Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/fqyCpd0mJGhrnpOhxQfwUdLCtJI.roa
File: fqyCpd0mJGhrnpOhxQfwUdLCtJI.roa (raw, json)
Hash identifier: Uc6+byCUntxgxRMUhbeyc5QqUwjVGYqW3OjZMo+IWkw=
Subject key identifier: 7E:AC:82:A5:DD:26:24:68:6B:9E:93:A1:C5:07:F0:51:D2:C2:B4:92
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 1EFD
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/fqyCpd0mJGhrnpOhxQfwUdLCtJI.roa
Signing time: Tue 17 Jun 2025 09:40:04 +0000
ROA not before: Tue 17 Jun 2025 09:40:04 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7933 (0x1efd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 17 09:40:04 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=7EAC82A5DD2624686B9E93A1C507F051D2C2B492
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:52:b3:e1:6f:f6:a9:fd:4d:2f:1b:d1:96:10:
46:c3:7e:06:dd:c4:94:de:31:1f:5f:db:d3:9d:72:
27:fb:ba:4a:fc:90:0b:e8:d6:b5:73:62:66:7c:6f:
2d:24:33:7c:ab:09:d0:28:d2:ac:42:c7:2c:b5:00:
ae:5e:5e:a8:22:d5:d4:f3:5e:df:66:7a:86:03:67:
bf:0c:71:4a:a9:d7:9b:60:f4:56:01:ed:22:72:c3:
23:3e:12:d5:b4:5a:73:45:9f:67:91:51:92:55:7e:
b4:ad:07:8e:16:99:fe:82:95:c0:62:98:4a:d9:29:
1a:2f:b5:c6:04:c2:e3:6c:9a:18:8d:86:65:c1:1c:
77:33:53:b0:f9:8f:b2:33:9f:49:24:b1:c8:a4:d6:
58:df:8b:7f:07:4a:90:c7:63:30:85:c6:c3:63:68:
db:49:18:2c:dd:92:b5:bd:0d:02:a1:73:0b:e0:ce:
c8:bf:46:59:92:00:5f:92:12:86:af:4b:3e:79:1a:
e3:25:c7:4d:f9:e1:48:e1:8b:10:f4:88:7f:ed:da:
f7:3e:b7:7c:9d:15:26:63:74:8e:17:0a:c4:54:3d:
a4:ab:53:9f:7a:13:25:5c:31:32:ca:54:38:be:63:
30:ee:23:69:d1:8c:c8:34:5f:36:2e:23:86:4f:12:
cc:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:AC:82:A5:DD:26:24:68:6B:9E:93:A1:C5:07:F0:51:D2:C2:B4:92
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/fqyCpd0mJGhrnpOhxQfwUdLCtJI.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
90:71:f6:7f:ba:13:44:38:e1:44:8e:10:06:b6:fd:72:ab:65:
cd:1a:3a:68:e8:d7:5e:77:66:e8:54:c2:19:d4:92:10:ee:0a:
9c:1f:18:a0:14:15:80:ad:91:a7:f8:22:68:2f:f2:61:2d:bd:
b0:39:ee:60:8c:00:68:b5:0e:74:cc:8d:d4:b4:ea:73:33:0a:
99:01:75:75:35:30:17:f1:3c:4f:7c:97:f8:73:8b:f2:3f:d4:
39:72:f7:52:6d:23:d1:48:a7:7f:23:88:66:33:29:2b:15:4d:
8e:55:ee:74:fe:88:1d:5e:08:93:fb:2f:be:82:68:6c:3e:e9:
2f:38:c9:50:10:58:75:0f:11:20:18:00:5c:3b:ca:6f:d8:d3:
ec:b9:da:27:9c:52:21:be:c7:34:61:20:0c:8f:32:03:47:a4:
7d:42:80:17:fc:6e:c2:37:4b:8b:5f:52:c2:c0:6e:4d:fa:ba:
9c:d4:29:b8:95:77:9f:21:b5:fd:43:b8:d2:fc:8a:e3:ff:56:
67:b8:6d:e7:0d:7b:f3:38:8f:d0:19:bd:b3:52:08:37:ac:07:
c4:26:fa:2f:ec:f6:00:b0:a2:0d:82:82:06:1f:33:66:a6:15:
8c:e5:09:34:3f:e3:e0:76:a2:74:11:aa:c6:b1:e2:fa:e3:6e:
79:dc:f9:90
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICHv0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MTcw
OTQwMDRaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDdFQUM4MkE1REQyNjI0
Njg2QjlFOTNBMUM1MDdGMDUxRDJDMkI0OTIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC/UrPhb/ap/U0vG9GWEEbDfgbdxJTeMR9f29Odcif7ukr8kAvo
1rVzYmZ8by0kM3yrCdAo0qxCxyy1AK5eXqgi1dTzXt9meoYDZ78McUqp15tg9FYB
7SJywyM+EtW0WnNFn2eRUZJVfrStB44Wmf6ClcBimErZKRovtcYEwuNsmhiNhmXB
HHczU7D5j7Izn0kkscik1ljfi38HSpDHYzCFxsNjaNtJGCzdkrW9DQKhcwvgzsi/
RlmSAF+SEoavSz55GuMlx0354UjhixD0iH/t2vc+t3ydFSZjdI4XCsRUPaSrU596
EyVcMTLKVDi+YzDuI2nRjMg0XzYuI4ZPEsx7AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUfqyCpd0mJGhrnpOhxQfwUdLCtJIwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9mcXlDcGQwbUpHaHJucE9o
eFFmd1VkTEN0Skkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBAJBx9n+6E0Q44USOEAa2/XKrZc0aOmjo1153
ZuhUwhnUkhDuCpwfGKAUFYCtkaf4Imgv8mEtvbA57mCMAGi1DnTMjdS06nMzCpkB
dXU1MBfxPE98l/hzi/I/1Dly91JtI9FIp38jiGYzKSsVTY5V7nT+iB1eCJP7L76C
aGw+6S84yVAQWHUPESAYAFw7ym/Y0+y52iecUiG+xzRhIAyPMgNHpH1CgBf8bsI3
S4tfUsLAbk36upzUKbiVd58htf1DuNL8iuP/Vme4becNe/M4j9AZvbNSCDesB8Qm
+i/s9gCwog2CggYfM2amFYzlCTQ/4+B2onQRqsax4vrjbnnc+ZA=
-----END CERTIFICATE-----
Generated at Sun Jul 20 12:51:16 2025 by rpki-client