Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/CP7WkYPb6p-yXmtRB2dFYGfGalU.roa
File: CP7WkYPb6p-yXmtRB2dFYGfGalU.roa (raw, json)
Hash identifier: 3bd3vrYgeXg4hKyOfcQnm1BbqpfNsyszmDhsr+U/Ito=
Subject key identifier: 08:FE:D6:91:83:DB:EA:9F:B2:5E:6B:51:07:67:45:60:67:C6:6A:55
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 07D5
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/CP7WkYPb6p-yXmtRB2dFYGfGalU.roa
Signing time: Sat 17 May 2025 12:38:39 +0000
ROA not before: Sat 17 May 2025 12:38:39 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2005 (0x7d5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 17 12:38:39 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=08FED69183DBEA9FB25E6B510767456067C66A55
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:19:7a:9e:39:6a:c8:bc:d3:1d:79:c9:ec:c9:
98:d6:06:e9:87:67:1e:8b:e1:b3:8f:61:71:c6:f4:
e9:79:d2:17:9b:73:72:ec:b6:4f:1a:95:3e:87:06:
ce:0f:d4:0e:0d:42:06:2a:69:7f:0c:6c:f1:ab:06:
fa:a3:3f:b5:6f:d5:bf:60:6e:12:10:f0:ce:5a:a9:
33:8f:6a:ed:4f:8d:e2:85:df:98:e6:82:ca:05:0c:
ba:6a:41:ba:9b:91:9f:fc:28:d8:ec:bc:4e:08:6b:
37:fd:d6:fb:e1:5a:65:e7:ae:ce:3b:82:5b:0f:f6:
5f:cb:3d:4a:51:32:48:4d:5a:a3:79:bc:76:29:25:
58:74:7e:f3:df:bf:8b:5b:9a:bc:30:36:99:d9:54:
e0:d7:2b:dd:68:9d:91:f7:0f:7e:da:bc:6e:43:1e:
d5:28:20:75:bf:68:3c:0d:01:6a:b0:8e:df:3a:72:
01:27:9f:64:6c:93:68:ea:e6:b5:60:3d:e5:6f:68:
b7:48:ab:a8:73:66:dc:0a:2c:d2:7a:ce:ac:d5:8d:
8b:ef:35:db:e8:8c:1e:a2:18:83:20:d1:f1:0c:1e:
85:11:93:13:74:41:9b:ba:28:0c:d4:b7:1a:9a:68:
03:23:fe:6e:84:df:f8:59:fa:10:a4:74:40:67:bd:
1e:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:FE:D6:91:83:DB:EA:9F:B2:5E:6B:51:07:67:45:60:67:C6:6A:55
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/CP7WkYPb6p-yXmtRB2dFYGfGalU.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
aa:0d:47:d8:7d:1b:f7:36:0a:70:5e:38:7c:85:51:18:e8:ca:
33:12:f3:e5:fd:4a:c1:ac:6f:da:31:2b:f4:4d:af:58:5a:1d:
be:89:b2:5f:d5:3c:3e:20:cb:3d:7e:a5:92:a8:ae:b1:d7:d5:
ac:07:64:21:6a:aa:b7:98:94:d2:b2:6f:67:bf:01:9e:53:05:
76:47:1c:fd:ba:ea:66:c6:d6:3b:38:bf:dc:32:df:ab:f0:26:
bb:80:c2:e7:dd:e4:06:43:c2:02:36:db:2e:88:18:78:b2:a1:
37:2f:d4:87:4d:0b:31:b0:24:4c:e2:a0:ec:4e:82:21:c9:63:
b3:3c:2e:32:55:29:46:90:0e:3e:3c:fb:33:55:c9:17:26:55:
db:36:83:20:1c:1b:16:a8:03:32:75:8d:09:2c:57:14:82:c5:
91:1c:d0:11:4d:da:ca:5c:bc:37:9b:f9:2f:3a:84:84:a4:56:
61:79:67:11:42:3d:4d:57:ad:bd:b3:08:c2:a5:f3:f9:62:3c:
ee:d8:09:c2:aa:59:c2:97:d1:67:1a:64:76:27:e5:db:6d:27:
43:5e:b6:b8:ed:d9:1c:21:06:fe:0e:93:35:b4:a6:d8:f9:54:
73:92:f2:a0:c3:91:96:b8:2c:0f:d8:86:bd:3e:19:37:4d:63:
13:a8:b0:ec
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICB9UwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTcx
MjM4MzlaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDA4RkVENjkxODNEQkVB
OUZCMjVFNkI1MTA3Njc0NTYwNjdDNjZBNTUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDDGXqeOWrIvNMdecnsyZjWBumHZx6L4bOPYXHG9Ol50hebc3Ls
tk8alT6HBs4P1A4NQgYqaX8MbPGrBvqjP7Vv1b9gbhIQ8M5aqTOPau1PjeKF35jm
gsoFDLpqQbqbkZ/8KNjsvE4Iazf91vvhWmXnrs47glsP9l/LPUpRMkhNWqN5vHYp
JVh0fvPfv4tbmrwwNpnZVODXK91onZH3D37avG5DHtUoIHW/aDwNAWqwjt86cgEn
n2Rsk2jq5rVgPeVvaLdIq6hzZtwKLNJ6zqzVjYvvNdvojB6iGIMg0fEMHoURkxN0
QZu6KAzUtxqaaAMj/m6E3/hZ+hCkdEBnvR7LAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUCP7WkYPb6p+yXmtRB2dFYGfGalUwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9DUDdXa1lQYjZwLXlYbXRS
QjJkRllHZkdhbFUucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBAKoNR9h9G/c2CnBeOHyFURjoyjMS8+X9SsGs
b9oxK/RNr1haHb6Jsl/VPD4gyz1+pZKorrHX1awHZCFqqreYlNKyb2e/AZ5TBXZH
HP266mbG1js4v9wy36vwJruAwufd5AZDwgI22y6IGHiyoTcv1IdNCzGwJEzioOxO
giHJY7M8LjJVKUaQDj48+zNVyRcmVds2gyAcGxaoAzJ1jQksVxSCxZEc0BFN2spc
vDeb+S86hISkVmF5ZxFCPU1Xrb2zCMKl8/liPO7YCcKqWcKX0WcaZHYn5dttJ0Ne
trjt2RwhBv4OkzW0ptj5VHOS8qDDkZa4LA/Yhr0+GTdNYxOosOw=
-----END CERTIFICATE-----
Generated at Sat Jun 21 09:42:55 2025 by rpki-client