Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/PleuQwjNyg2gL_KjKj2nrmHe2bM.roa
File: PleuQwjNyg2gL_KjKj2nrmHe2bM.roa (raw, json)
Hash identifier: +/AE0uB6qmCbI+LqlV11Agn5Lt1zqdtsoPZZPVt2JTk=
Subject key identifier: 3E:57:AE:43:08:CD:CA:0D:A0:2F:F2:A3:2A:3D:A7:AE:61:DE:D9:B3
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 1E81
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/PleuQwjNyg2gL_KjKj2nrmHe2bM.roa
Signing time: Mon 16 Jun 2025 18:11:00 +0000
ROA not before: Mon 16 Jun 2025 18:11:00 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7809 (0x1e81)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 16 18:11:00 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=3E57AE4308CDCA0DA02FF2A32A3DA7AE61DED9B3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:99:12:8f:79:71:6e:24:84:81:38:fe:71:e2:
d5:09:ce:a5:ab:ef:c8:1c:bf:01:45:c5:29:01:96:
f4:cc:f1:c8:fb:a8:9f:49:fe:08:9f:0e:20:b5:22:
32:8c:b5:07:d7:9d:50:6f:31:8f:c8:fc:b2:46:40:
2d:01:97:5e:30:6e:24:32:ef:06:fd:a9:c4:f4:15:
f4:30:7f:b0:d8:e3:c3:45:7b:df:48:84:23:87:cd:
b2:27:2d:18:a4:88:96:a6:8b:74:3c:cc:39:3e:86:
41:76:1b:f7:df:88:72:bf:f7:96:22:d8:eb:e6:62:
c6:33:88:e1:8b:38:68:9c:44:f9:f6:e5:04:65:a6:
db:f8:55:b6:02:44:df:a0:93:8a:6e:e7:8c:18:b6:
ed:e1:08:63:75:e5:4b:07:7e:c4:ba:fb:63:0b:77:
59:6b:84:74:9f:5d:04:96:10:55:f8:f9:fb:c9:57:
72:cc:43:5f:25:3a:31:dd:95:ef:0c:a8:88:25:63:
ca:60:36:79:63:0b:ff:5d:b6:5a:52:14:1b:c4:2c:
6d:e1:57:09:c8:e0:78:c6:54:54:bc:c4:f1:00:e0:
cb:67:9f:c6:43:f0:72:06:ae:2a:4b:27:22:15:59:
6f:6e:48:53:0b:7a:26:55:9b:41:28:c1:a9:ae:5a:
ed:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:57:AE:43:08:CD:CA:0D:A0:2F:F2:A3:2A:3D:A7:AE:61:DE:D9:B3
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/PleuQwjNyg2gL_KjKj2nrmHe2bM.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
24:e2:e3:fc:75:d4:00:d0:af:cc:21:72:da:a6:63:10:9b:80:
e2:66:f9:53:d5:c4:bd:03:74:9b:97:f4:b9:dd:26:2b:e3:4d:
b0:ca:77:33:e0:d9:5b:0b:e7:ab:05:be:60:e5:38:d3:81:5f:
22:65:97:af:32:e6:68:94:96:15:10:33:17:a2:b3:5e:6a:f1:
ad:c5:4f:37:6f:f5:42:8c:d5:fd:ce:b3:67:02:85:8e:32:2c:
d5:98:3b:52:70:78:66:50:0e:d6:5f:4d:52:df:cc:01:99:23:
e8:c6:d9:2a:83:ec:e3:e3:b3:5e:32:bf:b9:65:5b:f7:1e:37:
ee:22:c7:6f:da:78:0e:0d:6f:f7:d5:30:c7:48:3d:24:83:b8:
6d:7a:55:52:1e:66:04:2a:77:5c:c8:4a:6c:7d:60:ab:a6:0f:
0c:cd:ff:b7:72:2e:db:8b:e5:c1:03:68:5a:57:a0:cc:39:c1:
c9:91:2c:bb:99:1e:0c:06:32:95:bb:2e:74:f8:a4:77:aa:c0:
4f:12:c1:3b:34:e8:a5:f0:26:a1:46:2f:dd:fe:01:4e:f9:b3:
71:7f:68:f4:80:5d:dc:2a:6c:12:db:a1:16:ac:3b:6a:8d:72:
98:6c:c2:63:78:22:4c:2d:96:55:cc:09:a8:0d:72:f6:28:f9:
ac:3c:98:de
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICHoEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MTYx
ODExMDBaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDNFNTdBRTQzMDhDRENB
MERBMDJGRjJBMzJBM0RBN0FFNjFERUQ5QjMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDfmRKPeXFuJISBOP5x4tUJzqWr78gcvwFFxSkBlvTM8cj7qJ9J
/gifDiC1IjKMtQfXnVBvMY/I/LJGQC0Bl14wbiQy7wb9qcT0FfQwf7DY48NFe99I
hCOHzbInLRikiJami3Q8zDk+hkF2G/ffiHK/95Yi2OvmYsYziOGLOGicRPn25QRl
ptv4VbYCRN+gk4pu54wYtu3hCGN15UsHfsS6+2MLd1lrhHSfXQSWEFX4+fvJV3LM
Q18lOjHdle8MqIglY8pgNnljC/9dtlpSFBvELG3hVwnI4HjGVFS8xPEA4Mtnn8ZD
8HIGripLJyIVWW9uSFMLeiZVm0EowamuWu17AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUPleuQwjNyg2gL/KjKj2nrmHe2bMwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9QbGV1UXdqTnlnMmdMX0tq
S2oybnJtSGUyYk0ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBACTi4/x11ADQr8whctqmYxCbgOJm+VPVxL0D
dJuX9LndJivjTbDKdzPg2VsL56sFvmDlONOBXyJll68y5miUlhUQMxeis15q8a3F
Tzdv9UKM1f3Os2cChY4yLNWYO1JweGZQDtZfTVLfzAGZI+jG2SqD7OPjs14yv7ll
W/ceN+4ix2/aeA4Nb/fVMMdIPSSDuG16VVIeZgQqd1zISmx9YKumDwzN/7dyLtuL
5cEDaFpXoMw5wcmRLLuZHgwGMpW7LnT4pHeqwE8SwTs06KXwJqFGL93+AU75s3F/
aPSAXdwqbBLboRasO2qNcphswmN4IkwtllXMCagNcvYo+aw8mN4=
-----END CERTIFICATE-----
Generated at Sun Jul 20 19:05:21 2025 by rpki-client