Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/EFFfVQ7cizlOn-n0QL4L6i1GR9I.roa
File: EFFfVQ7cizlOn-n0QL4L6i1GR9I.roa (raw, json)
Hash identifier: ZE3Md5hv8KBlKxDjTqUbvqElFPw3fSzzPiJo/fGFMbQ=
Subject key identifier: 10:51:5F:55:0E:DC:8B:39:4E:9F:E9:F4:40:BE:0B:EA:2D:46:47:D2
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 024D
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/EFFfVQ7cizlOn-n0QL4L6i1GR9I.roa
Signing time: Sat 10 May 2025 03:37:51 +0000
ROA not before: Sat 10 May 2025 03:37:51 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 589 (0x24d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 10 03:37:51 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=10515F550EDC8B394E9FE9F440BE0BEA2D4647D2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:2e:7c:39:4b:80:06:63:fc:1e:9e:54:4e:61:
9d:e4:b1:c1:0a:52:e1:00:a1:1e:ec:8f:47:6c:09:
8d:1a:28:dc:aa:96:a0:47:0e:cc:b3:4e:30:aa:b8:
c7:bc:79:c7:d6:1e:e8:a6:8e:c0:09:69:be:8d:ac:
4e:b2:e0:8b:da:ea:c4:1b:c8:59:51:92:43:0c:ea:
c9:e2:c3:30:ff:a4:d1:04:3c:df:da:75:c5:13:50:
ef:2b:47:20:6f:47:c0:8b:09:88:83:bb:61:56:c8:
50:ca:b6:48:a2:92:64:50:c4:f4:4b:81:50:2a:43:
41:d4:6e:a1:4b:90:b3:d1:ba:76:af:51:45:dc:33:
9b:79:8d:77:1d:7a:e4:f9:45:68:91:df:82:b1:2f:
66:44:52:b4:08:60:fd:09:77:04:5a:be:24:07:3a:
49:cf:d0:a7:75:cf:ed:43:f6:8c:41:d9:7d:b5:1d:
27:f6:df:90:22:65:a9:29:8c:8b:be:89:fa:0e:8d:
ea:f1:a5:a3:e7:ca:99:0d:a0:09:c1:3f:17:1b:cc:
27:ef:32:87:43:b0:d1:d8:04:0c:6e:07:60:05:b2:
79:2b:58:cf:34:0b:8c:e5:93:3b:bf:bc:57:c2:e3:
0b:f3:26:da:04:a5:27:d0:f7:9c:f5:a9:60:3a:4a:
7b:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:51:5F:55:0E:DC:8B:39:4E:9F:E9:F4:40:BE:0B:EA:2D:46:47:D2
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/EFFfVQ7cizlOn-n0QL4L6i1GR9I.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
2a:e5:f0:7f:77:7c:bc:39:90:a3:f6:ad:c4:92:2e:ef:d9:4c:
0f:80:be:08:eb:8f:4d:7c:9d:98:47:9e:2f:85:d2:38:6f:99:
1d:47:a4:aa:8c:a7:8c:51:01:aa:04:7f:02:c0:1b:27:0f:3b:
31:62:2c:f2:b6:e4:ec:05:7b:6b:00:4b:dd:7c:8e:c9:4b:42:
86:82:27:57:66:81:9b:12:2c:fd:96:4f:0a:35:5d:1e:86:da:
0d:4e:ae:39:e0:dd:ab:8f:6f:6e:69:11:6e:bc:33:a5:53:62:
f9:e0:b5:1d:91:83:9a:1f:e2:82:64:0c:73:23:6d:f8:3e:db:
e3:85:b0:58:c9:5b:6f:b8:79:22:75:24:0e:e3:1c:86:e4:36:
ea:55:0e:16:0b:cd:51:c5:4f:88:a0:47:cd:a1:68:04:23:0b:
76:32:4f:02:9c:d1:59:ee:1d:8d:28:b0:c0:10:d8:bf:8f:73:
85:95:92:21:1e:35:6c:ad:7a:aa:c4:5c:08:78:8e:11:84:c8:
53:5f:e4:4e:47:8a:01:dc:c1:dd:28:d0:05:7b:ea:32:82:29:
68:57:99:f2:49:7a:a2:57:a7:bf:b5:ec:b9:25:74:54:33:64:
28:73:05:2d:00:86:9e:e7:1c:64:65:e4:e9:db:ab:41:17:81:
c1:5a:13:7f
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICAk0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTAw
MzM3NTFaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDEwNTE1RjU1MEVEQzhC
Mzk0RTlGRTlGNDQwQkUwQkVBMkQ0NjQ3RDIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDKLnw5S4AGY/wenlROYZ3kscEKUuEAoR7sj0dsCY0aKNyqlqBH
DsyzTjCquMe8ecfWHuimjsAJab6NrE6y4Iva6sQbyFlRkkMM6sniwzD/pNEEPN/a
dcUTUO8rRyBvR8CLCYiDu2FWyFDKtkiikmRQxPRLgVAqQ0HUbqFLkLPRunavUUXc
M5t5jXcdeuT5RWiR34KxL2ZEUrQIYP0JdwRaviQHOknP0Kd1z+1D9oxB2X21HSf2
35AiZakpjIu+ifoOjerxpaPnypkNoAnBPxcbzCfvModDsNHYBAxuB2AFsnkrWM80
C4zlkzu/vFfC4wvzJtoEpSfQ95z1qWA6SnurAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUEFFfVQ7cizlOn+n0QL4L6i1GR9IwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9FRkZmVlE3Y2l6bE9uLW4w
UUw0TDZpMUdSOUkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBACrl8H93fLw5kKP2rcSSLu/ZTA+Avgjrj018
nZhHni+F0jhvmR1HpKqMp4xRAaoEfwLAGycPOzFiLPK25OwFe2sAS918jslLQoaC
J1dmgZsSLP2WTwo1XR6G2g1Orjng3auPb25pEW68M6VTYvngtR2Rg5of4oJkDHMj
bfg+2+OFsFjJW2+4eSJ1JA7jHIbkNupVDhYLzVHFT4igR82haAQjC3YyTwKc0Vnu
HY0osMAQ2L+Pc4WVkiEeNWyteqrEXAh4jhGEyFNf5E5HigHcwd0o0AV76jKCKWhX
mfJJeqJXp7+17LkldFQzZChzBS0Ahp7nHGRl5Onbq0EXgcFaE38=
-----END CERTIFICATE-----
Generated at Sat Jun 21 21:12:57 2025 by rpki-client