Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/b_Rnl76PWCitXl74esEMiwX7MUo.roa
File: b_Rnl76PWCitXl74esEMiwX7MUo.roa (raw, json)
Hash identifier: rkrdC4LF7zrDF4Sm4i/WqOdvuFLcIY+aOUDYiuAZXQ4=
Subject key identifier: 6F:F4:67:97:BE:8F:58:28:AD:5E:5E:F8:7A:C1:0C:8B:05:FB:31:4A
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 21B1
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/b_Rnl76PWCitXl74esEMiwX7MUo.roa
Signing time: Sat 21 Jun 2025 11:41:46 +0000
ROA not before: Sat 21 Jun 2025 11:41:46 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8625 (0x21b1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 21 11:41:46 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=6FF46797BE8F5828AD5E5EF87AC10C8B05FB314A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:44:ef:19:f6:fb:f0:89:16:bf:b0:3a:df:29:
98:52:22:ce:a3:de:be:73:f9:3c:cc:c1:fb:e2:2d:
a1:16:a2:1a:a0:16:2a:21:28:3c:cd:c5:b4:e2:8d:
99:c1:a6:6a:dc:35:86:38:4c:39:ec:21:26:11:fb:
ac:36:da:ec:49:d6:4a:f6:30:40:98:97:a7:e6:03:
99:b0:67:b3:ed:38:db:6a:2c:c6:62:aa:5e:31:e4:
51:58:db:7f:4b:94:04:c4:4e:ec:92:d1:ec:3d:45:
ce:bf:36:be:30:48:10:24:77:d2:e8:79:e6:5c:8f:
cb:49:17:c3:55:3f:1d:56:2a:a9:5a:4b:34:59:56:
9b:36:ed:d1:3e:f6:bf:68:9b:84:38:d8:aa:c2:78:
db:31:41:40:52:47:5e:b3:22:1a:f9:5d:1c:74:b2:
10:bc:ef:f1:ed:85:30:8e:81:3d:80:8f:c2:09:7d:
9d:0b:1a:07:9b:dd:f2:2c:50:7f:07:6e:3c:15:01:
f5:53:76:01:ea:1c:30:ce:96:86:cc:89:85:16:67:
2a:af:1f:50:f9:77:d5:69:c2:00:4c:6f:04:47:75:
22:43:00:bd:46:8e:92:90:c6:c0:b3:03:af:43:d2:
0a:e3:86:60:e2:1f:ae:ad:5a:a3:4b:1e:ce:e2:f5:
b2:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:F4:67:97:BE:8F:58:28:AD:5E:5E:F8:7A:C1:0C:8B:05:FB:31:4A
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/b_Rnl76PWCitXl74esEMiwX7MUo.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
89:d3:0b:34:8d:65:ae:76:55:3f:4f:82:1d:d2:2c:c4:be:11:
f7:ef:d0:99:e5:06:79:bc:0c:4c:ae:cf:47:5a:a1:95:cc:3b:
79:a5:51:ac:3b:45:b9:59:bb:b1:75:8e:0d:ac:ff:e5:68:5b:
3f:c0:1f:47:28:ab:db:35:b2:df:e5:3e:d2:ca:0e:d5:a9:7b:
29:47:88:e9:20:00:67:b9:08:fc:11:dc:2a:12:34:94:ad:16:
93:9f:24:bf:07:f5:90:2e:ba:61:55:7f:2b:1a:b9:6b:7b:48:
0f:60:3e:49:12:6a:c5:b4:c1:28:a0:e1:13:96:d6:11:a2:ce:
ba:8d:f1:a5:f7:dd:07:54:56:1d:e2:71:7f:62:7c:d3:5a:e6:
e9:d5:20:8e:22:01:60:69:66:c7:02:00:a9:86:13:3d:15:60:
ac:23:1b:98:5e:91:bd:e6:f9:be:17:47:f4:d7:f0:72:7e:8b:
0d:e2:e3:0d:ea:48:a0:32:f8:d4:4a:f9:85:82:5b:a3:f2:ae:
47:f5:0f:0c:67:fc:28:07:ef:c6:bd:1a:64:7c:87:ad:5c:8f:
a0:e7:4a:74:c3:35:14:8f:d7:96:7c:65:e8:8b:4e:7d:d2:ef:
30:bd:5b:45:94:0b:31:58:3f:5d:d6:fc:26:88:4e:de:20:c1:
84:38:de:d1
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICIbEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MjEx
MTQxNDZaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDZGRjQ2Nzk3QkU4RjU4
MjhBRDVFNUVGODdBQzEwQzhCMDVGQjMxNEEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCkRO8Z9vvwiRa/sDrfKZhSIs6j3r5z+TzMwfviLaEWohqgFioh
KDzNxbTijZnBpmrcNYY4TDnsISYR+6w22uxJ1kr2MECYl6fmA5mwZ7PtONtqLMZi
ql4x5FFY239LlATETuyS0ew9Rc6/Nr4wSBAkd9LoeeZcj8tJF8NVPx1WKqlaSzRZ
Vps27dE+9r9om4Q42KrCeNsxQUBSR16zIhr5XRx0shC87/HthTCOgT2Aj8IJfZ0L
Ggeb3fIsUH8HbjwVAfVTdgHqHDDOlobMiYUWZyqvH1D5d9VpwgBMbwRHdSJDAL1G
jpKQxsCzA69D0grjhmDiH66tWqNLHs7i9bKpAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUb/Rnl76PWCitXl74esEMiwX7MUowHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9iX1JubDc2UFdDaXRYbDc0
ZXNFTWl3WDdNVW8ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBAInTCzSNZa52VT9Pgh3SLMS+Effv0JnlBnm8
DEyuz0daoZXMO3mlUaw7RblZu7F1jg2s/+VoWz/AH0coq9s1st/lPtLKDtWpeylH
iOkgAGe5CPwR3CoSNJStFpOfJL8H9ZAuumFVfysauWt7SA9gPkkSasW0wSig4ROW
1hGizrqN8aX33QdUVh3icX9ifNNa5unVII4iAWBpZscCAKmGEz0VYKwjG5hekb3m
+b4XR/TX8HJ+iw3i4w3qSKAy+NRK+YWCW6Pyrkf1Dwxn/CgH78a9GmR8h61cj6Dn
SnTDNRSP15Z8ZeiLTn3S7zC9W0WUCzFYP13W/CaITt4gwYQ43tE=
-----END CERTIFICATE-----
Generated at Sun Jul 20 12:39:13 2025 by rpki-client