Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/XjhxSlei7r6jJSWBH2zl3w0lFz8.roa
File: XjhxSlei7r6jJSWBH2zl3w0lFz8.roa (raw, json)
Hash identifier: ddDh7r9MOsBJqRCvWUxr3j4CQ4PLWHUiSBjEMMzVf7w=
Subject key identifier: 5E:38:71:4A:57:A2:EE:BE:A3:25:25:81:1F:6C:E5:DF:0D:25:17:3F
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 1E49
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/XjhxSlei7r6jJSWBH2zl3w0lFz8.roa
Signing time: Mon 16 Jun 2025 11:09:59 +0000
ROA not before: Mon 16 Jun 2025 11:09:59 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7753 (0x1e49)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 16 11:09:59 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=5E38714A57A2EEBEA32525811F6CE5DF0D25173F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:55:47:84:cd:66:86:9a:b6:3f:10:44:f5:d8:
4f:e5:78:91:07:14:cb:fe:f9:b6:56:f5:dd:a2:2a:
b1:35:88:b6:c4:f5:89:a9:a8:57:7d:e7:71:49:18:
17:78:dd:82:7d:ba:25:2d:83:eb:e6:ea:3d:de:c2:
58:c7:bc:49:61:0e:30:91:7c:96:ea:cb:a5:7a:d9:
bc:80:01:07:db:86:83:e1:4a:8f:64:1d:4d:05:4f:
43:78:3c:16:44:47:7d:0c:14:2f:65:a4:0a:1d:e6:
18:e1:08:f3:0c:47:7d:a4:a1:5d:85:36:1e:03:6c:
a4:99:74:83:6a:dc:d5:86:be:2b:74:0d:4b:32:5a:
06:c1:69:cc:5a:3a:7a:9b:94:a0:d7:e5:5d:55:66:
de:19:c9:2b:be:c2:0a:3b:ba:8c:2e:32:30:46:51:
c4:ee:06:ed:22:c3:bc:34:ee:b9:5b:2e:1d:4d:86:
68:dc:d6:d9:9e:f3:ba:d0:62:3d:4c:1d:32:6d:a2:
82:f4:00:2f:db:97:06:ca:d0:b4:82:9c:b4:0c:62:
cf:56:2b:43:b2:b9:62:76:22:2d:fc:95:5f:7b:36:
4e:cb:b5:bf:ab:68:92:58:a2:b3:28:36:10:7b:5e:
9f:e5:77:d4:1f:88:a5:0f:6e:38:f8:67:53:3a:62:
f1:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:38:71:4A:57:A2:EE:BE:A3:25:25:81:1F:6C:E5:DF:0D:25:17:3F
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/XjhxSlei7r6jJSWBH2zl3w0lFz8.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
59:65:58:cd:81:41:58:ec:44:33:bd:67:bf:a7:3e:d3:31:25:
db:e6:44:c9:bd:48:ac:c8:d6:d3:82:9e:a6:e7:dd:66:32:1e:
b7:9b:54:47:b7:20:48:1b:c1:ce:5d:d8:43:ef:5a:c5:d8:0a:
7e:bc:d7:c6:92:03:79:64:d3:bf:4f:11:da:be:79:0d:40:53:
4f:6c:f3:84:bb:7a:ab:fc:f1:a5:94:b3:81:31:9e:10:52:b2:
08:49:9d:f4:aa:fa:42:32:52:40:70:10:24:84:2a:6c:ab:a0:
ce:65:f3:9d:b4:dd:da:6b:b9:17:43:9a:76:93:53:31:1a:ab:
97:b3:2a:66:65:a8:83:8f:f4:ac:e1:ae:2f:f5:e9:96:f2:47:
ed:7f:7b:95:6e:d9:df:44:72:44:e2:90:25:dd:98:03:c5:b5:
63:0a:f3:3a:c2:24:3c:e8:61:b8:38:47:94:fb:a3:13:13:bf:
55:3f:40:6e:5f:6f:20:6a:0a:49:9c:b9:34:1f:ad:66:92:ec:
3e:a1:15:b8:1c:56:f5:a5:83:44:82:02:fc:e0:6c:1e:29:c3:
dc:76:24:62:d5:e7:dc:f7:59:3d:2e:b8:66:68:62:a3:17:1c:
4f:3d:6e:6e:32:9d:58:46:97:31:38:08:cc:44:b3:d3:99:e2:
44:9a:44:49
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICHkkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MTYx
MTA5NTlaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDVFMzg3MTRBNTdBMkVF
QkVBMzI1MjU4MTFGNkNFNURGMEQyNTE3M0YwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCkVUeEzWaGmrY/EET12E/leJEHFMv++bZW9d2iKrE1iLbE9Ymp
qFd953FJGBd43YJ9uiUtg+vm6j3ewljHvElhDjCRfJbqy6V62byAAQfbhoPhSo9k
HU0FT0N4PBZER30MFC9lpAod5hjhCPMMR32koV2FNh4DbKSZdINq3NWGvit0DUsy
WgbBacxaOnqblKDX5V1VZt4ZySu+wgo7uowuMjBGUcTuBu0iw7w07rlbLh1Nhmjc
1tme87rQYj1MHTJtooL0AC/blwbK0LSCnLQMYs9WK0OyuWJ2Ii38lV97Nk7Ltb+r
aJJYorMoNhB7Xp/ld9QfiKUPbjj4Z1M6YvGtAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUXjhxSlei7r6jJSWBH2zl3w0lFz8wHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9Yamh4U2xlaTdyNmpKU1dC
SDJ6bDN3MGxGejgucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBAFllWM2BQVjsRDO9Z7+nPtMxJdvmRMm9SKzI
1tOCnqbn3WYyHrebVEe3IEgbwc5d2EPvWsXYCn6818aSA3lk079PEdq+eQ1AU09s
84S7eqv88aWUs4ExnhBSsghJnfSq+kIyUkBwECSEKmyroM5l85203dpruRdDmnaT
UzEaq5ezKmZlqIOP9Kzhri/16ZbyR+1/e5Vu2d9EckTikCXdmAPFtWMK8zrCJDzo
Ybg4R5T7oxMTv1U/QG5fbyBqCkmcuTQfrWaS7D6hFbgcVvWlg0SCAvzgbB4pw9x2
JGLV59z3WT0uuGZoYqMXHE89bm4ynVhGlzE4CMxEs9OZ4kSaREk=
-----END CERTIFICATE-----
Generated at Sun Jul 20 12:53:28 2025 by rpki-client