Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/4q7OEMxRGCuzEnKYaO3YJexsNlM.roa
File: 4q7OEMxRGCuzEnKYaO3YJexsNlM.roa (raw, json)
Hash identifier: CjNlinJYu1gLMTIL2ns/jiiWm7kpZxIMHD/JhamdSjc=
Subject key identifier: E2:AE:CE:10:CC:51:18:2B:B3:12:72:98:68:ED:D8:25:EC:6C:36:53
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 1CE9
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/4q7OEMxRGCuzEnKYaO3YJexsNlM.roa
Signing time: Sat 14 Jun 2025 15:09:54 +0000
ROA not before: Sat 14 Jun 2025 15:09:54 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7401 (0x1ce9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 14 15:09:54 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=E2AECE10CC51182BB312729868EDD825EC6C3653
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:e5:cc:f5:06:36:fc:47:0b:dd:92:44:65:eb:
c5:94:35:e6:3a:dd:e8:68:91:47:25:f3:4e:5b:bc:
1e:58:71:ec:73:01:35:00:06:b0:46:37:dd:df:f7:
07:7e:85:ae:ab:4c:e4:95:10:73:23:20:dd:47:21:
e7:bc:7f:a1:ab:50:82:a0:c3:3d:88:6a:2b:12:60:
5f:85:90:67:b5:52:db:8f:f8:78:a9:5c:43:b1:ff:
9a:c8:6d:21:ab:34:64:a8:fa:6b:64:f3:e0:59:a1:
b7:05:9b:07:fe:47:df:b5:73:ef:b1:ab:c3:8f:37:
28:ae:8f:ac:9e:2c:4b:cb:67:12:aa:a5:48:26:05:
cb:ef:c6:14:c5:c3:45:4f:62:3c:09:b5:9b:c3:67:
49:50:6c:bf:65:cd:23:b1:bc:d1:96:c7:d3:8c:69:
90:7e:cc:93:d2:e6:d4:48:b3:28:e4:9d:29:b9:13:
df:5e:0a:3d:c6:46:8f:aa:9f:11:99:8d:cb:7f:02:
64:26:5d:3a:b4:1e:49:13:d6:91:3d:58:b3:92:8a:
ae:3d:c9:90:6a:16:fa:ce:6d:a8:75:09:04:8c:91:
1e:cc:fd:0f:d5:2d:d2:6b:4e:30:ee:5e:ae:93:d8:
1e:9c:ae:d9:39:72:66:42:53:38:97:b6:46:a7:9c:
2b:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:AE:CE:10:CC:51:18:2B:B3:12:72:98:68:ED:D8:25:EC:6C:36:53
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/4q7OEMxRGCuzEnKYaO3YJexsNlM.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
00:1d:96:52:72:72:db:3c:71:e6:5f:96:a1:03:57:59:03:d7:
94:eb:50:5a:4b:7c:41:48:b3:0b:d6:a6:a9:90:91:f3:af:78:
2b:e7:82:b9:b4:f7:c8:1c:79:23:9f:9e:03:07:2e:69:6f:4f:
ed:86:17:40:23:82:4d:ec:02:f1:fa:27:9c:56:ab:e8:94:ea:
0d:be:f4:8f:12:fa:c5:ab:96:b4:fe:0e:1f:8a:71:cf:67:c7:
8a:4e:87:cb:f8:dd:e1:9b:b6:a9:9a:a4:cc:38:35:23:57:e7:
51:81:e5:6d:b8:aa:ba:fe:3b:c1:2e:f6:a1:bf:ad:bf:34:6a:
84:49:c8:17:fe:3f:70:ef:45:f2:92:12:5f:b7:c4:33:ba:a9:
5a:f9:fd:fb:95:be:86:d3:87:1c:69:9d:c7:70:27:17:41:15:
f0:64:bd:07:3a:e5:2b:7c:90:96:e7:5a:ec:63:d1:8c:99:3d:
24:2a:09:a1:2f:da:af:0a:71:bc:93:7c:ca:7e:4a:9f:ca:3c:
82:d0:0a:e9:7f:72:49:15:72:69:7e:3d:4d:ee:00:06:fe:07:
5e:ae:6e:fd:ee:07:6b:ae:fc:97:98:49:92:f2:48:46:42:c3:
41:be:6f:d6:41:1c:e7:a6:cb:08:99:4d:e9:ce:9e:e2:e3:4b:
90:2d:83:fa
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICHOkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MTQx
NTA5NTRaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEUyQUVDRTEwQ0M1MTE4
MkJCMzEyNzI5ODY4RUREODI1RUM2QzM2NTMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDD5cz1Bjb8RwvdkkRl68WUNeY63ehokUcl805bvB5YcexzATUA
BrBGN93f9wd+ha6rTOSVEHMjIN1HIee8f6GrUIKgwz2IaisSYF+FkGe1UtuP+Hip
XEOx/5rIbSGrNGSo+mtk8+BZobcFmwf+R9+1c++xq8OPNyiuj6yeLEvLZxKqpUgm
BcvvxhTFw0VPYjwJtZvDZ0lQbL9lzSOxvNGWx9OMaZB+zJPS5tRIsyjknSm5E99e
Cj3GRo+qnxGZjct/AmQmXTq0HkkT1pE9WLOSiq49yZBqFvrObah1CQSMkR7M/Q/V
LdJrTjDuXq6T2B6crtk5cmZCUziXtkannCs3AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQU4q7OEMxRGCuzEnKYaO3YJexsNlMwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni80cTdPRU14UkdDdXpFbktZ
YU8zWUpleHNObE0ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBAAAdllJycts8ceZflqEDV1kD15TrUFpLfEFI
swvWpqmQkfOveCvngrm098gceSOfngMHLmlvT+2GF0Ajgk3sAvH6J5xWq+iU6g2+
9I8S+sWrlrT+Dh+Kcc9nx4pOh8v43eGbtqmapMw4NSNX51GB5W24qrr+O8Eu9qG/
rb80aoRJyBf+P3DvRfKSEl+3xDO6qVr5/fuVvobThxxpncdwJxdBFfBkvQc65St8
kJbnWuxj0YyZPSQqCaEv2q8KcbyTfMp+Sp/KPILQCul/ckkVcml+PU3uAAb+B16u
bv3uB2uu/JeYSZLySEZCw0G+b9ZBHOemywiZTenOnuLjS5Atg/o=
-----END CERTIFICATE-----
Generated at Sun Jun 22 15:11:27 2025 by rpki-client