Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/Jflb7V5E-n2p3VsnubNZ0m-tipE.roa
File: Jflb7V5E-n2p3VsnubNZ0m-tipE.roa (raw, json)
Hash identifier: tW2l2gfJ/DFfSbeSvGQfDbTmzKq5NJR/Rs83bwPimk8=
Subject key identifier: 25:F9:5B:ED:5E:44:FA:7D:A9:DD:5B:27:B9:B3:59:D2:6F:AD:8A:91
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 20C1
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/Jflb7V5E-n2p3VsnubNZ0m-tipE.roa
Signing time: Fri 20 Jun 2025 04:39:50 +0000
ROA not before: Fri 20 Jun 2025 04:39:50 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8385 (0x20c1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 20 04:39:50 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=25F95BED5E44FA7DA9DD5B27B9B359D26FAD8A91
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:63:3f:24:f4:4d:5d:e4:50:a5:3b:a5:fa:f3:
da:37:1d:d3:6e:8b:ac:02:03:d8:03:6c:15:1d:2a:
05:a2:ae:96:14:01:e0:0e:d0:0a:62:0f:fa:eb:f3:
81:b1:90:d5:7f:45:6c:21:5f:dc:70:de:88:0b:22:
74:4d:c4:e1:ff:b5:db:7e:ee:d7:6b:84:e4:c2:1f:
aa:cf:eb:f4:38:9a:cc:8a:3d:f5:6d:db:bf:fa:62:
9e:d2:c4:09:ce:61:63:3d:c3:f0:f5:17:90:1b:1c:
7f:ab:a0:00:59:75:55:e5:66:f2:10:9c:de:03:e1:
b5:50:1c:b3:0a:12:aa:88:74:6e:69:33:0e:59:66:
95:9d:b6:51:71:00:1f:ef:1b:7e:c2:72:a4:4d:22:
8e:79:4c:10:a9:b7:44:c6:0c:5c:c0:69:32:04:9f:
6d:07:53:29:cc:5e:cf:b8:ab:ca:9a:1a:30:8c:e0:
0d:71:24:68:2e:f9:79:b8:85:aa:78:64:f0:ec:43:
d6:a5:71:bb:82:61:f7:ac:5e:2c:df:91:c0:90:74:
25:a7:5d:6a:be:c4:41:23:ed:7a:44:6b:de:41:48:
df:90:0f:39:34:6e:eb:cc:e7:21:63:4e:4c:59:26:
99:00:34:ba:ff:d1:33:a4:55:5a:2c:e8:0d:71:28:
d8:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:F9:5B:ED:5E:44:FA:7D:A9:DD:5B:27:B9:B3:59:D2:6F:AD:8A:91
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/Jflb7V5E-n2p3VsnubNZ0m-tipE.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
19:49:73:20:76:03:c9:56:97:c1:71:4c:65:11:84:97:20:dc:
fc:0d:9d:a9:93:eb:63:10:32:1d:21:d6:37:a0:b7:43:11:81:
38:7e:7d:15:b6:cd:7a:76:f2:e4:55:33:0d:c5:59:fd:5f:cb:
1c:45:08:8b:a4:79:a7:8e:ec:15:0f:eb:dc:0f:c5:11:b5:5f:
59:12:4c:10:91:2a:01:c1:c1:b6:77:bc:3e:0c:5f:da:63:e1:
0a:75:56:37:88:48:42:39:a0:47:07:19:60:96:92:dc:75:f7:
22:80:e7:b6:17:c6:cc:82:e6:83:b3:59:e9:ea:3a:e7:e9:8b:
b5:e4:cd:a3:82:da:6a:5a:f4:1c:56:41:b3:14:1b:38:e8:96:
ad:d5:c3:8e:4d:8b:7a:1b:99:d6:17:29:29:7a:2f:5a:c4:0d:
ee:aa:c6:83:a6:66:48:85:f3:7b:43:e0:c3:67:3f:1d:04:86:
9e:5b:b6:47:cb:2d:3d:5d:63:b5:d0:ff:31:ff:f9:46:17:46:
2a:4e:35:20:b3:9c:90:dd:61:fd:1b:99:8c:8b:d4:f9:a5:aa:
3a:bd:9f:4c:a9:b3:a5:25:5c:19:ee:35:75:43:d4:2e:bd:02:
f4:7b:df:a5:46:b3:f7:24:d2:21:c6:a2:78:1f:9a:85:61:93:
7b:59:3e:91
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICIMEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MjAw
NDM5NTBaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDI1Rjk1QkVENUU0NEZB
N0RBOURENUIyN0I5QjM1OUQyNkZBRDhBOTEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDMYz8k9E1d5FClO6X689o3HdNui6wCA9gDbBUdKgWirpYUAeAO
0ApiD/rr84GxkNV/RWwhX9xw3ogLInRNxOH/tdt+7tdrhOTCH6rP6/Q4msyKPfVt
27/6Yp7SxAnOYWM9w/D1F5AbHH+roABZdVXlZvIQnN4D4bVQHLMKEqqIdG5pMw5Z
ZpWdtlFxAB/vG37CcqRNIo55TBCpt0TGDFzAaTIEn20HUynMXs+4q8qaGjCM4A1x
JGgu+Xm4hap4ZPDsQ9alcbuCYfesXizfkcCQdCWnXWq+xEEj7XpEa95BSN+QDzk0
buvM5yFjTkxZJpkANLr/0TOkVVos6A1xKNivAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUJflb7V5E+n2p3VsnubNZ0m+tipEwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9KZmxiN1Y1RS1uMnAzVnNu
dWJOWjBtLXRpcEUucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBABlJcyB2A8lWl8FxTGURhJcg3PwNnamT62MQ
Mh0h1jegt0MRgTh+fRW2zXp28uRVMw3FWf1fyxxFCIukeaeO7BUP69wPxRG1X1kS
TBCRKgHBwbZ3vD4MX9pj4Qp1VjeISEI5oEcHGWCWktx19yKA57YXxsyC5oOzWenq
Oufpi7XkzaOC2mpa9BxWQbMUGzjolq3Vw45Ni3obmdYXKSl6L1rEDe6qxoOmZkiF
83tD4MNnPx0Ehp5btkfLLT1dY7XQ/zH/+UYXRipONSCznJDdYf0bmYyL1Pmlqjq9
n0yps6UlXBnuNXVD1C69AvR736VGs/ck0iHGongfmoVhk3tZPpE=
-----END CERTIFICATE-----
Generated at Mon Jul 21 12:38:12 2025 by rpki-client