Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/WM20vVzNfOLVAg7CNGwUNBNKLvg.roa
File: WM20vVzNfOLVAg7CNGwUNBNKLvg.roa (raw, json)
Hash identifier: +Ewu37zbHneGcOsWuHaDoxF10ne6151bH/cjsZGbawI=
Subject key identifier: 58:CD:B4:BD:5C:CD:7C:E2:D5:02:0E:C2:34:6C:14:34:13:4A:2E:F8
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 2135
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/WM20vVzNfOLVAg7CNGwUNBNKLvg.roa
Signing time: Fri 20 Jun 2025 20:11:41 +0000
ROA not before: Fri 20 Jun 2025 20:11:41 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8501 (0x2135)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 20 20:11:41 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=58CDB4BD5CCD7CE2D5020EC2346C1434134A2EF8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:dc:a0:54:9e:9e:47:80:d9:57:54:fa:7a:7d:
4a:db:89:1c:e0:1f:8c:6d:47:3a:d0:65:bd:ee:89:
11:61:29:62:de:e5:ef:1c:9a:09:3b:de:2b:b0:08:
ed:94:29:80:65:f8:50:a6:96:17:6b:49:70:02:1b:
bb:85:ea:c4:04:2e:9d:5e:81:59:96:89:5f:da:9a:
98:eb:e9:27:4b:15:de:3f:6e:e3:44:4d:17:c1:8e:
f4:4f:fe:9f:a0:8a:01:9a:c1:c0:08:fc:e1:84:8f:
57:76:9d:fa:e9:36:da:4c:3d:87:34:a1:27:10:9f:
11:a0:9d:73:24:fe:ec:83:a3:5e:a8:d7:e8:ab:80:
d4:b3:58:ef:b7:ab:5d:c4:77:73:6c:0a:e4:02:b0:
48:58:c1:76:1d:5a:d9:6d:f7:3f:7f:3b:63:3a:45:
0b:a5:08:4c:f3:ec:f8:d5:ad:90:b8:7f:f5:2c:b1:
84:d7:74:15:30:71:d2:8a:99:0a:59:a2:4d:f6:d3:
9c:9c:30:33:99:dc:b6:85:15:ad:65:a8:a8:34:dd:
16:e3:d0:1c:aa:1c:05:21:6d:2d:d4:b5:cf:a6:72:
5d:c1:1c:e3:dc:73:3e:54:3e:37:6e:c9:d0:89:eb:
39:de:95:13:0f:ca:ba:18:21:fa:f2:f1:48:3d:3c:
29:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:CD:B4:BD:5C:CD:7C:E2:D5:02:0E:C2:34:6C:14:34:13:4A:2E:F8
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/WM20vVzNfOLVAg7CNGwUNBNKLvg.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
26:4c:a1:fe:e2:3b:74:fd:b4:77:ab:be:cf:7e:7f:03:f1:9f:
b1:4a:9d:85:07:00:e9:e3:2e:89:ea:49:65:d5:06:21:8d:61:
d7:4b:07:db:2a:0a:81:a0:76:db:1f:78:9a:b8:da:2c:6c:3a:
73:d9:76:ee:92:8a:33:90:1b:37:43:77:41:3f:2c:bf:de:01:
f5:c9:2a:b6:f8:4c:08:b9:e4:d8:d9:e7:21:e7:28:e8:7c:bd:
f6:83:7d:9f:4d:5f:8a:28:89:10:93:a3:e4:c5:f3:f0:60:af:
e8:c1:24:59:9d:f3:e7:46:e8:ef:c3:4f:a2:ea:90:62:9c:dc:
e0:f8:6b:2c:c1:6e:00:68:7a:6f:b9:fa:f5:bd:68:01:dd:e6:
0b:e8:4b:c7:47:3c:09:2a:18:1c:4b:34:40:95:c6:e5:43:99:
45:8a:80:78:6c:58:38:22:d8:f5:0f:4c:4d:e1:dc:88:98:64:
b2:30:0f:b1:e1:ad:59:85:b1:e5:a3:f8:e2:bc:a6:62:34:77:
b7:09:da:e7:6b:42:9c:67:fe:75:da:d1:e5:d1:85:b5:ec:08:
ed:5b:17:1a:ca:36:78:8f:93:f2:e7:37:62:4c:96:cd:0f:f7:
9f:a3:02:33:5a:29:ef:01:73:78:1b:9e:49:3b:09:62:ba:e9:
cd:1a:e9:a0
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICITUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MjAy
MDExNDFaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDU4Q0RCNEJENUNDRDdD
RTJENTAyMEVDMjM0NkMxNDM0MTM0QTJFRjgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCz3KBUnp5HgNlXVPp6fUrbiRzgH4xtRzrQZb3uiRFhKWLe5e8c
mgk73iuwCO2UKYBl+FCmlhdrSXACG7uF6sQELp1egVmWiV/ampjr6SdLFd4/buNE
TRfBjvRP/p+gigGawcAI/OGEj1d2nfrpNtpMPYc0oScQnxGgnXMk/uyDo16o1+ir
gNSzWO+3q13Ed3NsCuQCsEhYwXYdWtlt9z9/O2M6RQulCEzz7PjVrZC4f/UssYTX
dBUwcdKKmQpZok3205ycMDOZ3LaFFa1lqKg03Rbj0ByqHAUhbS3Utc+mcl3BHOPc
cz5UPjduydCJ6znelRMPyroYIfry8Ug9PCkfAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUWM20vVzNfOLVAg7CNGwUNBNKLvgwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9XTTIwdlZ6TmZPTFZBZzdD
Tkd3VU5CTktMdmcucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBACZMof7iO3T9tHervs9+fwPxn7FKnYUHAOnj
LonqSWXVBiGNYddLB9sqCoGgdtsfeJq42ixsOnPZdu6SijOQGzdDd0E/LL/eAfXJ
Krb4TAi55NjZ5yHnKOh8vfaDfZ9NX4ooiRCTo+TF8/Bgr+jBJFmd8+dG6O/DT6Lq
kGKc3OD4ayzBbgBoem+5+vW9aAHd5gvoS8dHPAkqGBxLNECVxuVDmUWKgHhsWDgi
2PUPTE3h3IiYZLIwD7HhrVmFseWj+OK8pmI0d7cJ2udrQpxn/nXa0eXRhbXsCO1b
FxrKNniPk/LnN2JMls0P95+jAjNaKe8Bc3gbnkk7CWK66c0a6aA=
-----END CERTIFICATE-----
Generated at Mon Jul 21 08:08:54 2025 by rpki-client