Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/22-ekehAjnmu_SqU1cBG_9i1ilo.roa
File: 22-ekehAjnmu_SqU1cBG_9i1ilo.roa (raw, json)
Hash identifier: xUObhWlWOR183B/v4ae5XbTC3Uzef0W5heX2ePUn3jM=
Subject key identifier: DB:6F:9E:91:E8:40:8E:79:AE:FD:2A:94:D5:C0:46:FF:D8:B5:8A:5A
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 1DD5
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/22-ekehAjnmu_SqU1cBG_9i1ilo.roa
Signing time: Sun 15 Jun 2025 20:39:59 +0000
ROA not before: Sun 15 Jun 2025 20:39:59 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7637 (0x1dd5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 15 20:39:59 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=DB6F9E91E8408E79AEFD2A94D5C046FFD8B58A5A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:6a:71:52:b0:36:4c:cf:68:84:c6:bc:a0:b3:
04:5a:26:7d:0d:55:e2:ca:0a:36:58:5a:c4:b0:29:
e3:d1:78:70:9e:bf:ee:07:5c:7b:b7:49:93:ff:26:
95:d8:ce:8c:5c:74:3f:9b:03:36:23:84:ca:7e:b5:
09:57:e0:fe:a3:1b:20:0f:18:30:15:8f:7b:41:f1:
56:60:12:6d:45:83:e0:d6:dd:d8:fa:ec:14:6a:15:
76:a2:36:ad:b8:60:f4:03:50:96:94:c3:e7:a1:0b:
5c:2c:c9:1e:75:41:bd:8a:46:58:c3:6c:90:d9:c1:
83:b9:a4:38:e7:e9:2a:30:7e:c1:88:ec:8d:7b:e5:
3c:ee:3a:41:87:d0:eb:b2:21:7d:51:15:a1:68:ef:
ea:f7:09:4b:08:98:d2:e8:b1:b4:89:5a:5b:8a:a1:
2e:23:3b:86:33:a9:8a:3e:be:9e:38:7d:5d:56:a7:
1c:e5:fc:f1:f0:44:cd:e0:61:a3:1a:7f:0d:27:9d:
18:0c:a6:bc:78:03:40:3b:a6:55:95:81:d2:62:5a:
5f:6a:29:ab:6c:87:9b:70:42:85:1c:d4:9b:f0:42:
d8:07:3a:91:1b:b0:16:52:f1:07:33:da:54:2d:cf:
6d:f9:6d:a1:50:96:f0:a8:aa:93:2d:6d:5f:22:b0:
33:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:6F:9E:91:E8:40:8E:79:AE:FD:2A:94:D5:C0:46:FF:D8:B5:8A:5A
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/22-ekehAjnmu_SqU1cBG_9i1ilo.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
27:35:49:30:80:b1:5c:f8:cc:b5:75:16:31:a2:49:0b:9d:db:
59:01:ec:69:49:d9:27:bb:ad:f0:3d:d1:c6:15:8e:9c:39:f3:
c9:d7:22:95:6e:fa:6f:cc:71:8d:8c:00:96:1c:e9:6d:02:03:
ec:47:97:23:9c:ff:09:ac:ce:3f:41:01:73:d7:91:33:82:f9:
8c:14:e0:a5:58:f4:f8:bd:cf:85:ce:7a:87:97:7e:5f:6c:a1:
57:94:38:63:f2:9f:83:e6:80:12:ac:52:17:b1:92:47:b4:5f:
8b:9d:e5:a2:bf:36:26:72:84:74:f1:11:40:30:85:8d:99:dd:
f8:9a:b6:25:38:77:74:37:82:1a:46:57:da:13:37:a0:26:89:
f3:7d:89:5a:2d:24:72:d6:15:e0:d6:81:c6:7c:c4:55:16:75:
12:c4:75:2d:37:8a:a0:31:df:b6:90:6d:67:3a:49:3d:c7:c5:
0d:2c:a4:f4:ca:2f:e6:44:8e:65:be:6f:31:19:f1:3a:12:4f:
7f:18:eb:0a:ea:82:96:16:53:1e:0b:4c:75:93:9d:8a:5d:9c:
45:1a:85:f1:cc:55:ee:7c:bb:34:04:da:fc:34:19:9a:86:e2:
86:dd:49:1e:0f:a9:77:42:18:8f:a1:c3:1b:72:58:d4:63:2b:
8a:da:7f:b5
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICHdUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MTUy
MDM5NTlaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKERCNkY5RTkxRTg0MDhF
NzlBRUZEMkE5NEQ1QzA0NkZGRDhCNThBNUEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCVanFSsDZMz2iExrygswRaJn0NVeLKCjZYWsSwKePReHCev+4H
XHu3SZP/JpXYzoxcdD+bAzYjhMp+tQlX4P6jGyAPGDAVj3tB8VZgEm1Fg+DW3dj6
7BRqFXaiNq24YPQDUJaUw+ehC1wsyR51Qb2KRljDbJDZwYO5pDjn6SowfsGI7I17
5TzuOkGH0OuyIX1RFaFo7+r3CUsImNLosbSJWluKoS4jO4YzqYo+vp44fV1Wpxzl
/PHwRM3gYaMafw0nnRgMprx4A0A7plWVgdJiWl9qKatsh5twQoUc1JvwQtgHOpEb
sBZS8Qcz2lQtz235baFQlvCoqpMtbV8isDPpAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQU22+ekehAjnmu/SqU1cBG/9i1ilowHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni8yMi1la2VoQWpubXVfU3FV
MWNCR185aTFpbG8ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBACc1STCAsVz4zLV1FjGiSQud21kB7GlJ2Se7
rfA90cYVjpw588nXIpVu+m/McY2MAJYc6W0CA+xHlyOc/wmszj9BAXPXkTOC+YwU
4KVY9Pi9z4XOeoeXfl9soVeUOGPyn4PmgBKsUhexkke0X4ud5aK/NiZyhHTxEUAw
hY2Z3fiatiU4d3Q3ghpGV9oTN6AmifN9iVotJHLWFeDWgcZ8xFUWdRLEdS03iqAx
37aQbWc6ST3HxQ0spPTKL+ZEjmW+bzEZ8ToST38Y6wrqgpYWUx4LTHWTnYpdnEUa
hfHMVe58uzQE2vw0GZqG4obdSR4PqXdCGI+hwxtyWNRjK4raf7U=
-----END CERTIFICATE-----
Generated at Mon Jul 21 13:41:13 2025 by rpki-client