c2:08:
df:d3:c8:3b:45:bc:f3:0e:e3:8c:da:35:79:1c:6b:
e2:b9:ef:cb:f0:06:89:ee:31:44:6a:e9:c1:3f:0f:
51:8b:6f:f9:a1:f7:26:62:0b:ae:a7:4f:cb:ed:d3:
bc:ee:ed:73:46:f2:47:26:e4:69:32:74:49:a8:30:
ef:78:d1:57:8c:81:56:40:26:07:82:62:73:07:ee:
fd:0f:b1:42:4e:c6:56:17:ac:f4:27:0f:e3:b4:9c:
bc:f0:f3:b4:99:02:16:ca:b8:24:81:9a:2f:6f:96:
fc:2c:b7:f3:3d:98:77:90:b9:b7:dc:89:1f:34:97:
a4:35:e4:b2:07:d3:f9:8b:2e:a6:74:f6:fe:4c:c3:
59:a1:80:db:8d:f7:d1:fa:87:0e:58:89:e5:66:f7:
fa:6c:dc:72:42:f3:63:2e:a8:67:fe:6b:d7:51:28:
38:28:8b:45:4b:fb:8f:8f:ec:42:a6:5a:40:ae:0d:
4d:c4:24:5d:e4:6b:5d:0b:84:02:6f:2b:c1:e3:6a:
bc:23:f1:a4:86:60:4a:c8:0d:50:01:1d:aa:48:24:
9b:2f:03:8a:c3:52:a8:86:9b:b9:42:b1:7d:30:e9:
57:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:3F:C3:3F:35:D3:8E:A9:88:B7:44:DD:B7:46:DF:73:62:D8:20:73
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/HD_DPzXTjqmIt0Tdt0bfc2LYIHM.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
8c:f6:ab:b4:fe:83:8f:81:d4:29:66:1c:a2:f1:dd:13:87:e5:
61:6f:b4:8c:e5:79:ef:d2:06:77:84:71:c1:06:e4:7c:69:9b:
35:dd:ac:d1:8a:97:a9:07:e2:0e:4b:12:b3:3f:c7:1b:fc:0c:
9f:83:1b:22:9e:ba:1e:52:e7:d6:08:7f:e1:e1:3b:f3:f2:4f:
01:ca:c7:bc:a1:bb:5e:b5:85:9e:16:fb:88:03:a7:fb:26:c1:
f9:a4:10:65:27:05:48:fc:0b:5e:f9:dc:e2:7a:2e:a0:77:14:
e0:fa:72:f5:43:96:6e:59:d0:8f:af:ec:5a:9f:73:36:d8:a0:
35:2c:7e:03:70:56:d8:be:1b:4a:3e:af:a6:b5:95:f0:4c:06:
bc:9c:fe:66:01:12:ab:6f:ce:a3:30:e8:29:25:dc:af:81:e9:
43:7f:db:be:36:c9:e1:4c:ba:7b:ab:d2:b9:3c:fa:4f:3e:27:
34:8d:9f:c1:4a:60:f3:29:20:cd:62:e6:0b:df:13:fa:84:1a:
1a:78:76:7e:6d:15:c2:9d:b0:29:18:38:6c:f8:76:69:87:ea:
03:29:44:46:64:0a:d2:5c:5c:2f:61:df:f3:72:c2:75:16:46:
3b:a8:c5:31:3b:1a:77:90:9d:29:c6:67:98:38:1a:3d:51:9f:
3c:36:48:2c
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICHvUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MTcw
ODQwMDRaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDFDM0ZDMzNGMzVEMzhF
QTk4OEI3NDREREI3NDZERjczNjJEODIwNzMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCs4TughQxxDqI+ry7oL5+4LXN7onz+Nmdz+UfCCN/TyDtFvPMO
44zaNXkca+K578vwBonuMURq6cE/D1GLb/mh9yZiC66nT8vt07zu7XNG8kcm5Gky
dEmoMO940VeMgVZAJgeCYnMH7v0PsUJOxlYXrPQnD+O0nLzw87SZAhbKuCSBmi9v
lvwst/M9mHeQubfciR80l6Q15LIH0/mLLqZ09v5Mw1mhgNuN99H6hw5YieVm9/ps
3HJC82MuqGf+a9dRKDgoi0VL+4+P7EKmWkCuDU3EJF3ka10LhAJvK8Hjarwj8aSG
YErIDVABHapIJJsvA4rDUqiGm7lCsX0w6Vc1AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUHD/DPzXTjqmIt0Tdt0bfc2LYIHMwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9IRF9EUHpYVGpxbUl0MFRk
dDBiZmMyTFlJSE0ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBAIz2q7T+g4+B1ClmHKLx3ROH5WFvtIzlee/S
BneEccEG5HxpmzXdrNGKl6kH4g5LErM/xxv8DJ+DGyKeuh5S59YIf+HhO/PyTwHK
x7yhu161hZ4W+4gDp/smwfmkEGUnBUj8C1753OJ6LqB3FOD6cvVDlm5Z0I+v7Fqf
czbYoDUsfgNwVti+G0o+r6a1lfBMBryc/mYBEqtvzqMw6Ckl3K+B6UN/2742yeFM
unur0rk8+k8+JzSNn8FKYPMpIM1i5gvfE/qEGhp4dn5tFcKdsCkYOGz4dmmH6gMp
REZkCtJcXC9h3/NywnUWRjuoxTE7GneQnSnGZ5g4Gj1Rnzw2SCw=
-----END CERTIFICATE-----
Generated at Sun Jul 20 19:09:10 2025 by rpki-client