Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/kfsWGDIWZd1vQji4Q27Nz-gYGks.roa
File: kfsWGDIWZd1vQji4Q27Nz-gYGks.roa (raw, json)
Hash identifier: inEgw0co81xg/Xm9EE9xaNen6IYyjBYI4XHXdBSKKgw=
Subject key identifier: 91:FB:16:18:32:16:65:DD:6F:42:38:B8:43:6E:CD:CF:E8:18:1A:4B
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 1EDD
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/kfsWGDIWZd1vQji4Q27Nz-gYGks.roa
Signing time: Tue 17 Jun 2025 05:40:03 +0000
ROA not before: Tue 17 Jun 2025 05:40:03 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7901 (0x1edd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 17 05:40:03 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=91FB1618321665DD6F4238B8436ECDCFE8181A4B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:09:76:ff:5e:ed:60:1c:dc:2f:ac:37:38:60:
02:b6:01:f9:aa:3b:2a:2a:cc:5e:6b:9e:69:1b:0e:
2c:0f:39:fa:73:c4:ae:dd:f9:41:75:26:e2:6e:bc:
61:7e:d8:03:63:4e:4b:cd:12:32:2f:53:68:6c:e3:
b1:9f:35:02:2e:3c:14:94:ad:de:6c:34:c3:cf:c2:
fd:0d:ee:99:17:d1:69:8d:65:72:c4:f5:d1:4c:75:
e1:a3:7b:5e:32:c5:df:27:6f:4d:f1:96:22:07:78:
21:e4:0f:87:ca:c5:9a:36:64:db:0a:a6:d6:93:20:
65:35:6a:9a:a2:24:13:cc:e0:cc:c4:28:53:4c:66:
c1:c9:cf:3f:ba:ad:ac:d9:18:cf:01:27:89:46:a8:
c6:3f:9e:01:a6:bb:21:07:5b:93:8e:c9:2e:1d:14:
66:7d:30:b2:eb:c5:42:23:17:a3:c0:7e:dd:fd:cf:
7c:ca:05:82:63:ec:74:a4:83:94:bf:1a:5c:a9:a7:
2a:a0:bc:11:9c:d8:4a:5f:a7:59:6e:7f:58:a0:9f:
c5:3f:22:2e:b1:7c:01:c2:a5:72:79:a3:29:66:a1:
f7:bd:c0:8d:bb:f9:36:5f:45:66:1e:32:ca:12:75:
5f:f6:b1:d4:b5:12:52:9d:81:b5:04:bd:8e:21:fd:
be:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:FB:16:18:32:16:65:DD:6F:42:38:B8:43:6E:CD:CF:E8:18:1A:4B
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/kfsWGDIWZd1vQji4Q27Nz-gYGks.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
09:83:dd:e2:aa:b8:24:9b:80:6d:88:44:10:aa:95:2b:d9:7b:
05:25:6f:b7:ee:69:84:80:35:b3:ea:e3:96:57:90:ab:24:68:
62:8f:fa:c9:36:bf:dd:0c:3d:e9:6c:c9:70:af:88:ae:41:86:
04:eb:58:02:ff:d9:0a:87:b3:23:5e:86:0e:c0:b3:67:8a:76:
de:7b:11:0d:cb:a0:d7:f2:e5:08:e8:d0:24:14:73:28:0b:8a:
42:3d:78:c7:e1:cb:c3:05:a2:02:c9:b2:31:65:96:c9:46:6b:
60:c7:c5:d8:56:c5:fe:65:48:0b:96:cd:e6:46:8e:c3:95:7e:
69:81:9d:e1:28:69:f3:a2:76:33:d3:ec:45:39:2b:fd:46:db:
a8:ce:b1:e1:cb:69:8e:44:eb:5e:cd:95:a0:ee:3d:57:9f:3c:
e7:c9:f7:1c:0c:c6:82:8a:77:92:c5:55:70:7d:cf:54:e2:a0:
02:82:3e:f2:19:10:a9:12:db:72:b2:e6:bc:d4:26:5d:87:2d:
99:72:21:4a:71:68:18:45:26:93:4b:ac:ba:90:ef:0c:a0:6f:
b7:bd:e0:30:de:9d:80:03:6f:8e:1f:04:18:9a:7e:a9:0f:2b:
79:f3:4a:c5:99:26:64:41:f7:dc:3c:68:a1:38:bf:72:90:05:
19:91:c4:68
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICHt0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MTcw
NTQwMDNaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDkxRkIxNjE4MzIxNjY1
REQ2RjQyMzhCODQzNkVDRENGRTgxODFBNEIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDGCXb/Xu1gHNwvrDc4YAK2AfmqOyoqzF5rnmkbDiwPOfpzxK7d
+UF1JuJuvGF+2ANjTkvNEjIvU2hs47GfNQIuPBSUrd5sNMPPwv0N7pkX0WmNZXLE
9dFMdeGje14yxd8nb03xliIHeCHkD4fKxZo2ZNsKptaTIGU1apqiJBPM4MzEKFNM
ZsHJzz+6razZGM8BJ4lGqMY/ngGmuyEHW5OOyS4dFGZ9MLLrxUIjF6PAft39z3zK
BYJj7HSkg5S/GlyppyqgvBGc2Epfp1luf1ign8U/Ii6xfAHCpXJ5oylmofe9wI27
+TZfRWYeMsoSdV/2sdS1ElKdgbUEvY4h/b5VAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUkfsWGDIWZd1vQji4Q27Nz+gYGkswHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9rZnNXR0RJV1pkMXZRamk0
UTI3TnotZ1lHa3Mucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBAAmD3eKquCSbgG2IRBCqlSvZewUlb7fuaYSA
NbPq45ZXkKskaGKP+sk2v90MPelsyXCviK5BhgTrWAL/2QqHsyNehg7As2eKdt57
EQ3LoNfy5Qjo0CQUcygLikI9eMfhy8MFogLJsjFllslGa2DHxdhWxf5lSAuWzeZG
jsOVfmmBneEoafOidjPT7EU5K/1G26jOseHLaY5E617NlaDuPVefPOfJ9xwMxoKK
d5LFVXB9z1TioAKCPvIZEKkS23Ky5rzUJl2HLZlyIUpxaBhFJpNLrLqQ7wygb7e9
4DDenYADb44fBBiafqkPK3nzSsWZJmRB99w8aKE4v3KQBRmRxGg=
-----END CERTIFICATE-----
Generated at Sun Jul 20 12:33:59 2025 by rpki-client