Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/ME-xOhX5cD1RdTgJNFzpZq9HCow.roa
File: ME-xOhX5cD1RdTgJNFzpZq9HCow.roa (raw, json)
Hash identifier: m1fMuX7svhi9Lww2Vi2LPmdkC0oe+eLTiSv0fgihFag=
Subject key identifier: 30:4F:B1:3A:15:F9:70:3D:51:75:38:09:34:5C:E9:66:AF:47:0A:8C
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 1FE1
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/ME-xOhX5cD1RdTgJNFzpZq9HCow.roa
Signing time: Wed 18 Jun 2025 14:32:10 +0000
ROA not before: Wed 18 Jun 2025 14:32:10 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8161 (0x1fe1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 18 14:32:10 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=304FB13A15F9703D51753809345CE966AF470A8C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:99:3f:76:23:92:fc:7d:a6:05:22:dc:34:5d:
1a:1f:61:1a:b7:05:09:85:49:59:4c:0c:e2:dc:ac:
95:3d:01:ef:74:06:7e:49:14:0c:aa:03:a7:72:92:
47:ba:0a:4f:b6:30:51:bc:e4:50:eb:a9:13:f7:f7:
7c:0d:51:83:1e:7d:4e:88:78:61:a6:e5:c6:df:f0:
1f:4c:c1:21:58:4a:a3:de:76:6e:44:fb:68:f7:c6:
0a:0e:30:9d:3a:19:6b:0e:6e:2e:0c:5d:c6:9b:0f:
3b:d2:56:a1:27:3d:aa:c4:74:f3:1d:0f:c1:85:a8:
d0:5e:9a:3b:8d:4e:37:89:b6:f1:54:ef:87:27:75:
ba:b4:aa:47:1c:92:ee:b0:19:30:21:7e:dd:29:37:
d8:53:a1:db:99:c0:75:79:f7:64:fd:75:7c:ad:94:
0b:f0:dd:c0:7d:25:20:79:d2:b8:91:47:ab:27:cb:
8a:6c:fc:28:47:53:f8:9c:4d:ee:ab:28:41:80:69:
91:cb:37:9b:18:39:8c:5e:91:b8:3c:ed:06:db:c4:
94:d2:ed:e5:47:21:86:89:58:64:7a:2b:4b:58:08:
18:68:ae:4d:5c:a2:ef:72:4e:22:ad:5d:1a:29:b9:
d8:22:13:50:78:19:01:a9:36:23:c2:5e:33:6f:d4:
cb:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:4F:B1:3A:15:F9:70:3D:51:75:38:09:34:5C:E9:66:AF:47:0A:8C
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/ME-xOhX5cD1RdTgJNFzpZq9HCow.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
62:09:ca:96:a2:c3:62:b3:2f:df:6a:59:9f:f0:8c:a6:a4:98:
05:e6:90:6a:06:48:bd:51:4b:09:8d:48:f6:90:63:4b:53:e2:
08:cf:e6:2f:45:ac:0e:fd:9f:8f:79:f1:a9:88:ec:86:8a:be:
b7:da:a6:59:ef:35:9d:34:81:6c:e2:d3:b8:16:5f:10:50:b4:
35:30:3a:e6:bc:8a:81:5b:4e:29:ea:ab:08:6e:60:ad:f8:47:
e6:8b:28:a8:58:60:5c:fa:be:91:38:c1:89:aa:2a:6f:f8:e9:
0b:f6:dc:7e:b9:6e:d6:93:1d:aa:9d:26:53:20:ef:70:03:fb:
54:1c:f9:da:95:b9:6a:f1:36:eb:cd:a8:40:7a:38:dc:b5:e3:
9f:e7:46:16:c9:83:fb:c7:de:9c:e9:54:f0:e0:05:c8:56:a8:
06:6a:12:70:60:1c:2f:a5:fe:5d:a0:3e:7a:17:96:8c:67:fe:
cc:e5:9b:e4:67:1d:fe:8f:f8:90:98:ee:94:6a:59:58:3a:95:
0a:e9:c7:3e:3e:74:c5:b3:78:35:d6:82:06:e3:23:6c:f3:d7:
f0:ad:0b:41:72:d1:7c:ff:09:f4:93:8c:07:79:f2:81:a5:23:
87:89:9d:45:a9:44:c2:b5:69:ff:16:d1:1f:46:95:36:89:00:
71:ee:89:64
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICH+EwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MTgx
NDMyMTBaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDMwNEZCMTNBMTVGOTcw
M0Q1MTc1MzgwOTM0NUNFOTY2QUY0NzBBOEMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCamT92I5L8faYFItw0XRofYRq3BQmFSVlMDOLcrJU9Ae90Bn5J
FAyqA6dykke6Ck+2MFG85FDrqRP393wNUYMefU6IeGGm5cbf8B9MwSFYSqPedm5E
+2j3xgoOMJ06GWsObi4MXcabDzvSVqEnParEdPMdD8GFqNBemjuNTjeJtvFU74cn
dbq0qkccku6wGTAhft0pN9hToduZwHV592T9dXytlAvw3cB9JSB50riRR6sny4ps
/ChHU/icTe6rKEGAaZHLN5sYOYxekbg87QbbxJTS7eVHIYaJWGR6K0tYCBhork1c
ou9yTiKtXRopudgiE1B4GQGpNiPCXjNv1MuPAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUME+xOhX5cD1RdTgJNFzpZq9HCowwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9NRS14T2hYNWNEMVJkVGdK
TkZ6cFpxOUhDb3cucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBAGIJypaiw2KzL99qWZ/wjKakmAXmkGoGSL1R
SwmNSPaQY0tT4gjP5i9FrA79n4958amI7IaKvrfaplnvNZ00gWzi07gWXxBQtDUw
Oua8ioFbTinqqwhuYK34R+aLKKhYYFz6vpE4wYmqKm/46Qv23H65btaTHaqdJlMg
73AD+1Qc+dqVuWrxNuvNqEB6ONy145/nRhbJg/vH3pzpVPDgBchWqAZqEnBgHC+l
/l2gPnoXloxn/szlm+RnHf6P+JCY7pRqWVg6lQrpxz4+dMWzeDXWggbjI2zz1/Ct
C0Fy0Xz/CfSTjAd58oGlI4eJnUWpRMK1af8W0R9GlTaJAHHuiWQ=
-----END CERTIFICATE-----
Generated at Mon Jul 21 03:03:31 2025 by rpki-client