Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/nCwQWZQdmX1bqSky02RGbeMia_o.roa
File: nCwQWZQdmX1bqSky02RGbeMia_o.roa (raw, json)
Hash identifier: 8t0G2Cln20Fk//Ogsn7dms7WilCAPIPADc2ZYrCBtI0=
Subject key identifier: 9C:2C:10:59:94:1D:99:7D:5B:A9:29:32:D3:64:46:6D:E3:22:6B:FA
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 1D9D
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/nCwQWZQdmX1bqSky02RGbeMia_o.roa
Signing time: Sun 15 Jun 2025 13:40:01 +0000
ROA not before: Sun 15 Jun 2025 13:40:01 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7581 (0x1d9d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 15 13:40:01 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=9C2C1059941D997D5BA92932D364466DE3226BFA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:fe:07:71:5e:5d:ec:d9:ed:74:46:f0:ad:64:
21:10:d5:31:8e:3a:71:94:6d:f8:b8:22:3b:f7:29:
ef:23:df:02:31:76:88:a5:c0:53:b8:49:02:21:50:
c7:91:a0:ff:2d:02:30:9c:a4:d6:28:96:60:c0:45:
b7:34:c0:53:28:4a:07:94:50:c3:7c:2c:2c:72:82:
75:c2:93:e9:c1:27:5c:e0:c6:fe:4b:20:94:20:23:
e3:56:1e:cf:98:d7:cc:bf:46:9e:cd:b1:66:f1:e8:
f8:80:77:b4:c9:7a:11:ef:dc:11:15:0d:55:fa:1f:
15:e4:c4:cb:16:7c:ed:99:d5:e8:c6:f4:1c:e0:fd:
f7:d7:9a:2e:47:41:7b:06:ee:85:98:a5:2e:cd:cb:
48:1c:02:44:4c:41:84:2c:81:46:12:ef:e2:32:64:
da:3f:7e:24:18:9b:b3:c4:93:ec:eb:95:63:2b:78:
03:21:d6:4b:0c:ec:a6:82:11:25:e8:d9:37:9d:f9:
ed:91:1e:63:e7:c5:83:00:02:fe:70:de:e0:e0:2a:
a9:9d:b2:22:3d:c2:bc:7a:5f:9c:1c:a5:8b:99:fe:
40:08:fa:e7:28:db:df:b2:34:8b:8a:a3:22:84:e3:
cc:c5:2c:7b:a5:95:ac:12:07:b3:3b:81:d3:5d:ce:
39:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:2C:10:59:94:1D:99:7D:5B:A9:29:32:D3:64:46:6D:E3:22:6B:FA
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/nCwQWZQdmX1bqSky02RGbeMia_o.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
55:5e:6d:3d:7c:ee:4f:6a:89:61:a0:5d:e6:a3:44:ad:3e:f9:
b5:3d:c5:b5:dd:95:a5:68:0e:6a:c4:e7:8b:2c:b7:3c:bc:2b:
c2:8a:77:42:94:a7:52:5f:e2:60:eb:c3:23:4f:69:7f:8c:00:
1e:57:8e:08:16:43:4d:4f:22:45:c4:f1:36:95:9b:6d:56:38:
85:de:24:34:49:2a:db:e6:83:a1:44:92:c3:0f:77:88:d1:c9:
04:1d:cd:39:20:2a:6a:1a:1d:83:b0:d9:77:43:96:8d:bf:2a:
30:c0:31:cd:90:2d:b2:01:b4:ed:17:9d:42:2c:ce:b1:9f:3e:
f1:b6:6e:84:43:3b:79:e9:49:f8:aa:25:64:d2:cb:8e:c4:c9:
54:1c:32:be:8b:4c:a2:4f:cb:0c:27:2b:c2:e1:35:ff:74:16:
08:a0:22:1e:8d:48:e3:f1:5f:0c:9a:45:ec:a4:05:65:51:e9:
3f:18:ee:fa:bd:b8:6b:50:44:39:5d:44:e1:69:0a:4d:b7:be:
7d:0a:ea:15:59:a1:49:3a:d1:d3:53:fd:66:60:24:d6:8d:2f:
fa:bb:c0:91:1b:9b:2a:21:d0:e2:ee:96:45:b7:2f:77:66:9d:
a8:5f:27:e4:eb:88:15:a6:41:9e:44:ea:ca:39:cd:a8:35:2e:
d2:36:49:df
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICHZ0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MTUx
MzQwMDFaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDlDMkMxMDU5OTQxRDk5
N0Q1QkE5MjkzMkQzNjQ0NjZERTMyMjZCRkEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDX/gdxXl3s2e10RvCtZCEQ1TGOOnGUbfi4Ijv3Ke8j3wIxdoil
wFO4SQIhUMeRoP8tAjCcpNYolmDARbc0wFMoSgeUUMN8LCxygnXCk+nBJ1zgxv5L
IJQgI+NWHs+Y18y/Rp7NsWbx6PiAd7TJehHv3BEVDVX6HxXkxMsWfO2Z1ejG9Bzg
/ffXmi5HQXsG7oWYpS7Ny0gcAkRMQYQsgUYS7+IyZNo/fiQYm7PEk+zrlWMreAMh
1ksM7KaCESXo2Ted+e2RHmPnxYMAAv5w3uDgKqmdsiI9wrx6X5wcpYuZ/kAI+uco
29+yNIuKoyKE48zFLHullawSB7M7gdNdzjmxAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUnCwQWZQdmX1bqSky02RGbeMia/owHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9uQ3dRV1pRZG1YMWJxU2t5
MDJSR2JlTWlhX28ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBAFVebT187k9qiWGgXeajRK0++bU9xbXdlaVo
DmrE54sstzy8K8KKd0KUp1Jf4mDrwyNPaX+MAB5XjggWQ01PIkXE8TaVm21WOIXe
JDRJKtvmg6FEksMPd4jRyQQdzTkgKmoaHYOw2XdDlo2/KjDAMc2QLbIBtO0XnUIs
zrGfPvG2boRDO3npSfiqJWTSy47EyVQcMr6LTKJPywwnK8LhNf90FgigIh6NSOPx
XwyaReykBWVR6T8Y7vq9uGtQRDldROFpCk23vn0K6hVZoUk60dNT/WZgJNaNL/q7
wJEbmyoh0OLulkW3L3dmnahfJ+TriBWmQZ5E6so5zag1LtI2Sd8=
-----END CERTIFICATE-----
Generated at Sun Jul 20 12:44:15 2025 by rpki-client