Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/h5aX8NANe9qUPEDEcTnnpRA7hFo.roa
File: h5aX8NANe9qUPEDEcTnnpRA7hFo.roa (raw, json)
Hash identifier: ALDSDN4FF+7JFQhgz+c0qad75JR/2zmQXZmiVgZbZjM=
Subject key identifier: 87:96:97:F0:D0:0D:7B:DA:94:3C:40:C4:71:39:E7:A5:10:3B:84:5A
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 20E1
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/h5aX8NANe9qUPEDEcTnnpRA7hFo.roa
Signing time: Fri 20 Jun 2025 09:56:12 +0000
ROA not before: Fri 20 Jun 2025 09:56:12 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8417 (0x20e1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 20 09:56:12 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=879697F0D00D7BDA943C40C47139E7A5103B845A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:89:6d:7b:fd:32:b2:e2:6e:5f:3c:9a:be:50:
ce:35:ac:12:1c:5c:e9:67:50:4a:27:18:18:a9:d7:
38:0f:8c:76:f4:40:55:ab:14:cd:f8:d1:dd:eb:89:
1b:00:68:bf:ce:54:57:03:45:e5:5b:78:ff:c2:1f:
6f:6b:5f:ee:56:6c:8b:2b:d7:b3:b6:e6:32:15:d6:
77:a9:b8:b8:8c:43:f6:57:a4:9e:04:1c:ba:60:68:
49:b7:a2:f2:62:f0:3b:4d:c4:f9:33:a6:5f:a6:0e:
da:b5:04:fd:5d:ad:b0:24:a3:54:5d:3f:40:73:7f:
ba:cb:b2:70:b0:a0:5e:df:e0:f1:02:2a:22:91:96:
ee:06:92:33:7b:97:16:b3:b8:04:79:ad:2e:31:57:
f6:f0:13:8d:ad:c5:17:16:df:13:a5:54:64:51:d2:
9e:aa:d3:47:58:cc:12:2a:2a:8d:7f:19:07:32:91:
b8:a3:aa:a0:39:f3:eb:d7:fc:aa:a0:75:86:18:83:
ac:ef:d3:13:51:a9:31:0c:8f:db:90:c8:26:4c:b4:
4c:17:5d:35:f2:4c:1e:be:be:c7:f8:1c:9d:af:48:
3c:b9:a7:35:7d:54:08:45:53:a0:49:e6:75:0f:a8:
a1:a4:c5:fc:60:0d:7c:08:69:91:d4:87:dc:54:32:
04:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:96:97:F0:D0:0D:7B:DA:94:3C:40:C4:71:39:E7:A5:10:3B:84:5A
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/h5aX8NANe9qUPEDEcTnnpRA7hFo.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
59:98:f6:3e:0a:bf:5b:fe:b8:a2:4e:8e:5e:12:93:aa:87:88:
20:18:ca:ea:59:41:c2:cb:af:d0:41:fc:e8:87:80:27:07:1f:
17:be:00:31:af:22:8e:eb:0c:6e:3a:01:12:86:03:da:1c:02:
25:2a:fc:03:07:78:c7:78:bf:b3:e4:75:d5:da:91:43:a3:3c:
64:dd:5a:11:06:d9:8d:23:df:4c:fb:b5:a3:27:73:62:02:b0:
e6:09:f5:04:d2:76:0f:96:64:ea:6a:e0:11:53:6b:8e:f4:66:
4a:d5:38:8d:33:9e:68:56:df:e0:36:51:da:4e:c1:94:3f:fa:
99:ff:0c:a6:92:9d:34:e7:a0:d6:0a:59:9c:61:60:38:5e:ae:
b1:15:9f:ff:7e:22:0a:71:f4:4f:b1:ce:4a:18:fb:6b:9f:b1:
26:34:ed:f5:aa:76:3f:2f:73:a4:87:a4:a5:5b:e7:e6:3e:9c:
4a:d9:19:9d:02:e8:75:7b:7f:5d:db:86:7b:9c:b8:44:aa:4d:
b0:6e:bb:37:b2:07:19:3f:66:4b:48:ce:29:00:09:cd:fa:ec:
00:f2:96:d8:77:c6:c6:ad:4f:32:2f:b7:56:e6:7e:7e:d9:aa:
1c:d7:cb:ab:71:69:12:a3:93:7f:f1:7f:dc:e7:bd:fd:c3:db:
f8:2d:1e:0f
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICIOEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MjAw
OTU2MTJaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDg3OTY5N0YwRDAwRDdC
REE5NDNDNDBDNDcxMzlFN0E1MTAzQjg0NUEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCmiW17/TKy4m5fPJq+UM41rBIcXOlnUEonGBip1zgPjHb0QFWr
FM340d3riRsAaL/OVFcDReVbeP/CH29rX+5WbIsr17O25jIV1nepuLiMQ/ZXpJ4E
HLpgaEm3ovJi8DtNxPkzpl+mDtq1BP1drbAko1RdP0Bzf7rLsnCwoF7f4PECKiKR
lu4GkjN7lxazuAR5rS4xV/bwE42txRcW3xOlVGRR0p6q00dYzBIqKo1/GQcykbij
qqA58+vX/KqgdYYYg6zv0xNRqTEMj9uQyCZMtEwXXTXyTB6+vsf4HJ2vSDy5pzV9
VAhFU6BJ5nUPqKGkxfxgDXwIaZHUh9xUMgT3AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUh5aX8NANe9qUPEDEcTnnpRA7hFowHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9oNWFYOE5BTmU5cVVQRURF
Y1RubnBSQTdoRm8ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBAFmY9j4Kv1v+uKJOjl4Sk6qHiCAYyupZQcLL
r9BB/OiHgCcHHxe+ADGvIo7rDG46ARKGA9ocAiUq/AMHeMd4v7PkddXakUOjPGTd
WhEG2Y0j30z7taMnc2ICsOYJ9QTSdg+WZOpq4BFTa470ZkrVOI0znmhW3+A2UdpO
wZQ/+pn/DKaSnTTnoNYKWZxhYDherrEVn/9+Igpx9E+xzkoY+2ufsSY07fWqdj8v
c6SHpKVb5+Y+nErZGZ0C6HV7f13bhnucuESqTbBuuzeyBxk/ZktIzikACc367ADy
lth3xsatTzIvt1bmfn7ZqhzXy6txaRKjk3/xf9znvf3D2/gtHg8=
-----END CERTIFICATE-----
Generated at Sun Jul 20 12:57:41 2025 by rpki-client