Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/iqCGyaLbllW_Mj3gcf5yzO03i2I.roa
File: iqCGyaLbllW_Mj3gcf5yzO03i2I.roa (raw, json)
Hash identifier: QBHosrHH1mTFhb5hztHtZ0Z82d845d6QnRTui81uvsk=
Subject key identifier: 8A:A0:86:C9:A2:DB:96:55:BF:32:3D:E0:71:FE:72:CC:ED:37:8B:62
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 1DF5
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/iqCGyaLbllW_Mj3gcf5yzO03i2I.roa
Signing time: Mon 16 Jun 2025 00:40:23 +0000
ROA not before: Mon 16 Jun 2025 00:40:23 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7669 (0x1df5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 16 00:40:23 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=8AA086C9A2DB9655BF323DE071FE72CCED378B62
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:ea:5f:71:a8:92:71:bd:c8:d6:57:0e:fb:31:
d5:7a:a1:12:f8:07:f8:9f:b1:1b:f3:54:fa:25:a7:
8f:5c:fc:ae:09:eb:d2:da:a5:59:df:22:bd:2f:37:
52:7f:21:f2:62:77:ac:38:38:3a:57:54:c9:68:68:
d2:31:d4:a4:cd:ee:ae:3b:29:ff:95:7a:c7:e7:08:
b7:0e:19:74:5f:1f:a7:23:b5:5c:2f:b4:9b:f8:db:
db:e2:1a:f1:82:4a:ad:1d:78:26:47:9e:27:8a:6a:
c3:e4:d3:dd:fe:d5:15:ac:9d:da:ba:09:51:91:98:
03:ea:46:d8:90:1e:00:84:38:34:97:f9:60:bc:74:
c4:d0:98:43:f9:fa:58:c0:d0:e0:2c:5f:1c:49:9d:
5e:c4:96:a2:33:09:54:0b:ef:d8:62:4a:98:ff:5f:
8a:03:a8:7b:e3:44:de:c2:95:66:8b:08:25:f6:14:
bf:4e:58:59:43:f5:a2:42:71:79:98:d6:2e:28:00:
ee:23:e8:bf:b6:14:b5:15:7d:7a:60:56:02:dd:73:
7a:5f:d8:5e:39:dd:bf:8c:25:c1:7d:86:55:4c:12:
14:1e:57:ad:96:55:a6:b6:2c:50:5a:79:d1:4b:38:
45:ed:9f:6b:a3:94:cf:d3:5c:23:e6:6f:ae:5d:2b:
68:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:A0:86:C9:A2:DB:96:55:BF:32:3D:E0:71:FE:72:CC:ED:37:8B:62
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/iqCGyaLbllW_Mj3gcf5yzO03i2I.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
8f:c7:c0:f3:ed:1c:d9:21:78:c7:b5:02:ab:da:e9:1e:8d:a5:
31:ed:d0:dd:13:ec:08:c1:81:23:0d:98:9f:54:cd:d0:d0:93:
92:ab:82:ad:4a:0f:d4:20:d0:c7:26:e5:5e:a6:e2:54:85:df:
11:70:17:2e:9f:58:6c:d8:25:e8:de:e2:71:53:93:16:fd:aa:
9a:51:e9:e5:ca:a7:33:b6:02:3b:23:44:5c:c2:92:57:98:8a:
ad:d1:68:cd:e2:0e:81:19:61:e5:cc:5e:70:3d:5b:e0:81:ef:
89:ac:77:81:cc:27:04:68:67:88:5e:05:58:1a:9b:aa:ee:7e:
94:00:62:98:ee:ce:55:f2:67:10:c1:21:c9:96:7e:e5:c9:89:
15:94:2e:9c:3c:e4:31:14:58:e8:76:bc:e1:0e:f5:2a:49:5b:
93:9a:a4:1a:e0:b0:41:5c:27:f7:eb:71:a9:91:7a:71:5a:d0:
fc:cd:89:fe:45:60:6b:27:b3:2d:7e:05:e4:54:ad:3c:c4:72:
d9:62:77:67:60:ca:50:ec:ac:8f:36:9b:6e:4a:22:99:a8:e0:
20:39:4d:73:f8:a2:fa:90:b4:7f:c6:ad:50:df:72:9b:af:07:
9f:87:2d:eb:e9:32:a1:c4:46:a3:ed:c3:a5:3d:82:6f:ea:7a:
3b:14:92:47
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICHfUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MTYw
MDQwMjNaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDhBQTA4NkM5QTJEQjk2
NTVCRjMyM0RFMDcxRkU3MkNDRUQzNzhCNjIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCy6l9xqJJxvcjWVw77MdV6oRL4B/ifsRvzVPolp49c/K4J69La
pVnfIr0vN1J/IfJid6w4ODpXVMloaNIx1KTN7q47Kf+VesfnCLcOGXRfH6cjtVwv
tJv429viGvGCSq0deCZHnieKasPk093+1RWsndq6CVGRmAPqRtiQHgCEODSX+WC8
dMTQmEP5+ljA0OAsXxxJnV7ElqIzCVQL79hiSpj/X4oDqHvjRN7ClWaLCCX2FL9O
WFlD9aJCcXmY1i4oAO4j6L+2FLUVfXpgVgLdc3pf2F453b+MJcF9hlVMEhQeV62W
Vaa2LFBaedFLOEXtn2ujlM/TXCPmb65dK2jNAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUiqCGyaLbllW/Mj3gcf5yzO03i2IwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9pcUNHeWFMYmxsV19NajNn
Y2Y1eXpPMDNpMkkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBAI/HwPPtHNkheMe1Aqva6R6NpTHt0N0T7AjB
gSMNmJ9UzdDQk5Krgq1KD9Qg0Mcm5V6m4lSF3xFwFy6fWGzYJeje4nFTkxb9qppR
6eXKpzO2AjsjRFzCkleYiq3RaM3iDoEZYeXMXnA9W+CB74msd4HMJwRoZ4heBVga
m6rufpQAYpjuzlXyZxDBIcmWfuXJiRWULpw85DEUWOh2vOEO9SpJW5OapBrgsEFc
J/frcamRenFa0PzNif5FYGsnsy1+BeRUrTzEctlid2dgylDsrI82m25KIpmo4CA5
TXP4ovqQtH/GrVDfcpuvB5+HLevpMqHERqPtw6U9gm/qejsUkkc=
-----END CERTIFICATE-----
Generated at Sun Jul 20 12:54:39 2025 by rpki-client