Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/_vYln-Ar5ESe92YaqoCA5hfpVkw.roa
File: _vYln-Ar5ESe92YaqoCA5hfpVkw.roa (raw, json)
Hash identifier: kRddVvhKcVpIlnCd6oBSBWsxMecIU/SpEZ/cwMrWRw8=
Subject key identifier: FE:F6:25:9F:E0:2B:E4:44:9E:F7:66:1A:AA:80:80:E6:17:E9:56:4C
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 1D55
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/_vYln-Ar5ESe92YaqoCA5hfpVkw.roa
Signing time: Sun 15 Jun 2025 04:40:08 +0000
ROA not before: Sun 15 Jun 2025 04:40:08 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7509 (0x1d55)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 15 04:40:08 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=FEF6259FE02BE4449EF7661AAA8080E617E9564C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:7c:e8:c1:bc:b6:df:46:1a:e7:2e:f2:cc:86:
36:2e:47:48:5e:45:ea:ee:3a:f9:78:1d:ba:18:87:
67:5f:88:05:89:57:ea:e8:3a:f2:4b:12:e0:c5:77:
8e:35:ed:00:78:71:8b:41:68:06:34:49:84:c6:e9:
b6:ba:0e:2c:c5:a3:97:02:bf:08:eb:91:a4:58:8b:
91:6b:d2:ca:ab:26:82:5f:3f:2f:1d:ae:f3:40:ca:
a2:f6:9f:75:21:75:9b:f4:c4:a5:43:ca:b3:ab:3f:
dd:c6:e2:7d:96:4c:0d:ad:34:37:c9:5e:78:b6:a1:
cf:73:ed:8e:01:19:c3:af:8b:09:f1:ac:78:59:41:
f3:8e:47:3f:15:9a:f6:af:f0:0c:80:9e:7f:88:43:
ab:70:70:9f:bd:7c:78:cf:ae:97:aa:17:7c:fc:df:
3a:fa:43:53:4d:f1:28:d9:90:fb:23:f0:19:f7:93:
9f:f7:b0:8c:dd:59:43:f3:a1:f5:51:0a:7e:8e:59:
e9:74:d2:27:80:9c:30:2e:af:58:a0:df:3e:33:1a:
dd:07:17:17:ec:d8:3e:77:4e:98:e3:8f:c1:71:e4:
c4:31:37:d2:dd:0d:39:35:29:fb:e5:36:71:d9:f7:
13:9e:ec:9a:0a:6a:95:21:13:41:94:48:b5:aa:1a:
a6:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:F6:25:9F:E0:2B:E4:44:9E:F7:66:1A:AA:80:80:E6:17:E9:56:4C
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/_vYln-Ar5ESe92YaqoCA5hfpVkw.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
11:ef:3f:ce:d7:cd:31:05:d2:31:bc:c9:23:42:6c:1c:4f:04:
a0:fe:51:16:03:01:26:57:d5:8d:04:99:5b:18:b2:d0:47:b7:
49:9c:aa:03:49:98:06:3e:1c:2f:3b:51:47:6b:5d:a9:94:98:
f7:83:eb:36:f9:df:55:9f:c6:31:d1:ae:4e:f7:7e:de:7c:2a:
34:28:ad:0d:91:4d:5b:fc:62:88:03:69:da:dd:c2:ca:dc:64:
67:a3:8d:94:e0:00:7a:0f:19:07:cc:08:b5:9a:99:82:86:4b:
f6:eb:23:4f:88:7b:2c:25:66:53:b7:67:ec:3d:26:63:fc:29:
93:cc:07:b8:34:6e:ad:0a:2c:89:5d:98:ea:1c:13:19:2b:4e:
ba:9c:1a:f2:bb:6b:0d:a8:7d:8d:ec:55:b9:5b:8f:ed:30:17:
b5:2c:06:5d:d1:8f:10:52:69:6f:3e:69:c0:66:1e:85:73:05:
30:df:f4:ca:d3:b6:c2:f1:1c:0b:ef:5e:69:c2:18:c8:2e:1a:
6a:7f:ef:59:f5:d4:1d:60:ca:a2:37:58:f3:4e:b7:cb:15:96:
93:f4:c1:88:19:45:b4:35:9a:80:81:61:77:1e:77:f3:ae:ab:
fd:10:18:b1:cf:72:cb:5f:e5:d7:78:d4:11:ee:24:26:30:4a:
64:90:06:2d
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICHVUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MTUw
NDQwMDhaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEZFRjYyNTlGRTAyQkU0
NDQ5RUY3NjYxQUFBODA4MEU2MTdFOTU2NEMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCrfOjBvLbfRhrnLvLMhjYuR0heReruOvl4HboYh2dfiAWJV+ro
OvJLEuDFd4417QB4cYtBaAY0SYTG6ba6DizFo5cCvwjrkaRYi5Fr0sqrJoJfPy8d
rvNAyqL2n3UhdZv0xKVDyrOrP93G4n2WTA2tNDfJXni2oc9z7Y4BGcOviwnxrHhZ
QfOORz8Vmvav8AyAnn+IQ6twcJ+9fHjPrpeqF3z83zr6Q1NN8SjZkPsj8Bn3k5/3
sIzdWUPzofVRCn6OWel00ieAnDAur1ig3z4zGt0HFxfs2D53Tpjjj8Fx5MQxN9Ld
DTk1KfvlNnHZ9xOe7JoKapUhE0GUSLWqGqa3AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQU/vYln+Ar5ESe92YaqoCA5hfpVkwwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9fdllsbi1BcjVFU2U5Mllh
cW9DQTVoZnBWa3cucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBABHvP87XzTEF0jG8ySNCbBxPBKD+URYDASZX
1Y0EmVsYstBHt0mcqgNJmAY+HC87UUdrXamUmPeD6zb531WfxjHRrk73ft58KjQo
rQ2RTVv8YogDadrdwsrcZGejjZTgAHoPGQfMCLWamYKGS/brI0+IeywlZlO3Z+w9
JmP8KZPMB7g0bq0KLIldmOocExkrTrqcGvK7aw2ofY3sVblbj+0wF7UsBl3RjxBS
aW8+acBmHoVzBTDf9MrTtsLxHAvvXmnCGMguGmp/71n11B1gyqI3WPNOt8sVlpP0
wYgZRbQ1moCBYXced/Ouq/0QGLHPcstf5dd41BHuJCYwSmSQBi0=
-----END CERTIFICATE-----
Generated at Sun Jul 20 12:38:37 2025 by rpki-client