Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/cmNE_H05sOIFLNL_4hY9TaSbPiA.roa
File: cmNE_H05sOIFLNL_4hY9TaSbPiA.roa (raw, json)
Hash identifier: jhOZildM6sCXf+mz++aVjI1nKtA2GjZjL8FkbD0W+vM=
Subject key identifier: 72:63:44:FC:7D:39:B0:E2:05:2C:D2:FF:E2:16:3D:4D:A4:9B:3E:20
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 21FD
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/cmNE_H05sOIFLNL_4hY9TaSbPiA.roa
Signing time: Sat 21 Jun 2025 21:11:47 +0000
ROA not before: Sat 21 Jun 2025 21:11:47 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8701 (0x21fd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 21 21:11:47 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=726344FC7D39B0E2052CD2FFE2163D4DA49B3E20
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:31:7e:0e:2c:af:0f:9b:0b:f3:16:13:89:6d:
be:bc:e2:ee:8a:39:18:19:e8:97:02:4a:61:83:54:
11:ba:84:18:49:a0:4c:90:41:04:7b:fa:d3:af:a9:
96:dd:60:19:f3:fa:37:df:bc:d0:2d:30:97:80:c1:
57:35:59:28:21:22:3d:0a:80:1c:f5:1c:61:c8:17:
78:33:71:4d:32:72:35:d2:3f:9e:8b:af:8a:cb:c4:
a4:35:ca:ca:5d:c4:18:d2:26:c3:0b:89:2f:d9:0a:
25:8c:d1:a0:52:c0:aa:3d:6e:0b:fc:62:62:01:c7:
46:83:eb:05:7e:02:94:b4:fa:44:6f:bc:f9:20:66:
56:0f:f1:3d:05:8d:09:4f:a1:2c:92:c2:d7:93:07:
59:03:50:6a:5a:18:5a:75:72:72:ed:6d:cb:e6:5f:
f9:8d:cd:91:02:eb:2a:b4:9f:6f:0d:49:38:49:2d:
cd:9d:c2:98:da:cc:25:51:ed:15:06:24:72:c3:8f:
31:58:33:21:0f:36:99:7c:1f:02:a0:69:3d:5a:6c:
79:59:46:e0:23:67:12:46:c2:39:b3:fe:69:0b:f4:
e4:26:0f:4f:39:0d:39:8b:e5:0b:d4:0b:bb:71:51:
de:3a:90:e7:0f:6e:d5:b0:0d:95:87:3f:b0:a4:df:
1f:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:63:44:FC:7D:39:B0:E2:05:2C:D2:FF:E2:16:3D:4D:A4:9B:3E:20
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/cmNE_H05sOIFLNL_4hY9TaSbPiA.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
57:fe:27:6a:c8:7f:cf:e9:a4:08:5e:1f:30:a5:15:d1:c2:86:
06:7b:53:c0:4a:af:01:a9:a5:ea:4c:48:22:fa:29:be:99:41:
f3:de:61:f6:be:2a:bb:45:71:37:6d:c0:10:a2:b0:8c:48:7a:
43:4a:47:a7:16:f1:dd:5a:d9:20:37:2d:88:89:ee:42:f8:1c:
9b:02:23:c5:36:d3:d6:40:cb:ac:69:f9:85:42:27:f9:e6:69:
c6:62:69:da:2e:2b:31:46:86:29:70:50:0f:37:ba:05:9f:f0:
c9:ab:b3:99:69:3d:91:42:1f:16:f9:c1:6d:51:28:b7:52:56:
93:2f:80:a5:7f:34:50:cb:f4:b2:44:13:4c:e4:38:04:02:31:
a0:ee:e6:0b:16:0b:51:9b:52:a3:33:b5:e5:a8:3f:d9:19:9b:
9b:7f:81:26:93:5d:45:45:dc:ed:38:81:ce:94:c2:cf:f9:89:
a0:7e:5c:6c:90:bb:66:f4:ad:88:a8:e1:e1:12:72:c0:b7:f1:
60:e5:61:ea:a3:d3:59:0d:d0:24:ac:46:76:27:dc:e5:ce:25:
3b:21:72:36:c1:9d:41:37:f2:ef:dd:62:eb:0a:d7:30:42:4b:
69:02:60:30:cf:d4:e6:81:50:64:b8:da:c0:d3:e4:65:ae:b3:
a9:72:a8:42
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICIf0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MjEy
MTExNDdaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDcyNjM0NEZDN0QzOUIw
RTIwNTJDRDJGRkUyMTYzRDREQTQ5QjNFMjAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQClMX4OLK8PmwvzFhOJbb684u6KORgZ6JcCSmGDVBG6hBhJoEyQ
QQR7+tOvqZbdYBnz+jffvNAtMJeAwVc1WSghIj0KgBz1HGHIF3gzcU0ycjXSP56L
r4rLxKQ1yspdxBjSJsMLiS/ZCiWM0aBSwKo9bgv8YmIBx0aD6wV+ApS0+kRvvPkg
ZlYP8T0FjQlPoSySwteTB1kDUGpaGFp1cnLtbcvmX/mNzZEC6yq0n28NSThJLc2d
wpjazCVR7RUGJHLDjzFYMyEPNpl8HwKgaT1abHlZRuAjZxJGwjmz/mkL9OQmD085
DTmL5QvUC7txUd46kOcPbtWwDZWHP7Ck3x8ZAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUcmNE/H05sOIFLNL/4hY9TaSbPiAwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9jbU5FX0gwNXNPSUZMTkxf
NGhZOVRhU2JQaUEucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBAFf+J2rIf8/ppAheHzClFdHChgZ7U8BKrwGp
pepMSCL6Kb6ZQfPeYfa+KrtFcTdtwBCisIxIekNKR6cW8d1a2SA3LYiJ7kL4HJsC
I8U209ZAy6xp+YVCJ/nmacZiadouKzFGhilwUA83ugWf8Mmrs5lpPZFCHxb5wW1R
KLdSVpMvgKV/NFDL9LJEE0zkOAQCMaDu5gsWC1GbUqMzteWoP9kZm5t/gSaTXUVF
3O04gc6Uws/5iaB+XGyQu2b0rYio4eEScsC38WDlYeqj01kN0CSsRnYn3OXOJTsh
cjbBnUE38u/dYusK1zBCS2kCYDDP1OaBUGS42sDT5GWus6lyqEI=
-----END CERTIFICATE-----
Generated at Sun Jul 20 12:57:41 2025 by rpki-client