Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/QTaxXDKZ93o4jTV4Mra-xZiMwM0.roa
File: QTaxXDKZ93o4jTV4Mra-xZiMwM0.roa (raw, json)
Hash identifier: g1SqcMohFLD0zdQgJTe3ZDL6r0QLXxA6t4ZRcjEtFtI=
Subject key identifier: 41:36:B1:5C:32:99:F7:7A:38:8D:35:78:32:B6:BE:C5:98:8C:C0:CD
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 2259
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/QTaxXDKZ93o4jTV4Mra-xZiMwM0.roa
Signing time: Sun 22 Jun 2025 08:41:48 +0000
ROA not before: Sun 22 Jun 2025 08:41:48 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8793 (0x2259)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 22 08:41:48 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=4136B15C3299F77A388D357832B6BEC5988CC0CD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:33:80:0f:26:23:47:a8:fa:30:78:9f:2b:44:
ac:2a:76:43:f6:51:66:88:3c:3c:62:a1:13:63:29:
1e:b2:a2:ff:74:20:f4:e1:d1:0f:84:5c:df:ea:ac:
03:b5:9c:61:75:1e:f9:47:57:b8:eb:45:77:35:c7:
2f:42:38:72:f4:e5:de:04:17:f9:15:48:cb:02:85:
5d:52:f0:d4:6f:46:ce:37:71:56:c9:ad:d1:20:4c:
23:9d:f7:16:08:4d:2a:6b:20:84:56:b5:97:98:c1:
89:f2:8f:75:05:cf:80:e0:96:88:3e:1b:0c:be:4a:
17:81:6c:88:ae:7d:f8:e7:c0:1b:75:b4:aa:dc:6a:
37:a1:74:eb:44:5d:8d:7a:cf:c9:5b:69:10:3c:48:
a0:74:88:82:bb:67:73:91:9c:68:d2:2f:5e:79:f3:
9f:93:62:07:d3:0d:06:50:7a:ae:1d:77:c3:94:ff:
1f:4f:85:75:3a:34:57:13:b7:95:eb:e9:36:61:6d:
60:3e:ee:a3:23:3a:b0:51:f4:fd:e0:95:c5:e6:22:
4b:d9:9a:a5:83:e4:eb:2f:ae:12:6b:24:b8:45:7b:
b4:71:77:99:ad:47:f7:ce:83:99:6b:12:bc:43:c4:
58:8f:11:8e:e7:d5:b3:16:6c:22:c7:cb:f0:f4:ef:
33:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:36:B1:5C:32:99:F7:7A:38:8D:35:78:32:B6:BE:C5:98:8C:C0:CD
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/QTaxXDKZ93o4jTV4Mra-xZiMwM0.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
48:fe:97:55:6f:9c:ab:30:24:ca:53:92:a9:f9:39:3d:fb:c4:
c7:89:4d:89:bb:91:ac:96:b7:26:df:c5:46:60:f1:d9:ce:3b:
47:63:ee:23:00:c3:68:5b:a8:c3:82:97:a0:b4:dc:55:12:6a:
d1:b7:e7:0d:95:9c:07:42:85:4a:01:dd:4a:11:be:c2:c6:96:
af:44:af:0d:59:4f:56:d5:42:67:b6:cd:3e:2a:81:81:79:fc:
2c:1b:0e:b2:27:85:cf:25:3b:b5:91:2f:7f:3f:e8:38:1a:68:
b1:2f:10:e4:78:91:00:6b:a3:b2:70:ee:6c:96:42:38:d2:6a:
46:66:a0:2c:2c:80:5a:cc:56:e2:1a:ce:d7:93:19:78:c3:5b:
81:8d:c5:07:f1:f8:d6:ad:f0:1a:e8:aa:63:37:0a:db:5e:2d:
d5:a6:49:ec:84:bb:09:e7:d8:3c:73:f7:7f:ef:63:b3:5e:60:
24:0c:a2:c2:b3:3c:44:66:45:b5:8d:09:83:1b:37:f1:77:61:
f1:4e:90:65:f3:5a:bd:43:1b:5e:5b:a3:57:ce:61:f9:2a:0a:
fb:30:4a:bc:53:de:67:17:1f:de:f8:28:89:91:74:40:47:94:
50:11:d4:90:b5:f7:99:2f:c6:c0:ae:5c:4c:3a:6a:fd:a7:94:
12:c4:44:1d
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICIlkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MjIw
ODQxNDhaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDQxMzZCMTVDMzI5OUY3
N0EzODhEMzU3ODMyQjZCRUM1OTg4Q0MwQ0QwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC4M4APJiNHqPoweJ8rRKwqdkP2UWaIPDxioRNjKR6yov90IPTh
0Q+EXN/qrAO1nGF1HvlHV7jrRXc1xy9COHL05d4EF/kVSMsChV1S8NRvRs43cVbJ
rdEgTCOd9xYITSprIIRWtZeYwYnyj3UFz4Dglog+Gwy+SheBbIiuffjnwBt1tKrc
ajehdOtEXY16z8lbaRA8SKB0iIK7Z3ORnGjSL15585+TYgfTDQZQeq4dd8OU/x9P
hXU6NFcTt5Xr6TZhbWA+7qMjOrBR9P3glcXmIkvZmqWD5OsvrhJrJLhFe7Rxd5mt
R/fOg5lrErxDxFiPEY7n1bMWbCLHy/D07zOTAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUQTaxXDKZ93o4jTV4Mra+xZiMwM0wHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9RVGF4WERLWjkzbzRqVFY0
TXJhLXhaaU13TTAucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBAEj+l1VvnKswJMpTkqn5OT37xMeJTYm7kayW
tybfxUZg8dnOO0dj7iMAw2hbqMOCl6C03FUSatG35w2VnAdChUoB3UoRvsLGlq9E
rw1ZT1bVQme2zT4qgYF5/CwbDrInhc8lO7WRL38/6DgaaLEvEOR4kQBro7Jw7myW
QjjSakZmoCwsgFrMVuIazteTGXjDW4GNxQfx+Nat8BroqmM3CtteLdWmSeyEuwnn
2Dxz93/vY7NeYCQMosKzPERmRbWNCYMbN/F3YfFOkGXzWr1DG15bo1fOYfkqCvsw
SrxT3mcXH974KImRdEBHlFAR1JC195kvxsCuXEw6av2nlBLERB0=
-----END CERTIFICATE-----
Generated at Mon Jul 21 02:58:07 2025 by rpki-client