Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/TpmtO8LtsmfHgOroQ5Gz6mWIVUU.roa
File: TpmtO8LtsmfHgOroQ5Gz6mWIVUU.roa (raw, json)
Hash identifier: IZz7/HuNKwBpguAYpqfNh3OQkVXnUT/7yyUJ8kFpCN4=
Subject key identifier: 4E:99:AD:3B:C2:ED:B2:67:C7:80:EA:E8:43:91:B3:EA:65:88:55:45
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 154D
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/TpmtO8LtsmfHgOroQ5Gz6mWIVUU.roa
Signing time: Wed 04 Jun 2025 11:39:20 +0000
ROA not before: Wed 04 Jun 2025 11:39:20 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5453 (0x154d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 4 11:39:20 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=4E99AD3BC2EDB267C780EAE84391B3EA65885545
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:d9:2d:7f:d4:83:0b:32:04:81:ae:e8:b4:be:
b1:eb:4d:30:fa:21:7c:0c:5e:9f:a8:60:f6:0d:0c:
0f:7b:38:f9:58:22:ef:94:7c:55:6d:8f:25:5b:03:
5c:d7:7b:51:14:bf:cc:b0:e6:ef:13:34:4b:92:56:
3a:14:02:0c:59:b1:7e:4a:fd:ef:f7:c4:62:66:aa:
8c:11:2e:30:14:e3:cd:ab:27:4f:bf:93:45:98:0c:
e4:63:93:fa:8d:94:33:3b:74:77:16:89:30:9d:88:
8e:38:3b:26:6a:02:17:13:b3:a3:c1:a8:36:7f:0e:
a5:2f:e6:ee:4c:96:00:7d:c6:30:65:9c:40:cc:06:
d2:0e:6f:3f:f4:f9:83:8e:ec:d6:89:72:06:48:c8:
20:ac:33:bb:22:ad:8c:fd:f4:26:11:19:a8:c4:a6:
9b:19:fd:a3:d0:80:c0:10:0a:96:d4:ab:b2:0c:57:
ee:39:e8:b8:c1:67:a1:7e:df:16:fb:2f:0c:6f:2b:
ea:bc:05:92:55:ff:7b:dc:f6:22:81:04:24:f6:20:
05:2c:f6:0d:25:70:10:6e:9b:9d:42:d3:6c:70:a3:
56:5b:db:26:3b:ea:2c:1b:ad:96:b1:7f:c4:53:a3:
97:f1:9d:0b:69:3c:9d:81:d1:82:fa:b0:58:05:61:
5b:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:99:AD:3B:C2:ED:B2:67:C7:80:EA:E8:43:91:B3:EA:65:88:55:45
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/TpmtO8LtsmfHgOroQ5Gz6mWIVUU.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
77:99:a1:27:2a:14:27:0c:7d:ba:4b:72:42:5b:5a:ba:bb:2f:
42:13:5b:bf:ba:6f:1f:22:e2:d4:44:2e:88:c8:76:16:2c:7b:
82:d8:58:84:65:fc:a0:38:be:47:92:cd:85:a6:c7:e6:46:02:
6a:7b:fb:92:7d:cf:33:80:e6:55:71:98:c2:ed:59:ee:32:9c:
dd:14:65:fc:f1:c5:d2:8e:59:c2:b0:aa:59:4e:bf:62:38:25:
a0:13:9a:b6:e8:9f:15:ec:19:15:b1:b2:61:c4:f1:e5:68:6d:
12:8b:0e:5b:c4:ae:99:99:9c:77:e5:f1:42:20:ea:c5:8b:d1:
d4:84:81:25:10:d6:03:74:c2:b6:e1:4d:a3:7c:6e:a8:ec:18:
6e:19:b4:2d:29:61:4e:ae:0a:ff:66:d0:0d:ea:4b:2c:61:24:
cb:b2:22:b7:92:92:6f:3e:0e:04:ac:61:7b:a7:1b:10:3d:a3:
9e:39:80:5b:a1:9b:0f:8c:55:a5:cb:cc:bf:1e:f3:7d:70:ca:
e1:bb:c0:9c:07:e4:78:62:f7:4c:55:19:71:c0:e0:c7:05:92:
50:b9:1f:d1:72:82:ee:4b:2e:b3:d5:a2:c7:40:cc:b4:fe:69:
60:d6:62:c2:2a:0c:18:5d:c5:0c:f9:d2:20:52:ed:7a:07:8b:
fa:80:37:53
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICFU0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MDQx
MTM5MjBaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDRFOTlBRDNCQzJFREIy
NjdDNzgwRUFFODQzOTFCM0VBNjU4ODU1NDUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDC2S1/1IMLMgSBrui0vrHrTTD6IXwMXp+oYPYNDA97OPlYIu+U
fFVtjyVbA1zXe1EUv8yw5u8TNEuSVjoUAgxZsX5K/e/3xGJmqowRLjAU482rJ0+/
k0WYDORjk/qNlDM7dHcWiTCdiI44OyZqAhcTs6PBqDZ/DqUv5u5MlgB9xjBlnEDM
BtIObz/0+YOO7NaJcgZIyCCsM7sirYz99CYRGajEppsZ/aPQgMAQCpbUq7IMV+45
6LjBZ6F+3xb7LwxvK+q8BZJV/3vc9iKBBCT2IAUs9g0lcBBum51C02xwo1Zb2yY7
6iwbrZaxf8RTo5fxnQtpPJ2B0YL6sFgFYVuRAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUTpmtO8LtsmfHgOroQ5Gz6mWIVUUwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9UcG10TzhMdHNtZkhnT3Jv
UTVHejZtV0lWVVUucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBAHeZoScqFCcMfbpLckJbWrq7L0ITW7+6bx8i
4tRELojIdhYse4LYWIRl/KA4vkeSzYWmx+ZGAmp7+5J9zzOA5lVxmMLtWe4ynN0U
ZfzxxdKOWcKwqllOv2I4JaATmrbonxXsGRWxsmHE8eVobRKLDlvErpmZnHfl8UIg
6sWL0dSEgSUQ1gN0wrbhTaN8bqjsGG4ZtC0pYU6uCv9m0A3qSyxhJMuyIreSkm8+
DgSsYXunGxA9o545gFuhmw+MVaXLzL8e831wyuG7wJwH5Hhi90xVGXHA4McFklC5
H9Fygu5LLrPVosdAzLT+aWDWYsIqDBhdxQz50iBS7XoHi/qAN1M=
-----END CERTIFICATE-----
Generated at Mon Jul 21 03:02:28 2025 by rpki-client