Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/TzNKVdv8ZZArjZHj3fTrNL0QSFk.roa
File: TzNKVdv8ZZArjZHj3fTrNL0QSFk.roa (raw, json)
Hash identifier: 79Ln9a8vjKzXEJo1W4WzYvjmwvgYQpkwOb4uk+mSqS8=
Subject key identifier: 4F:33:4A:55:DB:FC:65:90:2B:8D:91:E3:DD:F4:EB:34:BD:10:48:59
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0D31
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/TzNKVdv8ZZArjZHj3fTrNL0QSFk.roa
Signing time: Sat 24 May 2025 16:08:32 +0000
ROA not before: Sat 24 May 2025 16:08:32 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3377 (0xd31)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 24 16:08:32 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=4F334A55DBFC65902B8D91E3DDF4EB34BD104859
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:4d:d1:5f:ee:56:3c:d7:2c:bf:75:f2:63:2f:
42:91:33:35:08:bf:e4:02:7b:14:fb:7b:89:b4:df:
8b:29:c9:4a:7e:72:4a:6e:78:76:02:71:cc:fb:ab:
c3:3c:47:1e:b4:be:f0:70:01:47:61:9d:11:db:e1:
04:f4:c1:71:36:f8:5a:e0:0c:3a:a4:8f:d5:e4:0a:
45:83:ab:cf:2e:23:f8:a4:21:47:f5:90:8d:e8:77:
92:a7:66:a7:ef:e0:ae:68:ab:52:a0:d0:83:2c:34:
fe:c8:ba:18:24:8f:07:05:de:37:45:73:dd:22:6f:
71:87:93:e0:f3:38:31:50:7c:73:83:04:13:83:7a:
eb:24:89:c5:1c:66:8d:77:b0:71:76:e8:4f:55:e7:
cd:f9:74:f5:5d:91:3b:34:f6:24:d7:f0:a1:2d:cd:
78:28:01:dc:d0:b1:99:0f:6f:33:b9:46:da:b4:c6:
87:74:c1:14:da:32:75:fe:31:36:28:43:38:b8:7f:
f4:9a:93:1b:52:eb:3f:64:c7:bf:e2:46:94:27:05:
05:26:f5:a3:bf:cb:99:37:45:a4:42:08:75:d5:ac:
6f:53:f3:38:8c:6d:ba:52:aa:fc:88:2d:53:ae:c2:
ae:f2:d9:b9:6f:a1:1d:ac:15:04:87:36:c4:fa:f2:
f1:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:33:4A:55:DB:FC:65:90:2B:8D:91:E3:DD:F4:EB:34:BD:10:48:59
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/TzNKVdv8ZZArjZHj3fTrNL0QSFk.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
9e:4c:d5:bd:77:f4:77:7f:cf:70:03:a6:d9:e4:8b:18:f4:ef:
9d:fd:6b:8d:c4:e1:46:b7:2a:1f:78:e5:58:51:f8:0f:a1:0b:
41:71:d9:b5:4a:ae:6d:e9:1a:1f:f3:c0:13:6a:b9:14:ff:48:
4c:14:4c:2f:bf:47:9c:8c:f0:7f:6f:a4:8b:27:52:36:65:b8:
2d:ad:ce:85:55:8b:68:3b:ad:5b:97:64:68:8a:ae:30:46:d9:
71:5a:e4:33:99:2f:b5:38:6b:36:09:21:42:1c:97:66:e8:db:
3e:16:86:a9:72:62:2a:58:1c:a8:67:3e:85:6b:2f:9f:aa:3c:
ff:b9:69:db:a0:69:47:21:f9:87:a6:77:d7:af:8f:3d:22:7c:
4c:56:c1:1b:c7:a4:dc:d3:8d:59:de:3a:3a:13:92:59:f8:a9:
c2:26:69:5b:a9:d5:08:1d:33:85:43:5d:78:b6:0c:13:b1:19:
94:67:56:6d:0f:f2:5b:dd:09:a7:31:b9:67:3e:40:72:36:a5:
c3:d0:75:ed:e8:56:05:28:fb:81:2f:3e:03:a5:d8:e6:dc:8c:
f4:c2:81:d1:1d:48:6b:a7:70:75:86:05:0e:a2:92:31:7b:fa:
3e:ec:63:62:d4:3d:16:cd:73:2d:db:6b:6a:5d:53:e9:a7:af:
ff:a5:45:e7
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICDTEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MjQx
NjA4MzJaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDRGMzM0QTU1REJGQzY1
OTAyQjhEOTFFM0RERjRFQjM0QkQxMDQ4NTkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDSTdFf7lY81yy/dfJjL0KRMzUIv+QCexT7e4m034spyUp+ckpu
eHYCccz7q8M8Rx60vvBwAUdhnRHb4QT0wXE2+FrgDDqkj9XkCkWDq88uI/ikIUf1
kI3od5KnZqfv4K5oq1Kg0IMsNP7IuhgkjwcF3jdFc90ib3GHk+DzODFQfHODBBOD
euskicUcZo13sHF26E9V5835dPVdkTs09iTX8KEtzXgoAdzQsZkPbzO5Rtq0xod0
wRTaMnX+MTYoQzi4f/SakxtS6z9kx7/iRpQnBQUm9aO/y5k3RaRCCHXVrG9T8ziM
bbpSqvyILVOuwq7y2blvoR2sFQSHNsT68vG7AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUTzNKVdv8ZZArjZHj3fTrNL0QSFkwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9Uek5LVmR2OFpaQXJqWkhq
M2ZUck5MMFFTRmsucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBAJ5M1b139Hd/z3ADptnkixj07539a43E4Ua3
Kh945VhR+A+hC0Fx2bVKrm3pGh/zwBNquRT/SEwUTC+/R5yM8H9vpIsnUjZluC2t
zoVVi2g7rVuXZGiKrjBG2XFa5DOZL7U4azYJIUIcl2bo2z4WhqlyYipYHKhnPoVr
L5+qPP+5adugaUch+Yemd9evjz0ifExWwRvHpNzTjVneOjoTkln4qcImaVup1Qgd
M4VDXXi2DBOxGZRnVm0P8lvdCacxuWc+QHI2pcPQde3oVgUo+4EvPgOl2ObcjPTC
gdEdSGuncHWGBQ6ikjF7+j7sY2LUPRbNcy3ba2pdU+mnr/+lRec=
-----END CERTIFICATE-----
Generated at Wed Jun 4 01:21:11 2025 by rpki-client