Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/RLgUk6fOd_81KboHiW1929EODzQ.roa
File: RLgUk6fOd_81KboHiW1929EODzQ.roa (raw, json)
Hash identifier: i/zAm0n5Y9g62Px2Jnvffs0k8FOt6GbOxXSPsoyucDI=
Subject key identifier: 44:B8:14:93:A7:CE:77:FF:35:29:BA:07:89:6D:7D:DB:D1:0E:0F:34
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 2065
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/RLgUk6fOd_81KboHiW1929EODzQ.roa
Signing time: Thu 19 Jun 2025 13:01:18 +0000
ROA not before: Thu 19 Jun 2025 13:01:18 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8293 (0x2065)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 19 13:01:18 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=44B81493A7CE77FF3529BA07896D7DDBD10E0F34
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:6d:80:6c:86:71:29:18:40:13:93:c3:4a:29:
93:83:af:a2:17:ff:01:91:88:8a:00:4e:3e:c1:21:
2a:a3:6a:62:a8:e2:06:df:f0:eb:f5:88:0b:4b:c4:
d9:ab:d9:db:b2:1f:a3:f6:51:f0:1b:37:08:c0:92:
83:48:5e:38:39:94:0a:8c:54:48:ad:bc:36:fb:15:
7a:9c:a4:0b:88:9b:7a:14:38:98:97:f3:95:d4:f1:
8a:da:d9:f2:39:cd:15:2b:db:93:aa:40:29:1e:8c:
ca:4b:91:3a:9e:99:16:f4:17:9f:04:62:d5:5f:a0:
84:fe:bd:1f:20:64:67:dc:8f:80:9e:b5:50:ea:b3:
4e:55:d2:6c:92:f1:d0:fe:73:1f:44:18:0b:46:cc:
14:6f:65:aa:57:c8:7d:8a:61:c5:6b:64:6b:3a:23:
45:51:77:ee:ba:d2:b6:d4:ae:60:e1:85:55:4d:f6:
22:08:5b:28:cf:98:b0:80:55:53:97:9a:6c:ea:84:
f0:8a:bb:02:7b:37:e9:dc:36:c0:00:19:d9:7f:77:
89:db:f0:0a:b6:ee:ca:5c:c9:de:9f:56:ba:c1:17:
54:16:25:d6:bd:d0:97:61:7b:9b:45:e2:fe:6b:0f:
86:88:b1:23:51:68:57:69:67:0f:22:f9:4c:6c:71:
0c:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:B8:14:93:A7:CE:77:FF:35:29:BA:07:89:6D:7D:DB:D1:0E:0F:34
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/RLgUk6fOd_81KboHiW1929EODzQ.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
02:fa:21:c6:5c:87:a4:28:31:c4:7e:3f:68:71:ae:0c:b2:0d:
f1:c8:aa:5f:d7:a0:69:b6:ae:a3:5b:6c:5e:1c:85:0f:b5:b3:
97:d4:79:82:03:9d:92:e9:2f:b1:7b:7d:25:90:f8:39:bf:92:
9a:54:43:c2:ec:72:0b:da:fb:c2:5f:29:13:2c:c3:95:a7:4e:
61:9c:c0:58:67:01:07:0f:0d:aa:bf:8c:a1:e3:ce:95:09:71:
20:e3:2f:47:9b:dc:84:38:ae:e5:53:81:27:4e:57:dc:a0:7d:
ce:1a:49:c8:40:93:16:1e:8b:44:a5:af:8f:d1:19:ee:a0:2d:
ae:a7:f6:0a:e4:11:e4:f5:5b:dd:e5:46:b3:7d:10:c5:87:65:
45:67:7e:ea:c1:3b:0a:1c:1d:30:35:c1:ce:d3:3c:7b:d3:5d:
c1:77:58:73:c8:12:39:f9:0b:e2:12:d8:18:63:d9:2f:72:ce:
30:8a:78:be:da:2a:07:3c:92:67:22:87:2b:24:3e:d9:47:49:
5d:ab:b6:99:c1:aa:9b:c0:d7:ce:84:38:5c:50:94:b4:90:2f:
2b:4f:17:25:a6:5f:1b:32:aa:cf:3a:2a:81:86:25:04:67:be:
47:84:2d:30:62:00:94:fd:55:4e:15:57:9b:9f:33:ad:b0:9c:
b8:57:9d:ee
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICIGUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MTkx
MzAxMThaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDQ0QjgxNDkzQTdDRTc3
RkYzNTI5QkEwNzg5NkQ3RERCRDEwRTBGMzQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC6bYBshnEpGEATk8NKKZODr6IX/wGRiIoATj7BISqjamKo4gbf
8Ov1iAtLxNmr2duyH6P2UfAbNwjAkoNIXjg5lAqMVEitvDb7FXqcpAuIm3oUOJiX
85XU8Yra2fI5zRUr25OqQCkejMpLkTqemRb0F58EYtVfoIT+vR8gZGfcj4CetVDq
s05V0myS8dD+cx9EGAtGzBRvZapXyH2KYcVrZGs6I0VRd+660rbUrmDhhVVN9iII
WyjPmLCAVVOXmmzqhPCKuwJ7N+ncNsAAGdl/d4nb8Aq27spcyd6fVrrBF1QWJda9
0Jdhe5tF4v5rD4aIsSNRaFdpZw8i+UxscQz7AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQURLgUk6fOd/81KboHiW1929EODzQwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9STGdVazZmT2RfODFLYm9I
aVcxOTI5RU9EelEucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBAAL6IcZch6QoMcR+P2hxrgyyDfHIql/XoGm2
rqNbbF4chQ+1s5fUeYIDnZLpL7F7fSWQ+Dm/kppUQ8Lscgva+8JfKRMsw5WnTmGc
wFhnAQcPDaq/jKHjzpUJcSDjL0eb3IQ4ruVTgSdOV9ygfc4aSchAkxYei0Slr4/R
Ge6gLa6n9grkEeT1W93lRrN9EMWHZUVnfurBOwocHTA1wc7TPHvTXcF3WHPIEjn5
C+IS2Bhj2S9yzjCKeL7aKgc8kmcihyskPtlHSV2rtpnBqpvA186EOFxQlLSQLytP
FyWmXxsyqs86KoGGJQRnvkeELTBiAJT9VU4VV5ufM62wnLhXne4=
-----END CERTIFICATE-----
Generated at Mon Jul 21 13:38:11 2025 by rpki-client