Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/Ia3Y3imSQCRW_o9tq56aR92z9P4.roa
File: Ia3Y3imSQCRW_o9tq56aR92z9P4.roa (raw, json)
Hash identifier: 4gzApvuRwLfxXnxXHk7bS2IXTIQ+K0bUQOWqAL12uYo=
Subject key identifier: 21:AD:D8:DE:29:92:40:24:56:FE:8F:6D:AB:9E:9A:47:DD:B3:F4:FE
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 2051
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/Ia3Y3imSQCRW_o9tq56aR92z9P4.roa
Signing time: Thu 19 Jun 2025 08:58:01 +0000
ROA not before: Thu 19 Jun 2025 08:58:01 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8273 (0x2051)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 19 08:58:01 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=21ADD8DE2992402456FE8F6DAB9E9A47DDB3F4FE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:96:d1:4a:b3:d1:e1:ce:aa:fe:d2:a5:be:a2:
90:23:fc:6e:07:df:ff:de:f1:67:7c:eb:1e:eb:b2:
ba:04:e9:85:a8:97:54:3c:e9:7c:f0:34:fa:d9:55:
2f:ed:18:db:ba:d7:0b:7f:39:0a:18:ac:b1:1b:94:
a3:20:82:64:47:e3:3c:16:d9:b2:37:f0:9b:56:c0:
29:b1:a7:53:9f:af:1e:0b:39:b4:2d:7b:a4:54:7d:
8f:6d:51:fa:32:4b:6d:38:46:90:2d:50:ec:8d:d7:
31:4b:2c:45:3a:e8:ea:77:25:35:55:a8:5d:4e:6d:
b4:7f:b0:c2:73:5a:8e:4b:dc:ea:45:ed:f6:66:4b:
fb:31:b4:1b:80:38:f9:b3:fc:bd:3a:0d:44:c6:06:
7d:ed:8c:c0:d6:07:32:30:93:6d:24:2d:1d:b5:b2:
29:03:6c:e8:31:6c:d2:db:47:b6:ce:a9:84:5b:a3:
18:45:d6:cf:fc:d3:aa:71:f8:4e:35:80:df:bf:cf:
a9:3e:6b:02:48:bd:a0:c7:f8:10:5a:a7:a2:db:25:
05:51:7a:ce:cd:d8:0c:32:79:20:58:55:0a:81:1c:
29:ff:4f:68:c0:f8:e5:63:e6:bd:ee:ba:89:1e:29:
5a:84:49:20:b8:f8:90:99:af:aa:19:47:fd:1e:64:
fd:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:AD:D8:DE:29:92:40:24:56:FE:8F:6D:AB:9E:9A:47:DD:B3:F4:FE
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/Ia3Y3imSQCRW_o9tq56aR92z9P4.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
13:72:87:1d:3b:cc:2f:47:3e:44:d2:6c:6b:59:1f:83:63:dc:
e6:aa:e5:f8:d1:31:26:8a:db:d9:8a:01:76:01:4a:e3:ef:aa:
0c:ef:16:9b:08:4b:bb:f2:69:94:11:8d:be:3f:dc:4d:48:33:
75:68:7e:3e:1b:fe:c3:e3:3b:13:ed:cb:09:b8:22:4c:84:0d:
54:de:3d:08:08:83:92:bd:76:e3:e2:4f:c3:d5:5a:8a:60:9b:
61:02:4f:6b:d2:68:ab:fd:98:b8:fa:57:08:2c:9f:a7:46:bf:
2c:de:ca:6e:49:e7:ea:bb:de:a8:cb:47:6a:0a:df:42:22:84:
cf:77:f4:4c:ce:40:13:03:50:57:28:f0:44:cc:c1:30:49:46:
7f:a3:e0:1a:18:67:09:71:76:91:a8:f3:50:8d:73:26:15:30:
0b:5b:0c:a8:4f:a7:eb:aa:23:6d:f5:34:44:bd:93:b5:bc:08:
6f:07:b3:04:2c:cd:fb:32:6a:e7:eb:8c:e2:30:4a:a2:f7:e0:
19:13:2c:ff:a6:da:78:d5:17:86:16:03:07:fc:c5:3e:d8:eb:
c0:c1:df:b6:1b:69:95:29:bd:42:6c:2b:4b:44:05:9b:e6:f5:
6e:1d:51:fb:a8:a7:ed:0c:b2:db:c5:fd:9e:82:90:5e:a0:94:
d4:25:b4:46
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICIFEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MTkw
ODU4MDFaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDIxQUREOERFMjk5MjQw
MjQ1NkZFOEY2REFCOUU5QTQ3RERCM0Y0RkUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDLltFKs9Hhzqr+0qW+opAj/G4H3//e8Wd86x7rsroE6YWol1Q8
6XzwNPrZVS/tGNu61wt/OQoYrLEblKMggmRH4zwW2bI38JtWwCmxp1Ofrx4LObQt
e6RUfY9tUfoyS204RpAtUOyN1zFLLEU66Op3JTVVqF1ObbR/sMJzWo5L3OpF7fZm
S/sxtBuAOPmz/L06DUTGBn3tjMDWBzIwk20kLR21sikDbOgxbNLbR7bOqYRboxhF
1s/806px+E41gN+/z6k+awJIvaDH+BBap6LbJQVRes7N2AwyeSBYVQqBHCn/T2jA
+OVj5r3uuokeKVqESSC4+JCZr6oZR/0eZP0zAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUIa3Y3imSQCRW/o9tq56aR92z9P4wHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9JYTNZM2ltU1FDUldfbzl0
cTU2YVI5Mno5UDQucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBABNyhx07zC9HPkTSbGtZH4Nj3Oaq5fjRMSaK
29mKAXYBSuPvqgzvFpsIS7vyaZQRjb4/3E1IM3Vofj4b/sPjOxPtywm4IkyEDVTe
PQgIg5K9duPiT8PVWopgm2ECT2vSaKv9mLj6Vwgsn6dGvyzeym5J5+q73qjLR2oK
30IihM939EzOQBMDUFco8ETMwTBJRn+j4BoYZwlxdpGo81CNcyYVMAtbDKhPp+uq
I231NES9k7W8CG8HswQszfsyaufrjOIwSqL34BkTLP+m2njVF4YWAwf8xT7Y68DB
37YbaZUpvUJsK0tEBZvm9W4dUfuop+0MstvF/Z6CkF6glNQltEY=
-----END CERTIFICATE-----
Generated at Sun Jul 20 23:18:09 2025 by rpki-client