Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/TIRcSmXBPGgXJNr7KAJCHoC0fHg.roa
File: TIRcSmXBPGgXJNr7KAJCHoC0fHg.roa (raw, json)
Hash identifier: lgPAdDUNk3RrV9yuIC8BcTDArxjlY3C3jYWOwVvrH70=
Subject key identifier: 4C:84:5C:4A:65:C1:3C:68:17:24:DA:FB:28:02:42:1E:80:B4:7C:78
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 1325
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/TIRcSmXBPGgXJNr7KAJCHoC0fHg.roa
Signing time: Sun 01 Jun 2025 14:39:08 +0000
ROA not before: Sun 01 Jun 2025 14:39:08 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4901 (0x1325)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 1 14:39:08 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=4C845C4A65C13C681724DAFB2802421E80B47C78
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:24:17:c1:4c:dd:83:54:f7:96:73:a3:82:13:
87:d4:d4:a1:04:f3:37:4d:89:68:15:90:50:f3:8a:
50:34:e1:c0:56:67:05:5a:84:8f:a4:e8:2d:0b:55:
20:8a:69:1c:c7:92:c6:9b:f8:3a:6b:ff:ff:7f:85:
b6:a9:bf:3b:0a:4e:30:7d:8a:ed:03:9b:31:23:48:
5e:be:83:46:7d:de:9b:13:cb:41:3f:08:57:44:d6:
64:cf:ce:a7:40:25:b6:01:9f:02:e2:d4:d1:cb:54:
df:71:ec:a9:47:3c:0c:5e:d7:10:5f:de:d5:ad:07:
23:8a:87:6a:da:20:a2:09:a0:4a:ff:16:c0:2e:44:
3c:f0:92:1b:a9:a7:f6:1b:e0:f8:1b:08:ca:fc:0b:
13:4a:18:0a:b6:7a:01:8e:1c:a5:28:70:df:a9:78:
44:78:4c:90:66:85:5e:47:7d:0f:eb:cc:a9:cb:87:
a8:b5:24:b1:33:ce:1c:31:ab:f9:b8:ef:8f:2f:ea:
c0:30:30:b7:b0:81:8c:18:62:5e:23:a5:84:20:5c:
f1:3f:23:30:b6:df:ca:f5:ed:07:93:20:32:2a:80:
b5:2b:09:2f:ce:10:11:3f:b8:4e:ed:76:4e:ad:6e:
dd:c7:41:ca:eb:3c:c9:98:9e:1c:13:d0:25:aa:f7:
6c:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:84:5C:4A:65:C1:3C:68:17:24:DA:FB:28:02:42:1E:80:B4:7C:78
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/TIRcSmXBPGgXJNr7KAJCHoC0fHg.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
72:be:c6:0f:ea:cc:c4:3d:62:3e:40:11:05:c6:b4:74:ab:ec:
7d:c6:ff:d6:6b:86:2e:2f:be:e1:78:0e:c1:e6:86:da:3b:1b:
20:28:c0:a2:bf:ee:e0:5e:f6:ea:c0:60:8a:e2:c1:ae:0b:f7:
cb:c2:26:01:9f:9d:0d:74:cc:65:a5:5b:55:43:4b:5d:01:f0:
7f:fc:fe:cf:bb:e1:a2:08:98:81:db:5a:f9:a2:3a:11:32:6f:
dc:3f:c9:ad:ef:5b:e9:c9:c3:42:a5:be:0a:83:47:95:c3:c4:
01:88:ed:58:d3:63:f1:66:8b:1d:13:d0:ba:d1:a7:0c:fa:fe:
b2:92:82:42:8b:ec:16:d8:7c:b7:79:e9:fd:d4:2b:87:e0:d5:
ba:3f:47:0c:7e:51:95:83:c7:74:df:b4:c1:09:e0:0e:48:0a:
23:98:a1:f5:de:d4:46:6a:b1:14:0e:c6:bf:a3:79:c1:0e:8b:
75:37:b9:10:08:5a:3f:a4:ef:fb:2c:43:80:77:33:48:cb:e5:
0a:5c:c5:6a:0f:35:85:4d:de:5e:c8:51:69:88:b8:35:4a:b8:
4f:e0:79:b2:cb:d1:a4:b1:bd:0d:e5:20:dc:6a:85:8a:18:5c:
fe:57:26:89:40:18:38:ac:2f:7e:7e:73:81:97:35:7c:78:f3:
97:32:80:4a
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICEyUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MDEx
NDM5MDhaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDRDODQ1QzRBNjVDMTND
NjgxNzI0REFGQjI4MDI0MjFFODBCNDdDNzgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCwJBfBTN2DVPeWc6OCE4fU1KEE8zdNiWgVkFDzilA04cBWZwVa
hI+k6C0LVSCKaRzHksab+Dpr//9/hbapvzsKTjB9iu0DmzEjSF6+g0Z93psTy0E/
CFdE1mTPzqdAJbYBnwLi1NHLVN9x7KlHPAxe1xBf3tWtByOKh2raIKIJoEr/FsAu
RDzwkhupp/Yb4PgbCMr8CxNKGAq2egGOHKUocN+peER4TJBmhV5HfQ/rzKnLh6i1
JLEzzhwxq/m4748v6sAwMLewgYwYYl4jpYQgXPE/IzC238r17QeTIDIqgLUrCS/O
EBE/uE7tdk6tbt3HQcrrPMmYnhwT0CWq92wbAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUTIRcSmXBPGgXJNr7KAJCHoC0fHgwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9USVJjU21YQlBHZ1hKTnI3
S0FKQ0hvQzBmSGcucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBAHK+xg/qzMQ9Yj5AEQXGtHSr7H3G/9Zrhi4v
vuF4DsHmhto7GyAowKK/7uBe9urAYIriwa4L98vCJgGfnQ10zGWlW1VDS10B8H/8
/s+74aIImIHbWvmiOhEyb9w/ya3vW+nJw0KlvgqDR5XDxAGI7VjTY/Fmix0T0LrR
pwz6/rKSgkKL7BbYfLd56f3UK4fg1bo/Rwx+UZWDx3TftMEJ4A5ICiOYofXe1EZq
sRQOxr+jecEOi3U3uRAIWj+k7/ssQ4B3M0jL5QpcxWoPNYVN3l7IUWmIuDVKuE/g
ebLL0aSxvQ3lINxqhYoYXP5XJolAGDisL35+c4GXNXx485cygEo=
-----END CERTIFICATE-----
Generated at Wed Jun 4 00:52:36 2025 by rpki-client