Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/p1LjrhSLGPu-7NjgLc2HdhyFTFU.roa
File: p1LjrhSLGPu-7NjgLc2HdhyFTFU.roa (raw, json)
Hash identifier: XoW5KdLd6ZzFNZ1msdvZ3bL4jRYJAr4hk/ZIitFhmrg=
Subject key identifier: A7:52:E3:AE:14:8B:18:FB:BE:EC:D8:E0:2D:CD:87:76:1C:85:4C:55
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 1E35
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/p1LjrhSLGPu-7NjgLc2HdhyFTFU.roa
Signing time: Mon 16 Jun 2025 08:40:00 +0000
ROA not before: Mon 16 Jun 2025 08:40:00 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7733 (0x1e35)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 16 08:40:00 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=A752E3AE148B18FBBEECD8E02DCD87761C854C55
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:75:b0:9f:36:09:2f:9b:fa:67:1d:ff:7e:a6:
6f:ac:35:a2:d0:7f:89:64:df:fa:c5:ef:42:26:ea:
38:9e:a0:ac:17:32:94:d9:4a:a5:31:49:8d:ee:7e:
6c:86:dc:4b:6b:7a:be:80:4c:51:56:0e:ff:42:90:
4d:7e:1b:04:f3:8c:10:60:9a:fb:6c:78:dd:4b:81:
cd:98:bf:1a:85:2c:5e:22:3d:bb:6e:f6:1a:36:41:
9a:67:38:94:1e:b7:95:2d:0f:08:7a:93:bd:78:47:
93:95:84:6a:d0:a2:ff:eb:86:64:dd:7b:b2:79:1f:
13:3f:4c:f7:ed:dd:d4:85:48:1a:f6:f6:7b:4a:3a:
3c:b6:d0:c8:cc:77:d7:12:f0:d1:54:40:a3:66:79:
70:1c:87:1e:32:e3:8f:6e:22:0a:cd:37:a0:b7:7c:
d9:ca:26:32:52:f8:9e:5d:fc:e2:3a:64:a8:dc:5f:
f7:69:61:7f:c3:5e:7c:c6:a3:bd:ca:19:76:22:f3:
f8:23:c6:ea:2d:7d:d7:83:58:65:8b:55:61:de:fe:
8a:7e:8b:c3:59:c9:a8:52:44:72:2a:6c:b1:b6:0a:
18:48:65:59:4a:ba:b6:de:80:54:0c:ab:ce:16:ab:
25:60:ca:22:14:45:92:3c:08:14:c6:7f:0f:bc:9d:
93:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:52:E3:AE:14:8B:18:FB:BE:EC:D8:E0:2D:CD:87:76:1C:85:4C:55
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/p1LjrhSLGPu-7NjgLc2HdhyFTFU.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
30:0b:06:20:78:6a:21:66:72:b2:09:1f:b4:06:75:33:71:a1:
da:df:1f:9e:e2:74:87:08:66:6b:aa:c5:35:b5:59:e8:13:64:
67:c5:17:45:6a:bb:c0:80:9c:fc:aa:a6:ce:6e:91:b6:5f:39:
60:03:a5:14:00:93:50:33:cd:c7:06:12:67:89:64:5f:e4:65:
56:8a:36:98:bc:cf:36:00:80:e5:dc:66:f2:55:e0:c6:41:6f:
4e:89:38:1f:0d:25:fd:1d:8e:60:44:ea:96:18:f5:30:58:ac:
ea:6d:4b:e3:0f:8a:99:c4:2b:0f:27:db:e4:8b:1e:21:69:bf:
04:47:37:b5:77:fc:6d:35:40:29:d9:4b:50:84:71:e1:ab:9e:
f1:79:4d:83:b0:80:cd:4c:07:57:a9:f1:2b:d1:e7:c2:d5:f0:
df:8b:fb:ea:09:ef:a1:91:c5:8e:90:ce:3d:dc:a8:6e:05:bf:
26:5b:34:17:13:d8:71:e9:fe:d0:f4:50:04:6d:72:f1:a8:e2:
8c:89:1f:8e:55:d0:78:1b:da:1c:d2:13:7d:51:2c:2c:6f:82:
19:e4:1c:6b:b5:cb:da:ac:c3:8f:78:5f:1a:1f:6b:a0:57:80:
ad:2c:fc:c2:fb:f2:bd:c4:ff:d3:73:98:88:0c:e4:70:69:e2:
19:4a:af:79
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICHjUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MTYw
ODQwMDBaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEE3NTJFM0FFMTQ4QjE4
RkJCRUVDRDhFMDJEQ0Q4Nzc2MUM4NTRDNTUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDVdbCfNgkvm/pnHf9+pm+sNaLQf4lk3/rF70Im6jieoKwXMpTZ
SqUxSY3ufmyG3Etrer6ATFFWDv9CkE1+GwTzjBBgmvtseN1Lgc2YvxqFLF4iPbtu
9ho2QZpnOJQet5UtDwh6k714R5OVhGrQov/rhmTde7J5HxM/TPft3dSFSBr29ntK
Ojy20MjMd9cS8NFUQKNmeXAchx4y449uIgrNN6C3fNnKJjJS+J5d/OI6ZKjcX/dp
YX/DXnzGo73KGXYi8/gjxuotfdeDWGWLVWHe/op+i8NZyahSRHIqbLG2ChhIZVlK
urbegFQMq84WqyVgyiIURZI8CBTGfw+8nZPDAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUp1LjrhSLGPu+7NjgLc2HdhyFTFUwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9wMUxqcmhTTEdQdS03Tmpn
TGMySGRoeUZURlUucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBADALBiB4aiFmcrIJH7QGdTNxodrfH57idIcI
ZmuqxTW1WegTZGfFF0Vqu8CAnPyqps5ukbZfOWADpRQAk1AzzccGEmeJZF/kZVaK
Npi8zzYAgOXcZvJV4MZBb06JOB8NJf0djmBE6pYY9TBYrOptS+MPipnEKw8n2+SL
HiFpvwRHN7V3/G01QCnZS1CEceGrnvF5TYOwgM1MB1ep8SvR58LV8N+L++oJ76GR
xY6Qzj3cqG4FvyZbNBcT2HHp/tD0UARtcvGo4oyJH45V0Hgb2hzSE31RLCxvghnk
HGu1y9qsw494Xxofa6BXgK0s/ML78r3E/9NzmIgM5HBp4hlKr3k=
-----END CERTIFICATE-----
Generated at Sun Jul 20 12:39:08 2025 by rpki-client