
Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/yr_xw6b9GfQkjWGQ7AaOsEgFVh0.roa
File: yr_xw6b9GfQkjWGQ7AaOsEgFVh0.roa (raw, json)
Hash identifier: vUI2odMr5k6Qya72uztQUCiWyOEn1tizGuLEM6H2/nc=
Subject key identifier: CA:BF:F1:C3:A6:FD:19:F4:24:8D:61:90:EC:06:8E:B0:48:05:56:1D
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 162D
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/yr_xw6b9GfQkjWGQ7AaOsEgFVh0.roa
Signing time: Thu 05 Jun 2025 15:39:35 +0000
ROA not before: Thu 05 Jun 2025 15:39:35 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5677 (0x162d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 5 15:39:35 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=CABFF1C3A6FD19F4248D6190EC068EB04805561D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:ca:08:c9:9c:cf:eb:e2:92:ad:4e:b5:74:39:
74:4a:79:00:38:e8:bf:b9:44:54:fc:31:f8:6c:a7:
96:11:5e:19:e9:ea:0a:b0:81:34:d8:06:27:a9:f6:
79:42:2d:ec:23:b1:4f:11:54:4e:71:b6:1c:78:f9:
62:52:13:15:6c:91:bd:4d:37:6a:87:10:41:62:6a:
71:30:6f:48:23:87:a9:ec:9d:31:c0:6f:a6:dd:cf:
2b:ce:35:03:58:e0:2e:24:1e:28:e9:95:91:9a:b9:
00:a8:f2:2b:a3:b2:cc:ae:ca:41:b9:d8:73:ff:20:
6c:ce:30:02:bf:f9:88:9f:71:5d:d1:3e:a2:d8:3a:
cb:29:94:3c:0e:66:69:21:1b:cb:76:99:cf:ca:3c:
54:fe:b3:ce:6a:c3:4a:bd:21:07:5c:54:5d:83:46:
d5:36:74:dd:97:35:bd:a6:5e:3d:dd:b1:bd:27:e1:
9a:d3:17:b8:77:a9:20:0b:bb:f6:21:c4:42:4a:6a:
13:b4:16:f5:96:2f:58:c5:55:e4:49:84:69:0e:16:
5d:1c:0d:03:04:8f:ba:08:e7:3c:80:2d:22:d0:73:
7d:65:70:9f:89:6d:a7:6d:6e:c6:c8:7c:d7:e8:e0:
44:32:29:01:5e:d8:b0:1c:62:a6:7b:f2:20:a9:50:
cc:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:BF:F1:C3:A6:FD:19:F4:24:8D:61:90:EC:06:8E:B0:48:05:56:1D
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/yr_xw6b9GfQkjWGQ7AaOsEgFVh0.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
19:d5:77:a5:c4:17:e2:86:8f:f1:ac:35:ef:9f:86:1e:f6:c9:
41:1f:e8:7e:c3:c9:a1:1b:6a:24:5a:d3:10:bb:43:63:26:17:
05:d6:07:d8:5b:c3:98:7c:62:ed:60:c5:84:14:19:02:89:f6:
5b:c2:6a:03:46:45:3d:85:e2:4b:9c:a5:3e:6a:a2:8e:dc:d0:
00:05:e2:a2:14:85:9b:69:9b:aa:87:c3:06:00:25:8a:ba:8a:
88:ab:2c:86:d8:d2:ea:c2:f9:41:40:ab:5c:fd:07:34:ba:6d:
e7:c8:98:20:4e:e1:13:4c:ef:41:f5:ce:c4:b5:d2:33:76:3b:
1e:f4:2f:bf:c0:e3:70:98:88:55:b9:b7:c3:03:aa:05:d7:85:
10:df:a9:77:86:0b:2e:b1:59:98:4a:b2:67:f5:7b:d3:1a:77:
01:f0:1d:ae:ca:a1:1f:07:b2:7e:0a:23:c6:4f:b0:6d:72:43:
d4:57:7f:61:4d:96:d9:d0:f5:ff:bb:46:c6:0a:3d:a7:bd:a2:
2a:15:45:fd:a9:43:2f:74:31:7b:60:c3:d7:67:f3:d3:56:93:
67:58:da:69:e8:c2:ba:37:81:f0:5c:72:b3:a1:28:dc:33:14:
9c:c1:25:45:43:ec:46:58:d2:f8:67:a1:3d:fd:dc:71:c4:8c:
bf:ad:46:2b
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICFi0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MDUx
NTM5MzVaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKENBQkZGMUMzQTZGRDE5
RjQyNDhENjE5MEVDMDY4RUIwNDgwNTU2MUQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDNygjJnM/r4pKtTrV0OXRKeQA46L+5RFT8Mfhsp5YRXhnp6gqw
gTTYBiep9nlCLewjsU8RVE5xthx4+WJSExVskb1NN2qHEEFianEwb0gjh6nsnTHA
b6bdzyvONQNY4C4kHijplZGauQCo8iujssyuykG52HP/IGzOMAK/+YifcV3RPqLY
OssplDwOZmkhG8t2mc/KPFT+s85qw0q9IQdcVF2DRtU2dN2XNb2mXj3dsb0n4ZrT
F7h3qSALu/YhxEJKahO0FvWWL1jFVeRJhGkOFl0cDQMEj7oI5zyALSLQc31lcJ+J
badtbsbIfNfo4EQyKQFe2LAcYqZ78iCpUMytAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUyr/xw6b9GfQkjWGQ7AaOsEgFVh0wHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni95cl94dzZiOUdmUWtqV0dR
N0FhT3NFZ0ZWaDAucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBABnVd6XEF+KGj/GsNe+fhh72yUEf6H7DyaEb
aiRa0xC7Q2MmFwXWB9hbw5h8Yu1gxYQUGQKJ9lvCagNGRT2F4kucpT5qoo7c0AAF
4qIUhZtpm6qHwwYAJYq6ioirLIbY0urC+UFAq1z9BzS6befImCBO4RNM70H1zsS1
0jN2Ox70L7/A43CYiFW5t8MDqgXXhRDfqXeGCy6xWZhKsmf1e9MadwHwHa7KoR8H
sn4KI8ZPsG1yQ9RXf2FNltnQ9f+7RsYKPae9oioVRf2pQy90MXtgw9dn89NWk2dY
2mnowro3gfBccrOhKNwzFJzBJUVD7EZY0vhnoT393HHEjL+tRis=
-----END CERTIFICATE-----
Generated at Sun Jul 20 12:48:33 2025 by rpki-client