Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/_CAnN06-HAXe9rxwWsvz0Ag2X00.roa
File: _CAnN06-HAXe9rxwWsvz0Ag2X00.roa (raw, json)
Hash identifier: bev7iq5bxH0r6Y3UG2DcswlcJNtzhp0OsjJ2R31PuHk=
Subject key identifier: FC:20:27:37:4E:BE:1C:05:DE:F6:BC:70:5A:CB:F3:D0:08:36:5F:4D
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 15FD
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/_CAnN06-HAXe9rxwWsvz0Ag2X00.roa
Signing time: Thu 05 Jun 2025 09:39:25 +0000
ROA not before: Thu 05 Jun 2025 09:39:25 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5629 (0x15fd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 5 09:39:25 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=FC2027374EBE1C05DEF6BC705ACBF3D008365F4D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:bf:50:cb:bf:25:53:62:24:1e:3b:40:87:90:
df:19:59:32:71:6b:b8:b6:f2:e6:70:4b:07:21:90:
99:33:ac:1d:e7:88:49:f1:66:33:39:ae:93:8c:be:
67:96:95:c7:83:37:6b:40:8b:36:ad:4a:3f:44:ad:
d7:66:17:69:54:44:0b:71:6b:a3:07:83:67:d1:69:
ae:81:dc:54:3d:f2:da:ce:be:44:26:55:ae:86:f7:
3a:6f:c1:41:d1:de:12:b4:ae:d7:e4:ee:4c:9d:df:
b8:fd:bb:4c:93:16:82:2d:69:1a:19:fd:99:25:cb:
ec:c4:e1:91:01:0b:3d:da:c0:19:1a:93:41:7c:ed:
66:ab:1e:55:62:06:f6:a6:c8:39:e7:9d:45:42:ca:
59:f6:31:41:22:20:00:3c:8d:fc:3b:b8:a0:21:ea:
4a:86:1c:51:ad:2c:13:39:34:35:34:d8:4e:8b:30:
61:f8:ea:93:2b:4c:4c:80:15:01:90:82:cf:0f:66:
67:67:c2:f1:56:9a:e4:0a:97:9b:c7:60:f3:03:1b:
0b:d1:40:a5:e1:95:40:92:e1:30:23:5d:8b:2e:67:
58:8a:6e:16:63:fa:7d:c4:97:dd:d0:55:2a:a9:bb:
c4:20:47:5a:34:72:e6:ed:b6:94:22:aa:f8:ae:8c:
30:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:20:27:37:4E:BE:1C:05:DE:F6:BC:70:5A:CB:F3:D0:08:36:5F:4D
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/_CAnN06-HAXe9rxwWsvz0Ag2X00.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
3e:ea:bd:de:17:12:9b:74:6c:2e:d2:ee:e6:02:f0:71:cc:e8:
82:4e:ef:f1:81:34:08:27:0a:c2:80:7b:4f:09:78:85:bc:a0:
9d:f6:e2:03:c1:db:df:8b:13:89:c8:db:44:5d:c4:48:88:dd:
34:96:39:81:04:33:fe:cb:0d:53:ef:f2:13:8e:6c:6b:36:e3:
7d:4a:54:39:35:5b:e8:65:0f:cc:5d:e7:c0:6e:90:71:a2:c8:
26:22:a5:db:e3:bd:5d:df:2c:f5:a6:cc:c5:cb:4e:54:8c:50:
43:28:30:37:35:48:4a:0e:d5:e0:37:00:68:d1:da:72:48:2c:
20:ba:0d:bb:5b:3e:e1:e4:09:46:0e:9e:dd:28:96:6a:9b:64:
0d:48:6a:24:c6:7c:89:1c:32:e5:a4:be:3f:8a:3c:99:84:60:
c0:e2:cb:20:c6:89:2b:97:6c:04:a1:a5:8c:83:9f:72:15:c5:
5c:1d:36:c8:2f:0f:2a:53:c6:d0:15:34:c7:f1:75:66:d1:af:
4b:9b:4b:6a:9f:5c:ce:99:cf:81:ea:e8:15:b4:46:0a:c9:1a:
0d:fd:22:7d:c1:fe:40:78:fc:d4:98:10:04:58:4c:b2:f9:53:
fe:34:4c:ac:39:ff:1d:73:69:73:92:29:3c:70:da:ee:71:61:
30:81:04:30
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICFf0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MDUw
OTM5MjVaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEZDMjAyNzM3NEVCRTFD
MDVERUY2QkM3MDVBQ0JGM0QwMDgzNjVGNEQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDQv1DLvyVTYiQeO0CHkN8ZWTJxa7i28uZwSwchkJkzrB3niEnx
ZjM5rpOMvmeWlceDN2tAizatSj9ErddmF2lURAtxa6MHg2fRaa6B3FQ98trOvkQm
Va6G9zpvwUHR3hK0rtfk7kyd37j9u0yTFoItaRoZ/Zkly+zE4ZEBCz3awBkak0F8
7WarHlViBvamyDnnnUVCyln2MUEiIAA8jfw7uKAh6kqGHFGtLBM5NDU02E6LMGH4
6pMrTEyAFQGQgs8PZmdnwvFWmuQKl5vHYPMDGwvRQKXhlUCS4TAjXYsuZ1iKbhZj
+n3El93QVSqpu8QgR1o0cubttpQiqviujDDPAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQU/CAnN06+HAXe9rxwWsvz0Ag2X00wHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9fQ0FuTjA2LUhBWGU5cnh3
V3N2ejBBZzJYMDAucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBAD7qvd4XEpt0bC7S7uYC8HHM6IJO7/GBNAgn
CsKAe08JeIW8oJ324gPB29+LE4nI20RdxEiI3TSWOYEEM/7LDVPv8hOObGs2431K
VDk1W+hlD8xd58BukHGiyCYipdvjvV3fLPWmzMXLTlSMUEMoMDc1SEoO1eA3AGjR
2nJILCC6DbtbPuHkCUYOnt0olmqbZA1IaiTGfIkcMuWkvj+KPJmEYMDiyyDGiSuX
bAShpYyDn3IVxVwdNsgvDypTxtAVNMfxdWbRr0ubS2qfXM6Zz4Hq6BW0RgrJGg39
In3B/kB4/NSYEARYTLL5U/40TKw5/x1zaXOSKTxw2u5xYTCBBDA=
-----END CERTIFICATE-----
Generated at Sun Jul 20 12:46:41 2025 by rpki-client