
Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/M6wahj0HzuLCGv-gGHFTxrpQ3u8.roa
File: M6wahj0HzuLCGv-gGHFTxrpQ3u8.roa (raw, json)
Hash identifier: 0QIx6hlTCeO5R1fvBKVT7ZssRd1APtDJ5McYlYyqt94=
Subject key identifier: 33:AC:1A:86:3D:07:CE:E2:C2:1A:FF:A0:18:71:53:C6:BA:50:DE:EF
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 1E3D
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/M6wahj0HzuLCGv-gGHFTxrpQ3u8.roa
Signing time: Mon 16 Jun 2025 09:40:00 +0000
ROA not before: Mon 16 Jun 2025 09:40:00 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7741 (0x1e3d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 16 09:40:00 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=33AC1A863D07CEE2C21AFFA0187153C6BA50DEEF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:3c:cd:bb:e8:64:c6:4c:67:68:81:e8:74:a6:
2d:d3:6f:73:b8:09:40:dc:d6:18:40:78:02:b4:8f:
e1:45:8a:e8:a6:0a:0e:05:7e:6e:55:a3:18:a6:0d:
00:e8:4b:90:57:7a:f9:2d:5a:7f:97:26:3c:68:aa:
f6:6f:46:b2:c2:77:6d:f4:c1:5e:c2:0f:91:d2:e8:
61:1a:1a:24:25:65:a2:82:72:50:17:10:58:8d:0e:
7c:95:c5:6c:e8:4b:b4:ec:a3:bd:16:19:bb:2c:2a:
8d:43:28:69:69:be:a3:30:d3:37:5f:51:42:f3:ca:
fa:77:53:73:ce:73:c3:bd:9a:4b:f4:13:da:1a:f1:
ab:94:e6:3a:5a:80:d0:3e:6b:09:cb:5e:20:19:8d:
4b:f5:94:4f:b8:2f:b7:b6:46:16:c9:fb:bb:3a:5e:
b4:fb:70:bd:ca:60:4b:92:e4:96:5f:1d:ec:15:24:
9c:d3:3e:3e:bf:dd:41:8e:0e:e5:10:91:0d:14:93:
78:39:27:15:ad:3b:68:2a:e1:40:7f:43:7f:1c:ca:
71:fc:66:5e:d9:c3:2d:e9:53:b8:28:00:b9:cc:c2:
cd:9d:e7:78:21:2a:4c:40:7c:29:c7:51:3d:84:cf:
df:e3:c2:17:40:ac:9a:da:df:b2:c7:e6:70:76:8b:
f8:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:AC:1A:86:3D:07:CE:E2:C2:1A:FF:A0:18:71:53:C6:BA:50:DE:EF
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/M6wahj0HzuLCGv-gGHFTxrpQ3u8.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
27:a8:80:a9:49:f5:7a:b4:4c:a5:66:1c:27:af:ad:f0:72:c9:
6b:d4:db:8a:08:b1:68:42:c4:55:b7:88:0f:8d:f4:97:28:8a:
2e:f8:32:7c:5e:45:39:f7:5e:9b:98:93:d9:7d:28:df:9f:59:
b0:b3:81:6b:d1:fe:7d:0e:27:ce:70:da:30:4e:d2:6e:7d:a9:
3c:e9:25:6f:31:51:76:b6:85:e9:35:69:b4:e6:7e:d5:e7:b5:
3b:26:45:3d:60:25:1f:e4:a9:07:ad:92:98:a3:ce:a0:ad:e5:
fe:4a:9f:ab:6c:77:e4:43:1c:d4:91:6e:af:25:4d:3c:fd:1d:
22:b6:f6:90:82:72:4a:56:1d:69:a1:e0:b5:ea:a0:0e:64:ab:
65:91:82:d2:c2:c5:27:0b:0d:ba:2f:12:9e:ee:db:9d:ee:04:
35:91:e4:21:69:c7:72:26:70:d3:53:08:ce:80:4e:28:e7:f6:
13:03:a4:16:7b:b5:cc:30:9c:94:9f:f1:de:8e:79:af:0d:9c:
b4:45:8c:2f:06:dd:96:a7:cf:31:76:17:a7:94:e0:3a:50:54:
fe:65:dc:9f:d4:78:7f:9e:02:35:19:8e:86:be:7b:d1:a0:a0:
a9:4b:51:0b:20:06:4a:48:3d:55:d3:58:69:d7:8a:7e:17:0a:
ef:55:f0:2f
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICHj0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MTYw
OTQwMDBaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDMzQUMxQTg2M0QwN0NF
RTJDMjFBRkZBMDE4NzE1M0M2QkE1MERFRUYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC9PM276GTGTGdogeh0pi3Tb3O4CUDc1hhAeAK0j+FFiuimCg4F
fm5VoximDQDoS5BXevktWn+XJjxoqvZvRrLCd230wV7CD5HS6GEaGiQlZaKCclAX
EFiNDnyVxWzoS7Tso70WGbssKo1DKGlpvqMw0zdfUULzyvp3U3POc8O9mkv0E9oa
8auU5jpagNA+awnLXiAZjUv1lE+4L7e2RhbJ+7s6XrT7cL3KYEuS5JZfHewVJJzT
Pj6/3UGODuUQkQ0Uk3g5JxWtO2gq4UB/Q38cynH8Zl7Zwy3pU7goALnMws2d53gh
KkxAfCnHUT2Ez9/jwhdArJra37LH5nB2i/j3AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUM6wahj0HzuLCGv+gGHFTxrpQ3u8wHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9NNndhaGowSHp1TENHdi1n
R0hGVHhycFEzdTgucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBACeogKlJ9Xq0TKVmHCevrfByyWvU24oIsWhC
xFW3iA+N9Jcoii74MnxeRTn3XpuYk9l9KN+fWbCzgWvR/n0OJ85w2jBO0m59qTzp
JW8xUXa2hek1abTmftXntTsmRT1gJR/kqQetkpijzqCt5f5Kn6tsd+RDHNSRbq8l
TTz9HSK29pCCckpWHWmh4LXqoA5kq2WRgtLCxScLDbovEp7u253uBDWR5CFpx3Im
cNNTCM6ATijn9hMDpBZ7tcwwnJSf8d6Oea8NnLRFjC8G3ZanzzF2F6eU4DpQVP5l
3J/UeH+eAjUZjoa+e9GgoKlLUQsgBkpIPVXTWGnXin4XCu9V8C8=
-----END CERTIFICATE-----
Generated at Mon Jul 21 03:35:47 2025 by rpki-client