Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/7dGF42WriQ7MLzVm5WqXuF0Ijfk.roa
File: 7dGF42WriQ7MLzVm5WqXuF0Ijfk.roa (raw, json)
Hash identifier: pO/e7P/Oevtqowd1/LOJrBQenVvNNbbb4j5mb1oZZEA=
Subject key identifier: ED:D1:85:E3:65:AB:89:0E:CC:2F:35:66:E5:6A:97:B8:5D:08:8D:F9
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 1E11
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/7dGF42WriQ7MLzVm5WqXuF0Ijfk.roa
Signing time: Mon 16 Jun 2025 04:25:47 +0000
ROA not before: Mon 16 Jun 2025 04:25:47 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7697 (0x1e11)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 16 04:25:47 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=EDD185E365AB890ECC2F3566E56A97B85D088DF9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:cd:91:ce:77:b5:9a:73:10:4d:9f:22:bd:50:
5d:d5:cc:07:2d:73:35:14:80:fd:00:d1:67:84:95:
09:76:95:24:6a:c9:f9:56:63:99:a5:07:4e:b9:7a:
05:a7:8d:6f:f5:b8:c8:f6:71:a5:6f:1b:ac:59:61:
3b:65:57:9d:c4:9a:31:ee:8a:49:78:63:0b:1d:bf:
ad:a5:f9:f8:e4:22:71:93:25:52:ce:b3:a9:59:15:
74:d4:14:08:91:fa:c4:00:3e:ce:b6:26:3d:4d:60:
d8:51:c5:67:4c:81:4c:fa:e9:d7:70:d8:67:3d:a8:
fc:25:86:31:42:b8:8c:26:3d:7a:cf:d0:e7:52:73:
82:7e:25:51:10:5f:5f:a2:cb:d3:9a:26:98:63:26:
6d:4b:13:ad:eb:8d:b1:85:43:70:25:bf:11:a3:02:
dd:c0:57:14:72:c4:ab:04:36:6a:90:72:13:bc:9c:
d8:5f:25:a7:6f:3c:a9:07:3f:32:52:3f:ed:7c:5a:
87:a2:f0:b3:8b:0d:25:72:6c:a5:fc:7d:5e:db:a2:
fa:f7:d5:12:0a:ed:d3:ac:dc:08:64:bc:db:c8:17:
6b:d7:9a:8a:67:3a:19:fe:58:28:1b:0a:75:b2:7e:
5f:99:46:0a:23:13:a9:a5:31:ab:ed:36:16:27:bd:
43:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:D1:85:E3:65:AB:89:0E:CC:2F:35:66:E5:6A:97:B8:5D:08:8D:F9
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/7dGF42WriQ7MLzVm5WqXuF0Ijfk.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
13:f5:5d:61:a3:fa:1c:ca:5f:80:9f:a7:84:36:fe:ce:9c:c2:
6d:7f:0e:50:e3:f0:24:34:c1:63:c5:d4:59:ec:e6:29:76:f2:
e1:24:32:14:2f:cb:85:8e:96:dc:cf:d9:56:9c:79:ac:98:13:
27:df:da:19:28:fc:0d:25:73:33:0b:9b:d9:65:17:a7:c8:a6:
c8:f2:db:f1:67:5d:88:f4:83:24:83:fb:99:0b:5f:70:06:0d:
b8:7d:9f:22:2c:79:68:6a:99:93:4b:c3:1d:59:84:25:be:57:
dc:5e:09:d0:29:23:ac:74:9d:91:74:ac:7d:74:e2:51:7e:02:
dc:2e:25:e9:b0:20:40:bc:78:50:0d:68:19:29:7a:58:87:64:
8b:ea:d4:d0:06:5b:b9:fd:9d:75:37:db:90:90:00:08:0a:c8:
52:1b:18:4d:ae:ec:24:6b:23:33:3c:6a:45:76:0e:7a:47:dd:
e9:16:9d:3b:36:b5:14:6e:2e:f9:c9:14:da:b5:0d:e4:9a:7f:
ac:2c:d6:00:c5:41:1e:84:14:28:5e:f9:29:a8:61:ab:75:c9:
94:c7:50:06:72:41:77:88:46:12:27:c9:66:69:ab:a9:56:29:
4a:59:f8:d8:36:a6:7b:2c:9f:3a:42:f1:f1:31:09:60:7e:aa:
2b:26:0a:f6
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICHhEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MTYw
NDI1NDdaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEVERDE4NUUzNjVBQjg5
MEVDQzJGMzU2NkU1NkE5N0I4NUQwODhERjkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC0zZHOd7WacxBNnyK9UF3VzActczUUgP0A0WeElQl2lSRqyflW
Y5mlB065egWnjW/1uMj2caVvG6xZYTtlV53EmjHuikl4Ywsdv62l+fjkInGTJVLO
s6lZFXTUFAiR+sQAPs62Jj1NYNhRxWdMgUz66ddw2Gc9qPwlhjFCuIwmPXrP0OdS
c4J+JVEQX1+iy9OaJphjJm1LE63rjbGFQ3AlvxGjAt3AVxRyxKsENmqQchO8nNhf
JadvPKkHPzJSP+18Woei8LOLDSVybKX8fV7bovr31RIK7dOs3AhkvNvIF2vXmopn
Ohn+WCgbCnWyfl+ZRgojE6mlMavtNhYnvUP7AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQU7dGF42WriQ7MLzVm5WqXuF0IjfkwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni83ZEdGNDJXcmlRN01MelZt
NVdxWHVGMElqZmsucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBABP1XWGj+hzKX4Cfp4Q2/s6cwm1/DlDj8CQ0
wWPF1Fns5il28uEkMhQvy4WOltzP2VaceayYEyff2hko/A0lczMLm9llF6fIpsjy
2/FnXYj0gySD+5kLX3AGDbh9nyIseWhqmZNLwx1ZhCW+V9xeCdApI6x0nZF0rH10
4lF+AtwuJemwIEC8eFANaBkpeliHZIvq1NAGW7n9nXU325CQAAgKyFIbGE2u7CRr
IzM8akV2DnpH3ekWnTs2tRRuLvnJFNq1DeSaf6ws1gDFQR6EFChe+SmoYat1yZTH
UAZyQXeIRhInyWZpq6lWKUpZ+Ng2pnssnzpC8fExCWB+qismCvY=
-----END CERTIFICATE-----
Generated at Sun Jul 20 19:06:45 2025 by rpki-client