Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/K9qTucOBn6zsIw1Yq9qp8b_SyjQ.roa
File: K9qTucOBn6zsIw1Yq9qp8b_SyjQ.roa (raw, json)
Hash identifier: WEcBr3BYC1Vple7ijEEU5S0+RHOAytNUyD8R4VRedwo=
Subject key identifier: 2B:DA:93:B9:C3:81:9F:AC:EC:23:0D:58:AB:DA:A9:F1:BF:D2:CA:34
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 2491
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/K9qTucOBn6zsIw1Yq9qp8b_SyjQ.roa
Signing time: Wed 25 Jun 2025 07:42:59 +0000
ROA not before: Wed 25 Jun 2025 07:42:59 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 9361 (0x2491)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 25 07:42:59 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=2BDA93B9C3819FACEC230D58ABDAA9F1BFD2CA34
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:94:3d:c2:d5:6e:49:2b:03:82:1d:39:12:7b:
5a:36:78:0a:83:0f:41:00:c9:2f:c5:9e:6e:93:be:
c1:0a:22:50:06:d4:4c:e3:db:47:e8:65:03:06:ff:
fa:d8:bd:c8:a2:5b:af:ad:e9:7d:b7:52:37:6c:c2:
bc:e4:ba:88:5b:c1:a2:1c:38:8d:c7:33:f7:12:f9:
f9:cf:d9:6b:ba:1e:2f:15:72:62:21:4e:ef:08:fd:
ce:29:92:af:1e:e8:37:c4:b9:aa:ec:bd:c9:10:68:
8b:f8:a8:eb:c8:39:6d:f6:58:a6:18:bd:2b:bb:45:
a8:17:40:84:ee:62:cc:64:71:36:3b:d7:7d:56:8b:
dc:77:3e:83:7f:0f:df:e7:ff:6e:89:ee:59:2b:20:
83:0b:af:39:cd:dc:0f:d0:75:ca:4b:14:bf:d7:31:
6c:cc:f0:4a:e2:41:03:10:c5:2b:2e:da:41:84:38:
64:01:ee:25:e3:c6:e6:de:d6:48:af:19:78:3a:20:
b9:08:12:5a:98:98:8b:b0:33:3c:28:24:ff:0e:8c:
95:c8:47:a4:63:b9:82:f3:7e:4e:cb:4b:07:2e:4c:
28:a2:18:44:22:c4:3c:a2:fc:b9:86:0b:4c:c2:c5:
ba:85:48:01:94:2c:2b:50:5b:02:2e:c8:0c:a0:5b:
48:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:DA:93:B9:C3:81:9F:AC:EC:23:0D:58:AB:DA:A9:F1:BF:D2:CA:34
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/K9qTucOBn6zsIw1Yq9qp8b_SyjQ.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
60:74:f5:b6:be:c7:e3:3f:97:ab:b1:2f:a2:de:00:61:b9:96:
99:0a:cc:b8:e3:1a:8d:0a:34:ca:e3:23:47:b9:35:26:28:e5:
50:5d:ee:b3:c3:cc:98:77:52:27:15:a0:23:c5:6c:f5:34:9c:
25:47:6e:dc:df:e3:9a:99:5a:df:65:59:43:ac:f0:d0:db:15:
b7:e7:a6:8c:9b:62:6d:a3:f4:78:e7:da:3d:bb:85:d3:63:31:
ae:c8:52:72:4b:8c:3c:85:25:36:da:d8:4a:73:45:80:3a:b5:
33:b7:59:bd:32:d3:8b:25:bd:32:79:ca:b6:cc:28:b1:a4:24:
27:69:de:24:9f:54:cd:7f:39:98:db:51:a4:52:8d:9d:fc:2f:
c3:4e:73:51:03:24:c9:ba:fc:0b:54:32:72:14:fb:cd:18:6d:
c3:49:36:12:91:ff:71:19:a5:d9:b8:9d:24:ef:fd:b0:c6:23:
ec:04:9e:23:9a:e8:6d:82:e5:42:cd:db:ba:d2:a1:e6:7f:d2:
f0:58:59:58:d3:8d:d9:82:e9:7f:f4:37:27:a5:95:86:66:78:
4f:7c:d6:77:a4:44:be:5e:ce:72:c8:11:cf:f9:38:00:11:a2:
dd:52:3e:22:96:b5:85:ee:0e:82:0a:48:52:20:ee:62:d1:ea:
5f:45:0a:9b
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICJJEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MjUw
NzQyNTlaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDJCREE5M0I5QzM4MTlG
QUNFQzIzMEQ1OEFCREFBOUYxQkZEMkNBMzQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCylD3C1W5JKwOCHTkSe1o2eAqDD0EAyS/Fnm6TvsEKIlAG1Ezj
20foZQMG//rYvciiW6+t6X23UjdswrzkuohbwaIcOI3HM/cS+fnP2Wu6Hi8VcmIh
Tu8I/c4pkq8e6DfEuarsvckQaIv4qOvIOW32WKYYvSu7RagXQITuYsxkcTY7131W
i9x3PoN/D9/n/26J7lkrIIMLrznN3A/QdcpLFL/XMWzM8EriQQMQxSsu2kGEOGQB
7iXjxube1kivGXg6ILkIElqYmIuwMzwoJP8OjJXIR6RjuYLzfk7LSwcuTCiiGEQi
xDyi/LmGC0zCxbqFSAGULCtQWwIuyAygW0gNAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUK9qTucOBn6zsIw1Yq9qp8b/SyjQwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9LOXFUdWNPQm42enNJdzFZ
cTlxcDhiX1N5alEucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBAGB09ba+x+M/l6uxL6LeAGG5lpkKzLjjGo0K
NMrjI0e5NSYo5VBd7rPDzJh3UicVoCPFbPU0nCVHbtzf45qZWt9lWUOs8NDbFbfn
poybYm2j9Hjn2j27hdNjMa7IUnJLjDyFJTba2EpzRYA6tTO3Wb0y04slvTJ5yrbM
KLGkJCdp3iSfVM1/OZjbUaRSjZ38L8NOc1EDJMm6/AtUMnIU+80YbcNJNhKR/3EZ
pdm4nSTv/bDGI+wEniOa6G2C5ULN27rSoeZ/0vBYWVjTjdmC6X/0NyellYZmeE98
1nekRL5eznLIEc/5OAARot1SPiKWtYXuDoIKSFIg7mLR6l9FCps=
-----END CERTIFICATE-----
Generated at Sun Jul 20 19:09:15 2025 by rpki-client