Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/7n3Fza88QjJKwL85yTMwk65uels.roa
File: 7n3Fza88QjJKwL85yTMwk65uels.roa (raw, json)
Hash identifier: mDxr2DoxO81S72FqyVdWxpr5hMLzw9g6EZj9UdDPe2o=
Subject key identifier: EE:7D:C5:CD:AF:3C:42:32:4A:C0:BF:39:C9:33:30:93:AE:6E:7A:5B
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 16FD
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/7n3Fza88QjJKwL85yTMwk65uels.roa
Signing time: Fri 06 Jun 2025 17:39:27 +0000
ROA not before: Fri 06 Jun 2025 17:39:27 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5885 (0x16fd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 6 17:39:27 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=EE7DC5CDAF3C42324AC0BF39C9333093AE6E7A5B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:84:81:19:fc:43:09:6c:fc:7e:c4:3d:e0:d6:
e6:a3:42:54:43:db:94:bb:01:8d:80:df:59:39:8a:
c8:05:60:a1:a0:1f:d4:7b:2f:20:26:aa:8c:35:63:
5e:13:20:e5:df:15:da:b7:a3:59:6a:55:49:33:c1:
95:f5:95:4a:2c:e2:c7:3f:97:aa:ff:f8:f0:97:0f:
39:46:be:95:27:3e:24:50:91:5e:cb:29:4f:77:47:
29:a0:c0:df:e1:22:55:66:a3:6c:c5:a6:bc:5b:63:
5a:fe:a6:97:b3:d9:3a:cb:a5:40:f5:79:de:51:36:
18:4c:fb:eb:da:6d:5a:57:9a:c1:25:d0:5f:70:83:
1e:9c:f0:ca:98:48:77:17:3e:ea:9c:49:be:6f:38:
d4:c4:32:ab:3c:67:f6:88:68:f8:1f:88:ea:cf:26:
35:57:3f:ce:97:0a:4b:53:d7:55:0c:0e:f9:ab:8d:
12:d8:6a:7b:63:0f:0c:2d:db:d1:3e:50:b4:b0:36:
cc:f2:fa:fb:d3:a1:8f:73:d4:8a:5b:9a:45:ee:70:
c3:fc:5c:58:c2:ab:33:7c:b5:a8:64:dd:c0:f7:58:
4f:7c:14:85:81:74:24:41:f5:e9:42:fe:67:79:c2:
26:00:d6:f4:8c:0f:21:03:f3:9c:d0:61:84:e9:d5:
ee:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:7D:C5:CD:AF:3C:42:32:4A:C0:BF:39:C9:33:30:93:AE:6E:7A:5B
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/7n3Fza88QjJKwL85yTMwk65uels.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
5e:3b:f4:cf:5a:a5:72:10:e8:e3:05:c6:96:06:5b:ab:d0:f7:
d0:8e:22:d2:32:fd:5d:55:d7:5a:4e:ee:2a:24:bd:d1:69:12:
de:64:f7:31:9f:65:da:c5:b8:e8:8c:11:9d:f6:2e:12:44:8f:
55:21:e2:fe:e8:5e:99:2f:7f:c3:23:e8:09:38:49:62:56:b1:
6c:69:1d:8b:29:e9:74:01:ca:e4:ec:38:7b:ec:5e:81:d3:69:
b0:e6:30:b0:2d:e5:aa:24:1f:c5:ba:5a:cd:34:b0:c0:68:de:
7a:19:93:d9:ec:a0:01:1f:9b:fc:4f:9f:d0:53:e5:74:11:0c:
35:5e:79:bc:15:5b:2d:a1:44:eb:49:5f:1a:7e:50:ea:64:6e:
b2:7f:6a:3d:b2:19:15:f7:36:61:e7:0a:00:06:82:0f:4f:91:
68:90:99:10:ca:80:fb:cd:19:ad:18:d1:8b:ad:84:af:62:80:
11:f6:db:87:f0:f4:77:07:40:64:f2:57:19:33:7f:96:32:60:
83:77:82:66:49:ba:0d:af:c0:84:f2:55:7a:08:da:b0:c4:d8:
77:2f:5c:c8:7b:d9:3d:55:a0:2c:2e:bb:99:bf:fa:68:75:cb:
a2:d9:42:65:11:b1:35:59:51:21:dd:14:c6:b9:46:fa:90:41:
a2:48:21:4c
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICFv0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MDYx
NzM5MjdaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEVFN0RDNUNEQUYzQzQy
MzI0QUMwQkYzOUM5MzMzMDkzQUU2RTdBNUIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC8hIEZ/EMJbPx+xD3g1uajQlRD25S7AY2A31k5isgFYKGgH9R7
LyAmqow1Y14TIOXfFdq3o1lqVUkzwZX1lUos4sc/l6r/+PCXDzlGvpUnPiRQkV7L
KU93RymgwN/hIlVmo2zFprxbY1r+ppez2TrLpUD1ed5RNhhM++vabVpXmsEl0F9w
gx6c8MqYSHcXPuqcSb5vONTEMqs8Z/aIaPgfiOrPJjVXP86XCktT11UMDvmrjRLY
antjDwwt29E+ULSwNszy+vvToY9z1IpbmkXucMP8XFjCqzN8tahk3cD3WE98FIWB
dCRB9elC/md5wiYA1vSMDyED85zQYYTp1e69AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQU7n3Fza88QjJKwL85yTMwk65uelswHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni83bjNGemE4OFFqSkt3TDg1
eVRNd2s2NXVlbHMucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBAF479M9apXIQ6OMFxpYGW6vQ99COItIy/V1V
11pO7iokvdFpEt5k9zGfZdrFuOiMEZ32LhJEj1Uh4v7oXpkvf8Mj6Ak4SWJWsWxp
HYsp6XQByuTsOHvsXoHTabDmMLAt5aokH8W6Ws00sMBo3noZk9nsoAEfm/xPn9BT
5XQRDDVeebwVWy2hROtJXxp+UOpkbrJ/aj2yGRX3NmHnCgAGgg9PkWiQmRDKgPvN
Ga0Y0YuthK9igBH224fw9HcHQGTyVxkzf5YyYIN3gmZJug2vwITyVXoI2rDE2Hcv
XMh72T1VoCwuu5m/+mh1y6LZQmURsTVZUSHdFMa5RvqQQaJIIUw=
-----END CERTIFICATE-----
Generated at Sun Jun 22 00:04:41 2025 by rpki-client