Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/uW9u3-0JRK83UnPAE9CA6vQ9Dog.roa
File: uW9u3-0JRK83UnPAE9CA6vQ9Dog.roa (raw, json)
Hash identifier: XPVkHtUtppdwObjEL3YBiStzyGTwSqzeUX2HmBEVsZQ=
Subject key identifier: B9:6F:6E:DF:ED:09:44:AF:37:52:73:C0:13:D0:80:EA:F4:3D:0E:88
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 22C5
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/uW9u3-0JRK83UnPAE9CA6vQ9Dog.roa
Signing time: Sun 22 Jun 2025 22:11:51 +0000
ROA not before: Sun 22 Jun 2025 22:11:51 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8901 (0x22c5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 22 22:11:51 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=B96F6EDFED0944AF375273C013D080EAF43D0E88
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:ad:63:2e:1c:70:e8:11:b3:5c:74:7f:73:6e:
87:47:03:41:5d:c8:2e:b5:b5:95:9b:1c:e1:2d:e1:
83:b4:cd:23:ee:40:c5:5f:98:1e:5e:01:34:e7:4e:
3a:1e:4f:58:d1:75:c4:e4:de:b9:16:1c:c3:d4:fb:
f4:c1:ef:7f:1f:10:f1:73:ad:2b:f8:39:62:2a:09:
15:6b:6e:42:f8:30:eb:f1:f8:fd:22:e4:07:6f:d3:
c8:71:51:9a:12:0f:8b:51:18:36:8c:1e:69:51:de:
72:87:8f:da:1c:05:b8:e1:ba:38:3d:be:8d:45:22:
b0:84:a6:0b:00:a7:87:ee:92:c3:92:56:b3:63:77:
0f:13:d1:dc:32:50:e6:25:8a:16:26:a4:1c:8a:f2:
3a:15:20:65:be:51:34:9c:47:bb:e7:eb:8a:54:89:
e6:0b:29:dd:e8:90:c5:66:00:d9:84:92:7b:8d:9b:
ec:6e:16:17:97:12:87:58:7e:e3:61:d9:b0:65:74:
3b:47:7c:06:fe:99:a7:b9:57:32:31:93:fc:56:76:
b9:b7:df:9d:cc:4b:fc:3e:c6:e9:34:ed:8c:98:af:
0a:f2:d8:38:f3:1e:e2:65:5c:55:cc:d0:ef:c7:bf:
93:64:24:15:5d:9d:12:dd:6d:28:36:18:bb:f3:f7:
5f:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:6F:6E:DF:ED:09:44:AF:37:52:73:C0:13:D0:80:EA:F4:3D:0E:88
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/uW9u3-0JRK83UnPAE9CA6vQ9Dog.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
2d:17:19:34:89:ac:37:bb:77:66:69:86:b0:05:74:77:44:65:
2a:39:ea:c3:c4:6d:88:46:24:81:13:fa:90:04:7a:66:9f:73:
b4:aa:4a:c1:90:ed:bb:b6:8e:af:f2:7a:25:9e:d9:01:3f:ce:
4f:4e:91:0d:9d:37:73:06:cc:19:82:6b:27:a0:98:88:f5:74:
92:3f:e1:ee:e5:9f:ae:0b:e9:da:37:ba:e9:9e:56:8b:41:e2:
f0:32:d0:6a:09:6a:e6:29:34:fd:df:a9:d9:ca:6f:99:38:62:
22:be:23:24:62:de:ff:39:e0:a5:81:22:89:72:08:fd:b5:50:
81:b3:29:8c:1c:af:12:46:13:30:bd:58:e9:4d:76:f8:ef:f8:
13:4c:dd:a8:19:c6:04:84:1b:b1:d9:40:4c:aa:f4:ac:90:69:
79:2c:38:b0:19:bd:55:d4:06:40:eb:17:bf:cc:01:9f:a3:3d:
55:fb:c1:31:44:1c:dc:f8:9b:9e:ee:8c:f7:df:9a:35:53:8a:
f0:e6:88:26:ba:19:e6:e9:f6:ef:32:40:fe:0c:5c:e0:6b:6c:
ce:1a:19:d8:11:17:c4:9c:00:51:06:2b:07:1c:7e:99:ea:12:
18:8c:4e:91:21:2a:28:11:52:5e:0f:ca:d2:f0:2c:21:94:c5:
9b:0e:62:98
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICIsUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MjIy
MjExNTFaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEI5NkY2RURGRUQwOTQ0
QUYzNzUyNzNDMDEzRDA4MEVBRjQzRDBFODgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC4rWMuHHDoEbNcdH9zbodHA0FdyC61tZWbHOEt4YO0zSPuQMVf
mB5eATTnTjoeT1jRdcTk3rkWHMPU+/TB738fEPFzrSv4OWIqCRVrbkL4MOvx+P0i
5Adv08hxUZoSD4tRGDaMHmlR3nKHj9ocBbjhujg9vo1FIrCEpgsAp4fuksOSVrNj
dw8T0dwyUOYlihYmpByK8joVIGW+UTScR7vn64pUieYLKd3okMVmANmEknuNm+xu
FheXEodYfuNh2bBldDtHfAb+mae5VzIxk/xWdrm3353MS/w+xuk07YyYrwry2Djz
HuJlXFXM0O/Hv5NkJBVdnRLdbSg2GLvz919xAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUuW9u3+0JRK83UnPAE9CA6vQ9DogwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni91Vzl1My0wSlJLODNVblBB
RTlDQTZ2UTlEb2cucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBAC0XGTSJrDe7d2ZphrAFdHdEZSo56sPEbYhG
JIET+pAEemafc7SqSsGQ7bu2jq/yeiWe2QE/zk9OkQ2dN3MGzBmCayegmIj1dJI/
4e7ln64L6do3uumeVotB4vAy0GoJauYpNP3fqdnKb5k4YiK+IyRi3v854KWBIoly
CP21UIGzKYwcrxJGEzC9WOlNdvjv+BNM3agZxgSEG7HZQEyq9KyQaXksOLAZvVXU
BkDrF7/MAZ+jPVX7wTFEHNz4m57ujPffmjVTivDmiCa6Gebp9u8yQP4MXOBrbM4a
GdgRF8ScAFEGKwccfpnqEhiMTpEhKigRUl4PytLwLCGUxZsOYpg=
-----END CERTIFICATE-----
Generated at Sun Jul 20 12:43:15 2025 by rpki-client