Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/7GzYkS4oD-dXw3XQhOTbCZabA8o.roa
File: 7GzYkS4oD-dXw3XQhOTbCZabA8o.roa (raw, json)
Hash identifier: PvzPDn7+OhX5Czkbo0ambTNuu+zwAMq11FNQ0clv06A=
Subject key identifier: EC:6C:D8:91:2E:28:0F:E7:57:C3:75:D0:84:E4:DB:09:96:9B:03:CA
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 026D
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/7GzYkS4oD-dXw3XQhOTbCZabA8o.roa
Signing time: Sat 10 May 2025 07:37:54 +0000
ROA not before: Sat 10 May 2025 07:37:54 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 621 (0x26d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 10 07:37:54 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=EC6CD8912E280FE757C375D084E4DB09969B03CA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:5a:d2:2d:6c:a7:d5:d1:3f:95:9c:51:e0:ca:
71:4b:68:74:d5:37:46:5f:90:07:58:27:ea:f9:f9:
e9:5b:57:cc:eb:02:c8:12:36:da:d1:2c:57:7e:a7:
93:06:74:b7:99:28:33:63:52:f9:fd:4b:a1:57:5f:
f9:fe:9f:54:6c:b5:16:be:90:b3:1b:dc:50:50:14:
de:30:8c:43:29:45:22:6f:db:00:e8:2b:3e:55:74:
c3:ea:e8:34:9c:a7:d7:14:db:bc:12:c8:b5:2a:66:
e1:e0:fe:34:48:60:8e:c5:b6:78:2e:fd:4f:bb:c3:
0a:26:39:49:13:a6:f4:fc:2c:1d:cc:48:ff:41:d7:
19:41:0e:ff:41:68:f4:ea:92:38:be:5c:52:fe:44:
7e:38:5c:e4:9e:18:d2:d9:b7:6d:f0:3f:fa:d3:71:
24:e0:bb:f8:fc:aa:4c:26:91:75:18:37:c8:2b:b1:
e3:8b:6b:26:91:d5:ac:49:e6:df:e4:52:97:2f:92:
4a:35:fc:02:f8:6d:80:1c:4a:26:95:d9:59:f8:a4:
32:c7:4b:e9:45:f2:16:e8:f4:31:6f:7d:55:64:6a:
fb:d1:e7:b1:99:c9:1a:a9:8c:44:6c:de:02:72:ca:
71:d1:42:25:6b:ed:7c:94:22:c7:35:75:a0:b0:bc:
47:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:6C:D8:91:2E:28:0F:E7:57:C3:75:D0:84:E4:DB:09:96:9B:03:CA
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/7GzYkS4oD-dXw3XQhOTbCZabA8o.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
29:55:a9:ed:2f:bc:47:ac:b1:0c:a7:25:2b:f4:69:71:21:36:
fa:ad:a1:6f:a3:42:c9:ca:cb:eb:66:71:45:16:0c:22:78:c3:
ef:66:8d:40:90:48:22:7c:8f:54:77:21:a9:64:a5:1d:5f:f2:
e5:5b:7f:f9:b8:e7:09:0a:62:42:c3:68:72:27:91:9d:00:78:
86:bd:b5:4b:e6:61:f0:a4:fa:aa:5f:f9:8c:1c:ad:60:1e:95:
ea:2d:81:d3:c9:03:69:51:d0:b8:e0:9d:94:c5:d8:a1:f9:a7:
81:6e:39:1e:9e:47:8f:b3:d9:f0:bd:ed:85:5d:0c:ce:2c:e8:
f8:e4:76:60:5f:96:66:05:e5:95:c6:33:30:4f:94:cd:e6:38:
ff:35:57:67:57:f9:58:01:7b:97:01:3e:bb:b2:0d:23:81:56:
45:a3:65:48:01:db:35:c7:2c:6d:b2:cc:f0:20:dc:34:8c:ea:
c5:8d:9c:10:ac:5d:eb:75:88:5b:24:36:27:67:57:5c:69:ad:
a8:24:8e:75:25:e1:28:1c:ad:56:69:93:b9:b0:41:0c:70:ca:
81:9e:1b:9e:27:80:35:27:46:50:5b:ea:f6:30:03:d5:88:5a:
e6:40:c0:45:5e:14:a5:b3:84:a0:f3:7a:43:75:9b:e8:de:9d:
22:78:e9:0e
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICAm0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTAw
NzM3NTRaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEVDNkNEODkxMkUyODBG
RTc1N0MzNzVEMDg0RTREQjA5OTY5QjAzQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCyWtItbKfV0T+VnFHgynFLaHTVN0ZfkAdYJ+r5+elbV8zrAsgS
NtrRLFd+p5MGdLeZKDNjUvn9S6FXX/n+n1RstRa+kLMb3FBQFN4wjEMpRSJv2wDo
Kz5VdMPq6DScp9cU27wSyLUqZuHg/jRIYI7Ftngu/U+7wwomOUkTpvT8LB3MSP9B
1xlBDv9BaPTqkji+XFL+RH44XOSeGNLZt23wP/rTcSTgu/j8qkwmkXUYN8grseOL
ayaR1axJ5t/kUpcvkko1/AL4bYAcSiaV2Vn4pDLHS+lF8hbo9DFvfVVkavvR57GZ
yRqpjERs3gJyynHRQiVr7XyUIsc1daCwvEc5AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQU7GzYkS4oD+dXw3XQhOTbCZabA8owHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni83R3pZa1M0b0QtZFh3M1hR
aE9UYkNaYWJBOG8ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBAClVqe0vvEessQynJSv0aXEhNvqtoW+jQsnK
y+tmcUUWDCJ4w+9mjUCQSCJ8j1R3IalkpR1f8uVbf/m45wkKYkLDaHInkZ0AeIa9
tUvmYfCk+qpf+YwcrWAeleotgdPJA2lR0LjgnZTF2KH5p4FuOR6eR4+z2fC97YVd
DM4s6PjkdmBflmYF5ZXGMzBPlM3mOP81V2dX+VgBe5cBPruyDSOBVkWjZUgB2zXH
LG2yzPAg3DSM6sWNnBCsXet1iFskNidnV1xpragkjnUl4SgcrVZpk7mwQQxwyoGe
G54ngDUnRlBb6vYwA9WIWuZAwEVeFKWzhKDzekN1m+jenSJ46Q4=
-----END CERTIFICATE-----
Generated at Wed Jun 4 00:56:59 2025 by rpki-client