Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/IhfuuWHot5JpLAHXwqs8UlgwD_M.roa
File: IhfuuWHot5JpLAHXwqs8UlgwD_M.roa (raw, json)
Hash identifier: jkEnq4bgHkEXg549E3SR+OQjRq1ncqbyXATkazYc5VY=
Subject key identifier: 22:17:EE:B9:61:E8:B7:92:69:2C:01:D7:C2:AB:3C:52:58:30:0F:F3
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 165D
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/IhfuuWHot5JpLAHXwqs8UlgwD_M.roa
Signing time: Thu 05 Jun 2025 21:40:14 +0000
ROA not before: Thu 05 Jun 2025 21:40:14 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5725 (0x165d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 5 21:40:14 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=2217EEB961E8B792692C01D7C2AB3C5258300FF3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:da:f9:6f:6d:82:99:47:10:21:c6:2f:5a:56:
7d:35:4a:e2:61:fd:83:e7:c1:52:e4:70:a4:d7:d5:
84:50:48:d4:7f:ac:86:88:54:58:69:78:7b:f5:38:
96:e5:a6:4b:00:36:88:85:bc:4b:8b:88:e2:0c:b1:
a3:5a:b5:77:95:19:c2:f2:46:3c:7d:a0:2b:5c:d0:
66:34:24:0b:78:c0:22:d6:f9:0a:e7:8a:6b:58:17:
37:34:9d:5c:a6:01:cc:9c:c1:a1:16:99:53:1d:c5:
75:9a:2a:c4:65:7e:e2:74:59:af:26:c5:d5:1a:df:
73:12:df:f3:2c:6c:82:7a:11:42:4a:22:c2:2d:59:
fe:66:54:0e:f1:7c:a6:e9:39:e8:ec:00:b6:f0:32:
ce:ae:53:cb:3b:16:f5:29:d2:af:ab:da:ce:67:0c:
31:80:42:d2:2e:00:bb:39:ee:e3:a9:ee:9a:a5:cb:
a1:3c:67:c9:5a:4f:96:ba:b4:f7:3a:27:40:3d:fa:
74:64:6f:91:78:af:61:fd:69:7b:fd:63:28:a0:02:
ad:c4:61:37:6d:f1:94:39:b7:36:f6:23:cd:72:77:
7c:2f:bf:f5:51:5d:15:70:f3:02:ed:49:ab:2d:10:
3b:17:37:dc:37:77:c8:40:aa:a3:d5:43:6c:d4:2b:
6b:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:17:EE:B9:61:E8:B7:92:69:2C:01:D7:C2:AB:3C:52:58:30:0F:F3
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/IhfuuWHot5JpLAHXwqs8UlgwD_M.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
91:39:2f:14:69:f9:27:16:e9:bc:7f:33:82:8e:c6:13:24:56:
af:62:62:8c:24:a9:5f:b1:8c:9b:f2:c7:f3:1d:71:30:57:f0:
c8:ac:11:07:12:27:d4:16:bd:43:ad:ee:36:70:a5:58:c9:de:
7f:85:64:a5:73:ca:0f:37:cc:27:8e:10:3f:ef:f1:6e:e7:2b:
f1:eb:5b:ef:28:71:87:8b:3c:68:68:f9:e6:89:ef:54:9b:d4:
e4:2e:95:1b:b8:c2:89:0c:7e:02:86:bc:de:54:d1:6e:75:4b:
82:29:4e:ce:7c:01:3d:61:b2:1b:de:80:e2:86:9b:ae:12:eb:
b1:51:53:fd:e4:be:13:58:b0:29:7d:d1:c4:71:d2:48:9b:fc:
a2:c0:ca:3a:1c:7c:25:e7:ee:89:46:b6:d3:de:a0:ce:b6:48:
20:e5:7e:ed:50:0f:19:bf:72:1c:a0:1f:29:5a:c2:31:9b:d6:
88:56:1f:7e:55:0e:87:41:05:52:8f:6f:e6:bc:c8:a8:96:2c:
a7:d9:64:5f:9a:c7:92:2a:2a:2e:e7:e6:f1:2c:5e:7d:8c:29:
94:6a:01:64:48:6d:cb:0d:57:29:83:ba:2c:17:21:06:4d:b9:
84:f6:cf:41:7e:45:11:26:d2:35:f1:6b:7d:5d:cb:6a:44:df:
14:29:01:25
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICFl0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MDUy
MTQwMTRaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDIyMTdFRUI5NjFFOEI3
OTI2OTJDMDFEN0MyQUIzQzUyNTgzMDBGRjMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDE2vlvbYKZRxAhxi9aVn01SuJh/YPnwVLkcKTX1YRQSNR/rIaI
VFhpeHv1OJblpksANoiFvEuLiOIMsaNatXeVGcLyRjx9oCtc0GY0JAt4wCLW+Qrn
imtYFzc0nVymAcycwaEWmVMdxXWaKsRlfuJ0Wa8mxdUa33MS3/MsbIJ6EUJKIsIt
Wf5mVA7xfKbpOejsALbwMs6uU8s7FvUp0q+r2s5nDDGAQtIuALs57uOp7pqly6E8
Z8laT5a6tPc6J0A9+nRkb5F4r2H9aXv9YyigAq3EYTdt8ZQ5tzb2I81yd3wvv/VR
XRVw8wLtSastEDsXN9w3d8hAqqPVQ2zUK2tNAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUIhfuuWHot5JpLAHXwqs8UlgwD/MwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9JaGZ1dVdIb3Q1SnBMQUhY
d3FzOFVsZ3dEX00ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBAJE5LxRp+ScW6bx/M4KOxhMkVq9iYowkqV+x
jJvyx/MdcTBX8MisEQcSJ9QWvUOt7jZwpVjJ3n+FZKVzyg83zCeOED/v8W7nK/Hr
W+8ocYeLPGho+eaJ71Sb1OQulRu4wokMfgKGvN5U0W51S4IpTs58AT1hshvegOKG
m64S67FRU/3kvhNYsCl90cRx0kib/KLAyjocfCXn7olGttPeoM62SCDlfu1QDxm/
chygHylawjGb1ohWH35VDodBBVKPb+a8yKiWLKfZZF+ax5IqKi7n5vEsXn2MKZRq
AWRIbcsNVymDuiwXIQZNuYT2z0F+RREm0jXxa31dy2pE3xQpASU=
-----END CERTIFICATE-----
Generated at Sun Jul 20 23:38:46 2025 by rpki-client