Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/75-A0Im38KuxqjzVNpW34IXOXTM.roa
File: 75-A0Im38KuxqjzVNpW34IXOXTM.roa (raw, json)
Hash identifier: 3YrF+4FZFn6b/98JauSsDXbeXDq10/XGZfMT4TCtXzo=
Subject key identifier: EF:9F:80:D0:89:B7:F0:AB:B1:AA:3C:D5:36:95:B7:E0:85:CE:5D:33
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 1CB1
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/75-A0Im38KuxqjzVNpW34IXOXTM.roa
Signing time: Sat 14 Jun 2025 08:18:58 +0000
ROA not before: Sat 14 Jun 2025 08:18:58 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7345 (0x1cb1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 14 08:18:58 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=EF9F80D089B7F0ABB1AA3CD53695B7E085CE5D33
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:ad:ef:cd:cd:79:31:7b:bb:7c:f2:de:29:af:
12:53:db:10:45:64:94:9f:83:9f:d5:2a:2f:58:5d:
e4:4d:03:96:53:f0:eb:62:1f:f5:92:fb:11:a7:13:
75:0a:b3:5b:97:2d:e4:65:3a:7b:52:9e:0e:d3:cb:
86:42:cb:79:26:b3:80:22:30:53:5e:50:96:6b:9f:
22:2b:4d:5d:77:bf:82:09:a5:de:f0:17:d9:c9:b6:
b2:bf:b3:21:bb:4a:cf:5e:2d:cf:a9:3e:a4:60:02:
b1:0a:0f:b0:06:16:c8:be:85:af:c4:2a:a1:24:92:
1d:8f:a7:18:9d:83:2f:02:62:3b:93:33:84:17:72:
c7:97:c7:f3:24:8e:0e:26:86:9a:c4:45:29:f7:1c:
3a:6c:84:ab:31:99:ba:fd:00:70:6f:11:6f:9a:d1:
1a:95:4b:ba:a8:da:39:b6:a1:6e:2c:4a:a2:06:b6:
8f:c7:66:5a:27:a9:ce:64:54:5e:3b:95:34:8e:4d:
20:f0:b2:4e:bb:5c:b1:84:a6:0b:ca:03:0a:c0:ef:
be:67:b0:8b:6e:de:ff:5e:cf:4d:e5:42:90:c6:9f:
c9:40:38:85:ca:d6:41:02:36:26:0b:66:10:cd:d0:
6a:74:b8:b2:97:f3:82:65:02:6d:db:42:2f:24:f6:
20:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:9F:80:D0:89:B7:F0:AB:B1:AA:3C:D5:36:95:B7:E0:85:CE:5D:33
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/75-A0Im38KuxqjzVNpW34IXOXTM.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
1c:46:e2:12:3e:b5:91:b0:1e:9a:7e:ad:73:88:fe:1c:be:d2:
4e:b5:f5:fb:79:a9:75:f3:a7:bb:bd:31:4d:f3:77:aa:d0:97:
4d:56:e4:6b:34:77:eb:e1:e6:24:c5:b5:81:c4:e3:96:fc:1e:
bf:ad:ab:d1:f6:7d:61:01:ae:ea:4e:39:cf:1c:29:13:7a:8a:
9a:a6:30:8b:cc:fe:a1:4c:39:30:22:3f:8b:3e:26:d8:b5:ef:
78:c2:4d:11:d8:15:5f:a7:ba:21:ab:b9:04:fd:d9:b1:b2:74:
24:e3:2f:0e:1f:a5:5a:de:c3:92:50:2e:41:6e:51:ef:ca:8f:
0b:07:eb:89:f6:fc:46:90:98:2e:fd:69:a3:d6:d5:27:34:9d:
f9:13:e3:8b:a3:1e:f7:bc:7a:43:2c:84:62:9d:e6:75:ab:21:
54:d2:fe:05:c3:db:61:69:f3:8a:37:34:c9:70:ae:4c:c8:0d:
ce:79:8d:67:77:de:1f:ad:b6:2e:31:a6:1d:a9:61:29:ea:db:
3f:d1:e4:eb:e7:51:f7:8f:e8:4f:e6:e8:a6:ac:c8:e8:b4:6c:
ed:f1:1e:62:80:b6:c3:13:2c:c8:6b:b9:e9:33:9b:c7:39:f8:
7e:fc:ab:8a:08:77:6b:1e:c2:9c:58:76:9d:c2:d1:ed:d6:af:
c6:95:80:31
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICHLEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MTQw
ODE4NThaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEVGOUY4MEQwODlCN0Yw
QUJCMUFBM0NENTM2OTVCN0UwODVDRTVEMzMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDCre/NzXkxe7t88t4prxJT2xBFZJSfg5/VKi9YXeRNA5ZT8Oti
H/WS+xGnE3UKs1uXLeRlOntSng7Ty4ZCy3kms4AiMFNeUJZrnyIrTV13v4IJpd7w
F9nJtrK/syG7Ss9eLc+pPqRgArEKD7AGFsi+ha/EKqEkkh2Ppxidgy8CYjuTM4QX
cseXx/Mkjg4mhprERSn3HDpshKsxmbr9AHBvEW+a0RqVS7qo2jm2oW4sSqIGto/H
Zlonqc5kVF47lTSOTSDwsk67XLGEpgvKAwrA775nsItu3v9ez03lQpDGn8lAOIXK
1kECNiYLZhDN0Gp0uLKX84JlAm3bQi8k9iCtAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQU75+A0Im38KuxqjzVNpW34IXOXTMwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni83NS1BMEltMzhLdXhxanpW
TnBXMzRJWE9YVE0ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBABxG4hI+tZGwHpp+rXOI/hy+0k619ft5qXXz
p7u9MU3zd6rQl01W5Gs0d+vh5iTFtYHE45b8Hr+tq9H2fWEBrupOOc8cKRN6ipqm
MIvM/qFMOTAiP4s+Jti173jCTRHYFV+nuiGruQT92bGydCTjLw4fpVrew5JQLkFu
Ue/KjwsH64n2/EaQmC79aaPW1Sc0nfkT44ujHve8ekMshGKd5nWrIVTS/gXD22Fp
84o3NMlwrkzIDc55jWd33h+tti4xph2pYSnq2z/R5OvnUfeP6E/m6KasyOi0bO3x
HmKAtsMTLMhruekzm8c5+H78q4oId2sewpxYdp3C0e3Wr8aVgDE=
-----END CERTIFICATE-----
Generated at Sat Jun 21 16:35:19 2025 by rpki-client