Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/UK89wvEqkMEdx8nUhpazl3dVvO8.roa
File: UK89wvEqkMEdx8nUhpazl3dVvO8.roa (raw, json)
Hash identifier: L0fbkelM6ZRcNB2fPE7peJucJHqEazUVieNHvDpxljc=
Subject key identifier: 50:AF:3D:C2:F1:2A:90:C1:1D:C7:C9:D4:86:96:B3:97:77:55:BC:EF
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 1DC9
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/UK89wvEqkMEdx8nUhpazl3dVvO8.roa
Signing time: Sun 15 Jun 2025 19:19:34 +0000
ROA not before: Sun 15 Jun 2025 19:19:34 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7625 (0x1dc9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 15 19:19:34 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=50AF3DC2F12A90C11DC7C9D48696B3977755BCEF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:8d:8d:63:f8:95:96:db:d5:25:b9:8a:d2:b1:
b3:6c:d8:13:f3:27:81:99:22:16:e2:8d:2e:60:99:
98:b1:72:97:8b:a1:b7:eb:1a:d1:e3:e5:6c:41:a1:
73:33:a7:c3:81:ad:59:ad:d3:14:f0:22:60:82:61:
fd:48:75:f2:71:1a:36:ff:34:46:63:e0:cc:8a:15:
e1:0c:d5:21:db:6c:17:40:5c:3e:89:fc:49:dc:38:
e0:11:34:aa:04:1b:ca:15:56:6f:e3:4f:6c:d9:ba:
e6:e9:18:a6:4e:37:23:b5:b3:55:cc:85:12:f6:1a:
61:e7:5b:cd:2d:cc:e1:57:6a:0a:03:92:d7:5f:e2:
a1:4f:41:7f:83:53:86:d0:76:6e:35:4a:bf:17:52:
4d:ed:95:a0:d6:fa:cf:5f:22:53:8a:7a:22:1f:a8:
02:2e:91:c7:4c:fb:2e:d9:12:99:f3:6f:52:3e:fc:
de:1e:8c:ff:45:9a:b7:1c:12:b9:fc:1e:f0:30:78:
ca:b3:95:43:51:f1:11:26:9c:41:f7:86:30:a9:c5:
53:32:b7:cf:88:fa:6f:d6:b2:71:8e:46:69:29:f6:
01:e4:c7:3d:68:78:ad:6b:72:8a:63:87:8f:64:16:
19:2d:71:d4:e8:93:73:ab:ab:18:d4:a6:12:ea:b5:
72:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:AF:3D:C2:F1:2A:90:C1:1D:C7:C9:D4:86:96:B3:97:77:55:BC:EF
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/UK89wvEqkMEdx8nUhpazl3dVvO8.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
49:7b:11:70:b5:78:a7:65:4b:ba:7e:6b:d4:42:c1:d1:11:21:
4b:0e:b5:25:3c:73:1d:ca:2e:23:94:5f:da:b0:c3:e4:25:02:
87:53:07:fa:e8:d0:c9:7b:78:c3:36:db:b2:b9:72:a0:f0:3e:
52:12:c6:11:a0:58:4f:3b:99:56:71:e8:83:30:0b:a2:c8:3b:
d2:55:0a:e3:76:a1:9c:9d:7c:5d:18:d6:29:b4:24:b9:77:d1:
ea:12:55:0c:0a:46:91:b8:cc:7d:3f:87:91:0a:98:f4:3d:d1:
ab:23:24:45:39:4a:19:4b:0e:0d:97:70:f8:b5:ed:6c:b3:c8:
06:b6:5e:04:c0:60:e0:6f:28:ff:0e:c4:46:6c:4f:4a:25:3f:
e3:a7:81:24:bd:dd:7b:ee:a7:8a:49:db:0d:8c:cb:70:37:e0:
53:16:ab:98:6f:1d:17:50:94:b2:95:f1:42:91:c6:62:53:d7:
25:e3:f8:9c:ef:2e:a2:b1:27:57:28:97:25:d9:ef:d2:20:59:
89:b4:30:04:f1:80:49:1d:67:54:49:44:ed:64:24:fe:ad:28:
4e:f8:09:44:4c:91:19:e6:93:dc:a0:f7:80:ba:8d:f1:10:5e:
c5:7a:ef:ea:06:9c:ec:7c:16:23:18:e6:1a:e4:50:e9:9a:f3:
33:03:43:88
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICHckwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MTUx
OTE5MzRaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDUwQUYzREMyRjEyQTkw
QzExREM3QzlENDg2OTZCMzk3Nzc1NUJDRUYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDfjY1j+JWW29UluYrSsbNs2BPzJ4GZIhbijS5gmZixcpeLobfr
GtHj5WxBoXMzp8OBrVmt0xTwImCCYf1IdfJxGjb/NEZj4MyKFeEM1SHbbBdAXD6J
/EncOOARNKoEG8oVVm/jT2zZuubpGKZONyO1s1XMhRL2GmHnW80tzOFXagoDktdf
4qFPQX+DU4bQdm41Sr8XUk3tlaDW+s9fIlOKeiIfqAIukcdM+y7ZEpnzb1I+/N4e
jP9FmrccErn8HvAweMqzlUNR8REmnEH3hjCpxVMyt8+I+m/WsnGORmkp9gHkxz1o
eK1rcopjh49kFhktcdTok3OrqxjUphLqtXITAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUUK89wvEqkMEdx8nUhpazl3dVvO8wHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9VSzg5d3ZFcWtNRWR4OG5V
aHBhemwzZFZ2Tzgucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBAEl7EXC1eKdlS7p+a9RCwdERIUsOtSU8cx3K
LiOUX9qww+QlAodTB/ro0Ml7eMM227K5cqDwPlISxhGgWE87mVZx6IMwC6LIO9JV
CuN2oZydfF0Y1im0JLl30eoSVQwKRpG4zH0/h5EKmPQ90asjJEU5ShlLDg2XcPi1
7WyzyAa2XgTAYOBvKP8OxEZsT0olP+OngSS93Xvup4pJ2w2My3A34FMWq5hvHRdQ
lLKV8UKRxmJT1yXj+JzvLqKxJ1colyXZ79IgWYm0MATxgEkdZ1RJRO1kJP6tKE74
CURMkRnmk9yg94C6jfEQXsV67+oGnOx8FiMY5hrkUOma8zMDQ4g=
-----END CERTIFICATE-----
Generated at Sun Jul 20 19:30:28 2025 by rpki-client