Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/a2JkckirKABdeixZM65rlAcLbf8.roa
File: a2JkckirKABdeixZM65rlAcLbf8.roa (raw, json)
Hash identifier: I8o5z3SniXoY/QEPc6NWBkuwCdYuMKforHXFLLztSSQ=
Subject key identifier: 6B:62:64:72:48:AB:28:00:5D:7A:2C:59:33:AE:6B:94:07:0B:6D:FF
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0BA5
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/a2JkckirKABdeixZM65rlAcLbf8.roa
Signing time: Thu 22 May 2025 14:38:23 +0000
ROA not before: Thu 22 May 2025 14:38:23 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2981 (0xba5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 22 14:38:23 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=6B62647248AB28005D7A2C5933AE6B94070B6DFF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:77:6a:97:e6:cf:cc:08:6d:14:ff:56:c3:d8:
95:4a:94:5a:9a:40:70:cb:a8:34:39:7b:00:0d:4d:
61:b1:c7:2a:c0:54:a9:62:48:04:2a:f7:d0:0f:26:
1e:9b:21:ef:41:94:12:6b:fc:9b:7c:7a:1e:e5:7d:
62:f5:43:fd:02:41:8b:c3:3c:c6:d6:73:25:f5:5a:
bb:fa:0c:d2:55:5b:3d:4a:78:13:63:14:d1:3f:b8:
8c:ac:d6:7e:3e:be:74:57:1a:7e:5b:9e:d9:10:27:
a2:a7:c3:70:a6:fb:84:2d:17:0a:86:be:e4:35:c2:
d0:75:9f:5f:05:26:27:39:1d:c5:27:9d:6e:ae:e7:
ff:39:6b:2e:cb:bc:5f:71:65:97:8d:11:06:e9:92:
52:13:21:41:42:2b:f5:c3:8d:fe:7a:cc:94:b8:81:
cb:7f:70:8e:8a:6a:d1:d7:90:27:5e:ef:fa:6e:8d:
1a:31:04:95:c7:59:ab:4b:9b:cb:fa:81:b9:97:66:
a1:86:eb:07:f6:0c:9c:3b:25:f7:af:d2:48:c0:f0:
11:42:d2:cb:53:7d:11:30:1b:c1:1e:08:8c:26:63:
d8:13:6f:7c:6e:1b:47:fe:35:2b:d3:14:65:ea:70:
ad:aa:4e:96:49:50:67:65:2d:40:bd:9f:a8:12:f8:
ec:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:62:64:72:48:AB:28:00:5D:7A:2C:59:33:AE:6B:94:07:0B:6D:FF
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/a2JkckirKABdeixZM65rlAcLbf8.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
5b:0b:74:91:4f:73:60:d9:b1:46:d5:54:41:25:e8:e1:c1:af:
64:fe:9d:25:21:77:97:8f:a3:ac:4f:f5:16:39:f7:dc:78:18:
a3:75:cc:c5:13:7c:a8:e2:21:56:c6:92:ba:66:10:71:5e:41:
34:0b:48:4f:69:65:1e:1c:79:2d:8d:16:cf:c8:c7:b8:4c:d0:
24:96:22:ec:69:03:70:5f:9b:bf:1a:02:75:ad:0a:16:69:42:
93:39:e7:e2:a3:4d:f4:99:af:3e:45:cf:ab:34:96:88:b3:ab:
16:4f:3c:54:9c:2f:f9:64:b7:3d:6e:75:01:da:29:7a:9d:09:
16:01:5d:96:89:fd:81:0b:47:87:ab:3f:74:cf:9f:0c:0e:ea:
45:62:29:40:ca:ed:ab:47:ac:b2:66:b1:5a:1c:69:83:68:75:
22:8a:50:66:22:8f:0b:6e:bb:9d:86:f7:01:88:a8:6c:70:c9:
76:e6:3d:50:60:ec:58:d7:db:c3:5b:f0:a8:12:33:75:41:87:
cd:65:15:14:7b:fd:ca:cb:c9:d0:1c:38:1e:5e:ae:88:5d:12:
1f:b2:f6:37:48:e8:ea:17:8d:17:5d:25:92:19:9f:04:e5:22:
c1:ec:55:df:d3:78:b9:2a:8d:a5:cc:bf:98:80:ae:27:e1:c9:
cc:a8:83:15
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICC6UwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MjIx
NDM4MjNaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDZCNjI2NDcyNDhBQjI4
MDA1RDdBMkM1OTMzQUU2Qjk0MDcwQjZERkYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDKd2qX5s/MCG0U/1bD2JVKlFqaQHDLqDQ5ewANTWGxxyrAVKli
SAQq99APJh6bIe9BlBJr/Jt8eh7lfWL1Q/0CQYvDPMbWcyX1Wrv6DNJVWz1KeBNj
FNE/uIys1n4+vnRXGn5bntkQJ6Knw3Cm+4QtFwqGvuQ1wtB1n18FJic5HcUnnW6u
5/85ay7LvF9xZZeNEQbpklITIUFCK/XDjf56zJS4gct/cI6KatHXkCde7/pujRox
BJXHWatLm8v6gbmXZqGG6wf2DJw7Jfev0kjA8BFC0stTfREwG8EeCIwmY9gTb3xu
G0f+NSvTFGXqcK2qTpZJUGdlLUC9n6gS+OxvAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUa2JkckirKABdeixZM65rlAcLbf8wHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9hMkprY2tpcktBQmRlaXha
TTY1cmxBY0xiZjgucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBAFsLdJFPc2DZsUbVVEEl6OHBr2T+nSUhd5eP
o6xP9RY599x4GKN1zMUTfKjiIVbGkrpmEHFeQTQLSE9pZR4ceS2NFs/Ix7hM0CSW
IuxpA3Bfm78aAnWtChZpQpM55+KjTfSZrz5Fz6s0loizqxZPPFScL/lktz1udQHa
KXqdCRYBXZaJ/YELR4erP3TPnwwO6kViKUDK7atHrLJmsVocaYNodSKKUGYijwtu
u52G9wGIqGxwyXbmPVBg7FjX28Nb8KgSM3VBh81lFRR7/crLydAcOB5erohdEh+y
9jdI6OoXjRddJZIZnwTlIsHsVd/TeLkqjaXMv5iArifhycyogxU=
-----END CERTIFICATE-----
Generated at Wed Jun 4 01:07:49 2025 by rpki-client