Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/kmK2O5qCnMbnK8ytCEuysSPvZwU.roa
File: kmK2O5qCnMbnK8ytCEuysSPvZwU.roa (raw, json)
Hash identifier: vPVX0qoIbO/EVPInBh9CNBo5uMfy+oehUjy093z3nWs=
Subject key identifier: 92:62:B6:3B:9A:82:9C:C6:E7:2B:CC:AD:08:4B:B2:B1:23:EF:67:05
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 20B1
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/kmK2O5qCnMbnK8ytCEuysSPvZwU.roa
Signing time: Fri 20 Jun 2025 01:40:10 +0000
ROA not before: Fri 20 Jun 2025 01:40:10 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8369 (0x20b1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 20 01:40:10 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=9262B63B9A829CC6E72BCCAD084BB2B123EF6705
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:49:9b:10:78:c1:4d:35:50:e6:9c:c8:bb:71:
d7:ce:de:f6:4b:a8:98:69:f9:80:fe:4d:a7:3c:a6:
07:8a:fc:c7:e3:8c:40:f4:38:dc:06:13:ce:6e:0c:
a0:2d:7f:fc:11:b1:29:af:d7:27:32:15:96:0b:fc:
43:e9:80:93:c4:cb:61:00:98:fd:4e:2f:9b:da:b0:
25:02:74:1f:1c:79:0b:de:32:68:d4:34:d3:25:86:
08:4a:e9:9e:24:a1:96:45:0e:ee:a1:b2:7c:60:50:
1b:a0:43:92:15:66:cc:6c:09:7c:23:a8:b5:89:f5:
cf:54:66:54:fc:53:dd:0a:da:c2:3b:ab:01:c3:9b:
e9:25:db:cc:25:31:c2:79:b7:64:aa:30:90:41:20:
11:77:4a:9d:a1:63:4d:1f:f4:0c:da:09:06:b4:93:
16:ae:7b:d4:b1:ec:90:32:12:5c:f7:a3:45:35:23:
99:12:a1:2b:56:f4:e8:fa:31:9f:b6:b2:08:6e:9f:
b9:11:9b:55:ad:06:56:ee:9c:ee:f7:c5:38:2c:bb:
ae:9d:72:97:0a:b7:35:4c:e8:be:13:a0:64:37:de:
32:f6:c4:40:7e:df:4e:3b:b4:00:e0:e2:cb:d7:2c:
ce:3f:70:74:c9:63:27:9f:2a:c8:c7:76:60:1f:60:
bd:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:62:B6:3B:9A:82:9C:C6:E7:2B:CC:AD:08:4B:B2:B1:23:EF:67:05
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/kmK2O5qCnMbnK8ytCEuysSPvZwU.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
06:88:c2:2e:4b:c7:9a:99:ea:0c:ed:71:21:07:2b:7c:32:99:
c7:12:87:a9:da:83:43:2f:08:8e:a9:d4:10:a7:4e:f5:7a:84:
7b:cd:6b:3e:c0:b8:50:37:0f:1c:32:8f:07:4d:5d:9f:45:6d:
10:0c:9d:5c:94:e5:a8:c2:3e:4a:73:0f:26:2a:bf:51:a5:05:
a2:06:2f:7e:3b:0f:59:d1:56:f9:9c:36:93:b3:94:7a:95:eb:
a3:63:ba:23:5c:a1:29:d3:0b:87:a9:75:35:16:12:16:6a:49:
6d:1d:da:c6:78:41:86:bc:01:1d:54:06:1f:4e:62:19:86:75:
62:5a:57:c3:6d:48:ce:d5:7f:0f:19:03:36:03:07:0f:d8:23:
6e:77:f1:63:d1:5f:27:0a:16:8c:77:2e:3e:ef:64:24:6a:72:
64:41:16:04:17:55:86:56:48:95:e2:ac:c7:0f:29:3c:2e:a5:
a9:d9:16:7b:f9:f0:5e:19:a2:59:36:b3:7b:7a:ae:e4:30:f0:
94:41:69:0a:79:c9:8d:24:4f:b8:88:8f:2e:2c:24:d0:22:9c:
64:a1:0e:3c:51:51:30:74:c1:d1:bd:89:2f:61:5b:2e:a8:b6:
6e:be:68:15:04:f8:ed:f0:3e:9e:53:f3:81:9d:5c:e6:a8:c3:
f5:b4:6f:22
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICILEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MjAw
MTQwMTBaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDkyNjJCNjNCOUE4MjlD
QzZFNzJCQ0NBRDA4NEJCMkIxMjNFRjY3MDUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC/SZsQeMFNNVDmnMi7cdfO3vZLqJhp+YD+Tac8pgeK/MfjjED0
ONwGE85uDKAtf/wRsSmv1ycyFZYL/EPpgJPEy2EAmP1OL5vasCUCdB8ceQveMmjU
NNMlhghK6Z4koZZFDu6hsnxgUBugQ5IVZsxsCXwjqLWJ9c9UZlT8U90K2sI7qwHD
m+kl28wlMcJ5t2SqMJBBIBF3Sp2hY00f9AzaCQa0kxaue9Sx7JAyElz3o0U1I5kS
oStW9Oj6MZ+2sghun7kRm1WtBlbunO73xTgsu66dcpcKtzVM6L4ToGQ33jL2xEB+
3047tADg4svXLM4/cHTJYyefKsjHdmAfYL2RAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUkmK2O5qCnMbnK8ytCEuysSPvZwUwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9rbUsyTzVxQ25NYm5LOHl0
Q0V1eXNTUHZad1Uucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBAAaIwi5Lx5qZ6gztcSEHK3wymccSh6nag0Mv
CI6p1BCnTvV6hHvNaz7AuFA3DxwyjwdNXZ9FbRAMnVyU5ajCPkpzDyYqv1GlBaIG
L347D1nRVvmcNpOzlHqV66NjuiNcoSnTC4epdTUWEhZqSW0d2sZ4QYa8AR1UBh9O
YhmGdWJaV8NtSM7Vfw8ZAzYDBw/YI2538WPRXycKFox3Lj7vZCRqcmRBFgQXVYZW
SJXirMcPKTwupanZFnv58F4Zolk2s3t6ruQw8JRBaQp5yY0kT7iIjy4sJNAinGSh
DjxRUTB0wdG9iS9hWy6otm6+aBUE+O3wPp5T84GdXOaow/W0byI=
-----END CERTIFICATE-----
Generated at Sun Jul 20 12:51:18 2025 by rpki-client