Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/9n81jPSx7iw9xnPGYcZbOEY245Y.roa
File: 9n81jPSx7iw9xnPGYcZbOEY245Y.roa (raw, json)
Hash identifier: z5dBEGijkDY0YRsW4+mLoyYDVGASTtNA+7X8giCYL/Q=
Subject key identifier: F6:7F:35:8C:F4:B1:EE:2C:3D:C6:73:C6:61:C6:5B:38:46:36:E3:96
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0209
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/9n81jPSx7iw9xnPGYcZbOEY245Y.roa
Signing time: Fri 09 May 2025 19:07:47 +0000
ROA not before: Fri 09 May 2025 19:07:47 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 521 (0x209)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 9 19:07:47 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=F67F358CF4B1EE2C3DC673C661C65B384636E396
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:b6:5f:b4:36:ac:8f:a5:58:92:bd:1a:ff:69:
f7:80:01:74:02:75:e9:af:35:31:4f:60:5e:61:69:
05:e7:a9:e8:dc:a6:63:53:53:99:8e:73:8a:b3:a5:
fd:43:a2:15:f8:34:10:94:35:5b:1d:d5:e0:72:8b:
59:49:b3:84:26:fb:62:72:77:9a:ca:8d:58:57:4b:
80:a6:6d:87:ff:41:29:b4:e5:50:a5:22:1c:a1:90:
87:18:34:80:d8:5a:33:ac:9d:2b:00:e4:53:0a:dc:
15:9f:f4:bc:f7:f0:c8:1d:8c:ed:5e:87:7f:5d:71:
e3:3c:26:47:54:37:3b:9c:86:ad:b7:7c:3b:d7:14:
0d:f8:68:7d:f8:5b:6a:95:71:8e:c9:07:4a:84:08:
8c:64:7f:d5:38:ac:32:ff:c6:60:4d:f7:c0:cd:78:
b1:3f:ae:ce:75:14:9f:f6:1a:2b:29:10:c6:b4:51:
16:54:d9:b9:f5:a8:d5:d6:99:4d:08:4f:1f:aa:9f:
da:b4:7e:54:55:2f:fc:f1:b1:ea:08:a9:53:cd:7b:
37:7f:88:ad:86:1b:64:c2:cd:05:e0:ad:9a:aa:9d:
6a:2d:8b:f9:15:f0:e4:9a:fd:de:b5:fd:31:29:e0:
bc:01:f9:ee:56:72:3b:5e:23:50:f5:81:f7:2d:8c:
22:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:7F:35:8C:F4:B1:EE:2C:3D:C6:73:C6:61:C6:5B:38:46:36:E3:96
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/9n81jPSx7iw9xnPGYcZbOEY245Y.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
73:a1:5e:34:24:d1:51:34:f5:62:9a:7a:65:77:31:f3:ef:a3:
58:1b:97:30:f1:0a:4e:58:6f:9d:ff:1b:17:df:eb:04:3c:ba:
56:b5:a2:86:27:4c:9d:23:dd:de:b7:8c:f1:17:17:b9:97:2e:
5a:36:78:89:eb:3f:0b:dc:1e:0c:1b:a0:65:d5:b8:b4:ef:d3:
9b:a4:fd:ff:1c:1a:0a:99:ab:53:3b:77:2c:bb:1c:ec:e0:99:
ff:04:66:d6:62:e2:5e:be:3b:99:46:49:2a:cc:1e:b3:d0:b6:
c8:9a:9b:fb:16:71:10:bc:9d:f0:27:2f:7d:37:64:56:07:ca:
fb:9f:cb:81:93:fb:8b:21:dc:bc:e9:e4:5f:7f:8d:df:2c:b2:
07:ba:a6:c2:81:03:fb:90:ad:00:05:4d:c2:04:96:65:f1:05:
ba:de:c9:47:fa:82:8b:67:0e:8e:14:92:04:0d:b2:30:d0:8e:
3a:82:43:d9:d4:74:36:84:85:50:a4:f9:50:89:68:9c:50:55:
80:0a:2b:e0:65:37:b2:3a:78:77:d7:48:d2:a2:10:a2:2d:1b:
fc:68:fa:a3:ec:91:d4:2c:1f:e8:f5:56:12:82:19:e2:2b:8a:
92:dd:58:26:53:dd:24:93:58:a7:1e:ff:1d:9c:c4:b2:7b:03:
a7:0c:53:49
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICAgkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MDkx
OTA3NDdaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEY2N0YzNThDRjRCMUVF
MkMzREM2NzNDNjYxQzY1QjM4NDYzNkUzOTYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDatl+0NqyPpViSvRr/afeAAXQCdemvNTFPYF5haQXnqejcpmNT
U5mOc4qzpf1DohX4NBCUNVsd1eByi1lJs4Qm+2Jyd5rKjVhXS4CmbYf/QSm05VCl
IhyhkIcYNIDYWjOsnSsA5FMK3BWf9Lz38MgdjO1eh39dceM8JkdUNzuchq23fDvX
FA34aH34W2qVcY7JB0qECIxkf9U4rDL/xmBN98DNeLE/rs51FJ/2GispEMa0URZU
2bn1qNXWmU0ITx+qn9q0flRVL/zxseoIqVPNezd/iK2GG2TCzQXgrZqqnWoti/kV
8OSa/d61/TEp4LwB+e5WcjteI1D1gfctjCLdAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQU9n81jPSx7iw9xnPGYcZbOEY245YwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni85bjgxalBTeDdpdzl4blBH
WWNaYk9FWTI0NVkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBAHOhXjQk0VE09WKaemV3MfPvo1gblzDxCk5Y
b53/Gxff6wQ8ula1ooYnTJ0j3d63jPEXF7mXLlo2eInrPwvcHgwboGXVuLTv05uk
/f8cGgqZq1M7dyy7HOzgmf8EZtZi4l6+O5lGSSrMHrPQtsiam/sWcRC8nfAnL303
ZFYHyvufy4GT+4sh3Lzp5F9/jd8ssge6psKBA/uQrQAFTcIElmXxBbreyUf6gotn
Do4UkgQNsjDQjjqCQ9nUdDaEhVCk+VCJaJxQVYAKK+BlN7I6eHfXSNKiEKItG/xo
+qPskdQsH+j1VhKCGeIripLdWCZT3SSTWKce/x2cxLJ7A6cMU0k=
-----END CERTIFICATE-----
Generated at Sun May 18 16:48:42 2025 by rpki-client