Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/6GmAgtSc2gA9xWm8YGNyaAkRPpQ.roa
File: 6GmAgtSc2gA9xWm8YGNyaAkRPpQ.roa (raw, json)
Hash identifier: 06O7+svH+KHBfgpI9Vx0zUP8zqMYC9oBwuflWfapXxQ=
Subject key identifier: E8:69:80:82:D4:9C:DA:00:3D:C5:69:BC:60:63:72:68:09:11:3E:94
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 1DDD
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/6GmAgtSc2gA9xWm8YGNyaAkRPpQ.roa
Signing time: Sun 15 Jun 2025 21:39:59 +0000
ROA not before: Sun 15 Jun 2025 21:39:59 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7645 (0x1ddd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 15 21:39:59 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=E8698082D49CDA003DC569BC6063726809113E94
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:77:03:2b:84:39:a8:38:f6:9f:22:cd:4f:51:
f9:31:0f:11:bd:d5:4b:27:b0:ac:0c:42:61:42:d9:
a6:66:59:af:ba:ad:17:3f:fd:e6:28:3b:a6:1c:0d:
50:35:7c:1e:f4:0e:20:48:f5:9c:91:76:89:32:5e:
14:37:39:56:fd:65:57:18:74:9d:4f:0c:3c:85:22:
67:2d:4a:4e:16:ca:6e:12:e7:77:b6:4c:96:49:52:
a7:8c:97:48:4b:a0:d3:e9:4e:0a:00:9f:22:e6:3e:
c1:1c:6a:9b:c7:0c:bb:03:fd:f4:80:cc:89:88:cc:
91:b0:82:59:80:be:3c:38:dd:9c:b5:13:d0:47:87:
1c:a7:19:62:d7:e3:76:53:7a:f0:44:e7:3a:24:d1:
2b:41:4a:47:10:3c:d2:7f:60:ab:c7:c5:25:cc:d5:
af:83:cd:73:5c:c2:a7:a3:2c:73:fc:cc:ea:9f:34:
64:88:dc:d2:8a:e9:81:81:54:4b:df:c5:15:d2:7e:
06:00:88:74:03:0e:95:c7:85:be:f6:1d:49:5d:0f:
bc:d5:74:2b:ab:38:57:f1:36:a3:72:5e:23:fb:9e:
62:1b:fa:e1:be:eb:90:4d:70:0d:1c:9e:45:0a:2d:
c0:d2:ab:83:47:06:28:4d:d8:40:4c:bc:9b:ae:28:
34:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:69:80:82:D4:9C:DA:00:3D:C5:69:BC:60:63:72:68:09:11:3E:94
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/6GmAgtSc2gA9xWm8YGNyaAkRPpQ.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
7a:a8:c4:8b:a4:14:ed:b3:c5:80:3e:68:ad:90:33:f2:cd:27:
59:b4:b2:9b:fe:c3:2e:8f:9b:57:d7:9e:e6:e2:b5:d6:44:63:
1c:3c:16:94:df:ab:18:fb:c1:8e:d5:92:f7:c6:5b:4e:e5:0b:
0c:00:06:c4:af:b3:21:74:ed:6d:b9:16:ab:f6:bd:8e:db:ba:
66:26:1f:fa:d4:f6:db:16:60:e4:fb:ce:42:3c:38:26:bc:2b:
1a:43:75:cc:31:f1:e4:70:df:d3:dc:50:ab:68:63:8a:46:4e:
7c:9d:f4:b6:a5:1d:94:d5:32:df:9b:52:dc:04:fc:52:6f:8e:
c0:77:59:60:a4:ed:c5:8b:0a:c5:12:bf:4e:df:df:0d:7a:a5:
12:5c:7d:05:b8:53:9b:ff:e3:1c:57:00:38:23:83:b9:fe:78:
54:8c:97:81:a4:98:f8:af:6d:c2:77:df:3b:43:f6:9b:3b:bd:
14:be:ef:76:c2:bb:a4:ac:b2:fd:a9:bc:8c:66:5f:be:b8:62:
69:89:df:05:12:01:b0:13:0d:86:81:a6:12:0f:dd:e7:12:0c:
52:1c:90:bc:9e:8d:61:45:d7:ec:8e:1f:cb:3f:00:3c:09:f1:
d2:b8:fe:9e:41:93:78:1f:d8:a2:4a:60:a0:44:55:dd:2b:7c:
3b:f0:13:1c
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICHd0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MTUy
MTM5NTlaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEU4Njk4MDgyRDQ5Q0RB
MDAzREM1NjlCQzYwNjM3MjY4MDkxMTNFOTQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC3dwMrhDmoOPafIs1PUfkxDxG91UsnsKwMQmFC2aZmWa+6rRc/
/eYoO6YcDVA1fB70DiBI9ZyRdokyXhQ3OVb9ZVcYdJ1PDDyFImctSk4Wym4S53e2
TJZJUqeMl0hLoNPpTgoAnyLmPsEcapvHDLsD/fSAzImIzJGwglmAvjw43Zy1E9BH
hxynGWLX43ZTevBE5zok0StBSkcQPNJ/YKvHxSXM1a+DzXNcwqejLHP8zOqfNGSI
3NKK6YGBVEvfxRXSfgYAiHQDDpXHhb72HUldD7zVdCurOFfxNqNyXiP7nmIb+uG+
65BNcA0cnkUKLcDSq4NHBihN2EBMvJuuKDQnAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQU6GmAgtSc2gA9xWm8YGNyaAkRPpQwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni82R21BZ3RTYzJnQTl4V204
WUdOeWFBa1JQcFEucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBAHqoxIukFO2zxYA+aK2QM/LNJ1m0spv+wy6P
m1fXnubitdZEYxw8FpTfqxj7wY7VkvfGW07lCwwABsSvsyF07W25Fqv2vY7bumYm
H/rU9tsWYOT7zkI8OCa8KxpDdcwx8eRw39PcUKtoY4pGTnyd9LalHZTVMt+bUtwE
/FJvjsB3WWCk7cWLCsUSv07f3w16pRJcfQW4U5v/4xxXADgjg7n+eFSMl4GkmPiv
bcJ33ztD9ps7vRS+73bCu6Sssv2pvIxmX764YmmJ3wUSAbATDYaBphIP3ecSDFIc
kLyejWFF1+yOH8s/ADwJ8dK4/p5Bk3gf2KJKYKBEVd0rfDvwExw=
-----END CERTIFICATE-----
Generated at Sun Jul 20 23:54:04 2025 by rpki-client