Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/zJx7gFHcdbqfX0BuFKohQRS4zjE.roa
File: zJx7gFHcdbqfX0BuFKohQRS4zjE.roa (raw, json)
Hash identifier: hrEUTFOi4KAT/KSo1RZseyBnYB2Y9F78tC82D43qbg8=
Subject key identifier: CC:9C:7B:80:51:DC:75:BA:9F:5F:40:6E:14:AA:21:41:14:B8:CE:31
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 2419
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/zJx7gFHcdbqfX0BuFKohQRS4zjE.roa
Signing time: Tue 24 Jun 2025 16:42:00 +0000
ROA not before: Tue 24 Jun 2025 16:42:00 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 9241 (0x2419)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 24 16:42:00 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=CC9C7B8051DC75BA9F5F406E14AA214114B8CE31
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:a9:48:a0:c5:47:e2:d5:4e:f2:9e:42:7b:ab:
78:25:41:0c:e4:c8:45:ea:22:e6:c8:31:84:20:94:
9e:50:03:7c:5d:77:a1:a9:14:e4:01:cf:b2:fa:b5:
4c:03:4a:80:05:7e:8d:65:53:6a:50:0a:b0:9b:9f:
23:c2:e1:5a:db:80:fa:c5:a9:3f:5c:54:df:ff:c7:
12:84:3d:98:fb:57:d9:b8:72:26:7a:61:cf:e0:17:
dd:d7:2a:ec:31:65:7a:c3:e5:29:d4:a0:03:38:4e:
0c:1d:6b:e0:2d:39:da:72:89:52:19:05:a1:17:36:
fb:fe:52:26:96:ae:76:db:89:59:a0:88:6d:ef:ba:
da:d4:c0:b5:1d:54:6d:35:8d:a9:5c:d5:94:0f:8b:
88:91:bb:08:c7:33:8c:61:9b:5e:06:e2:81:98:0b:
63:c9:88:09:39:bf:70:d2:46:54:42:11:6a:f0:38:
d5:97:b8:7e:4a:b6:67:55:43:e6:83:a3:6f:cd:db:
4b:de:13:88:b1:2f:e7:59:98:c9:70:21:19:95:bc:
3d:f4:25:a3:ad:df:23:2a:bc:7a:31:8c:30:98:6e:
4a:73:e1:a7:6a:06:63:e3:74:f8:e8:fb:cf:fc:79:
ec:ac:43:39:6b:8b:b8:89:b3:aa:d6:97:70:8a:f6:
96:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:9C:7B:80:51:DC:75:BA:9F:5F:40:6E:14:AA:21:41:14:B8:CE:31
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/zJx7gFHcdbqfX0BuFKohQRS4zjE.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
2c:ef:7c:9c:69:23:7a:0a:a6:b9:14:0b:95:96:c2:a8:5e:dc:
c7:79:18:fd:11:a8:98:53:77:97:13:4f:1f:fa:bd:ed:d1:b4:
af:00:a8:0c:2d:40:36:8e:c0:85:92:84:aa:c9:04:c8:43:e3:
ea:14:71:d5:d8:18:b9:99:80:0d:98:2d:96:f6:c8:a0:61:e3:
51:02:8a:12:4d:8e:b3:78:88:e2:de:d4:a6:28:8c:0d:5d:1b:
73:1f:59:05:86:98:91:3a:1a:f3:29:ae:6b:a9:f8:32:52:eb:
82:b7:a3:60:fd:45:dc:e6:af:24:14:47:c8:44:e8:88:6b:6c:
94:a4:92:05:0d:c0:b6:ae:c1:6c:8b:b6:fa:ff:7a:d0:3e:f2:
bf:47:85:a8:7b:27:a7:66:4b:d2:99:e8:6a:e7:36:6f:9c:ec:
02:4c:0c:4a:e3:52:b7:a4:6c:11:ae:79:23:ee:5b:ad:07:d7:
95:03:70:1e:89:b6:2f:e2:b9:c2:e0:ea:a2:93:59:fe:69:fe:
a2:c0:5a:d8:35:a7:d1:a2:d9:5c:20:4d:5b:85:a2:c0:42:b4:
71:05:de:5c:45:c0:3d:ec:58:13:a8:84:36:9e:4f:f5:83:90:
72:d4:06:66:9f:bb:49:4c:0e:74:4e:d2:93:d9:3b:14:8e:4f:
7b:48:25:1f
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICJBkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MjQx
NjQyMDBaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKENDOUM3QjgwNTFEQzc1
QkE5RjVGNDA2RTE0QUEyMTQxMTRCOENFMzEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDHqUigxUfi1U7ynkJ7q3glQQzkyEXqIubIMYQglJ5QA3xdd6Gp
FOQBz7L6tUwDSoAFfo1lU2pQCrCbnyPC4VrbgPrFqT9cVN//xxKEPZj7V9m4ciZ6
Yc/gF93XKuwxZXrD5SnUoAM4Tgwda+AtOdpyiVIZBaEXNvv+UiaWrnbbiVmgiG3v
utrUwLUdVG01jalc1ZQPi4iRuwjHM4xhm14G4oGYC2PJiAk5v3DSRlRCEWrwONWX
uH5KtmdVQ+aDo2/N20veE4ixL+dZmMlwIRmVvD30JaOt3yMqvHoxjDCYbkpz4adq
BmPjdPjo+8/8eeysQzlri7iJs6rWl3CK9pb7AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUzJx7gFHcdbqfX0BuFKohQRS4zjEwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni96Sng3Z0ZIY2RicWZYMEJ1
RktvaFFSUzR6akUucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBACzvfJxpI3oKprkUC5WWwqhe3Md5GP0RqJhT
d5cTTx/6ve3RtK8AqAwtQDaOwIWShKrJBMhD4+oUcdXYGLmZgA2YLZb2yKBh41EC
ihJNjrN4iOLe1KYojA1dG3MfWQWGmJE6GvMprmup+DJS64K3o2D9RdzmryQUR8hE
6IhrbJSkkgUNwLauwWyLtvr/etA+8r9Hhah7J6dmS9KZ6GrnNm+c7AJMDErjUrek
bBGueSPuW60H15UDcB6Jti/iucLg6qKTWf5p/qLAWtg1p9Gi2VwgTVuFosBCtHEF
3lxFwD3sWBOohDaeT/WDkHLUBmafu0lMDnRO0pPZOxSOT3tIJR8=
-----END CERTIFICATE-----
Generated at Sun Jul 20 12:46:48 2025 by rpki-client