Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/XFqHyyuAoBAWqcAKWw6zPuAAni8.roa
File: XFqHyyuAoBAWqcAKWw6zPuAAni8.roa (raw, json)
Hash identifier: zWP2c0m9g7tw1gR4uvLdfk9Uwl1p7JbbRbBKxA7aRi4=
Subject key identifier: 5C:5A:87:CB:2B:80:A0:10:16:A9:C0:0A:5B:0E:B3:3E:E0:00:9E:2F
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 1E75
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/XFqHyyuAoBAWqcAKWw6zPuAAni8.roa
Signing time: Mon 16 Jun 2025 16:40:22 +0000
ROA not before: Mon 16 Jun 2025 16:40:22 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7797 (0x1e75)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 16 16:40:22 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=5C5A87CB2B80A01016A9C00A5B0EB33EE0009E2F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:c5:1c:51:a0:96:ec:f1:8c:0a:c8:74:6f:13:
71:07:d6:b9:ec:27:55:77:0d:42:92:c5:f1:66:d8:
9f:43:c2:f7:cc:4c:a1:c4:68:43:58:be:3f:3d:a9:
60:90:b3:fd:42:8d:b9:8e:12:86:ea:4d:37:b9:84:
9a:5a:59:37:6c:94:b7:34:60:3e:0a:fd:40:b7:f4:
f1:f2:a3:c0:d5:74:ff:42:53:4c:82:f9:90:a6:42:
a3:24:1b:eb:38:0f:d5:33:8c:62:19:bf:09:ed:bd:
f7:72:4c:49:cc:f8:9e:07:e5:bb:fc:54:69:53:4b:
8b:25:81:d9:1f:a7:60:cc:3c:03:f6:97:70:b0:ee:
66:b5:a6:84:19:c9:89:de:36:3d:0c:d8:67:43:64:
f2:04:27:4e:62:54:fb:00:8b:80:cc:38:12:e9:5a:
f8:6b:4a:5b:3c:e8:9d:14:07:35:d4:30:5e:15:a3:
d3:6b:a5:77:e3:78:fc:45:c6:7d:57:d2:30:ff:d7:
b3:45:33:99:5b:78:3d:95:77:ea:0f:c2:56:2d:bd:
c7:7a:e5:ce:c3:04:1b:62:96:c2:fb:c4:c3:48:56:
b9:2c:f3:1b:75:e7:54:0a:c0:f5:cd:27:39:63:c9:
a2:cb:ef:4b:f2:38:77:b9:3b:5b:5c:f3:91:3d:5d:
be:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:5A:87:CB:2B:80:A0:10:16:A9:C0:0A:5B:0E:B3:3E:E0:00:9E:2F
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/XFqHyyuAoBAWqcAKWw6zPuAAni8.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
9d:69:72:7a:79:0d:e7:ed:57:f6:60:27:6c:94:24:8d:1d:c9:
83:47:18:83:e7:3a:91:5b:00:66:a0:cd:1e:34:0a:f1:97:0e:
c1:de:3d:fe:79:df:1c:be:df:07:bb:39:05:fa:e6:f5:a1:67:
75:4e:47:f3:6e:5f:2e:f8:f3:97:f1:d1:ce:fd:3b:2b:87:90:
78:3c:9b:fb:24:d3:d5:41:2b:41:dc:64:b3:eb:9f:27:35:92:
29:8b:10:f4:0a:56:96:01:be:25:ae:c6:95:7d:b2:0b:bb:13:
af:de:bd:8b:58:08:b2:f6:dd:dc:49:2e:01:94:38:7b:99:70:
15:b7:7b:97:d9:45:e6:67:34:3f:02:a4:be:b0:86:1a:b2:16:
c4:c4:98:23:97:8f:82:0e:c5:e3:95:ef:8f:5e:cb:e3:6d:13:
2b:92:a6:c6:28:c7:7c:71:88:8c:a6:b5:09:cc:9a:7d:da:3a:
cc:93:c3:e8:81:65:30:5f:a9:69:05:db:eb:26:69:a3:2e:bc:
9b:c9:51:86:2b:5d:d8:fa:13:66:17:56:d2:a1:b3:47:7e:b6:
de:31:43:1f:7b:f1:14:ef:8a:5a:7a:e0:38:c3:9c:37:b2:b3:
d2:00:7e:c3:56:ea:99:c9:00:ef:0e:0d:0b:a2:3e:68:af:55:
46:90:40:c6
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICHnUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MTYx
NjQwMjJaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDVDNUE4N0NCMkI4MEEw
MTAxNkE5QzAwQTVCMEVCMzNFRTAwMDlFMkYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDDxRxRoJbs8YwKyHRvE3EH1rnsJ1V3DUKSxfFm2J9DwvfMTKHE
aENYvj89qWCQs/1CjbmOEobqTTe5hJpaWTdslLc0YD4K/UC39PHyo8DVdP9CU0yC
+ZCmQqMkG+s4D9UzjGIZvwntvfdyTEnM+J4H5bv8VGlTS4slgdkfp2DMPAP2l3Cw
7ma1poQZyYneNj0M2GdDZPIEJ05iVPsAi4DMOBLpWvhrSls86J0UBzXUMF4Vo9Nr
pXfjePxFxn1X0jD/17NFM5lbeD2Vd+oPwlYtvcd65c7DBBtilsL7xMNIVrks8xt1
51QKwPXNJzljyaLL70vyOHe5O1tc85E9Xb73AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUXFqHyyuAoBAWqcAKWw6zPuAAni8wHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9YRnFIeXl1QW9CQVdxY0FL
V3c2elB1QUFuaTgucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBAJ1pcnp5DeftV/ZgJ2yUJI0dyYNHGIPnOpFb
AGagzR40CvGXDsHePf553xy+3we7OQX65vWhZ3VOR/NuXy7485fx0c79OyuHkHg8
m/sk09VBK0HcZLPrnyc1kimLEPQKVpYBviWuxpV9sgu7E6/evYtYCLL23dxJLgGU
OHuZcBW3e5fZReZnND8CpL6whhqyFsTEmCOXj4IOxeOV749ey+NtEyuSpsYox3xx
iIymtQnMmn3aOsyTw+iBZTBfqWkF2+smaaMuvJvJUYYrXdj6E2YXVtKhs0d+tt4x
Qx978RTvilp64DjDnDeys9IAfsNW6pnJAO8ODQuiPmivVUaQQMY=
-----END CERTIFICATE-----
Generated at Sun Jul 20 12:42:04 2025 by rpki-client