Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/EIm3ZAK3HX2UfffcfPlC0-PbjYA.roa
File: EIm3ZAK3HX2UfffcfPlC0-PbjYA.roa (raw, json)
Hash identifier: fC6KguneGibNxWJ+FLf8Fz0Bj0uIWswCkrakq3sMAcU=
Subject key identifier: 10:89:B7:64:02:B7:1D:7D:94:7D:F7:DC:7C:F9:42:D3:E3:DB:8D:80
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 1859
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/EIm3ZAK3HX2UfffcfPlC0-PbjYA.roa
Signing time: Sun 08 Jun 2025 13:09:45 +0000
ROA not before: Sun 08 Jun 2025 13:09:45 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6233 (0x1859)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 8 13:09:45 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=1089B76402B71D7D947DF7DC7CF942D3E3DB8D80
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:46:e2:ce:8a:9d:d2:5c:82:fe:d0:78:13:13:
64:fa:66:18:db:04:9b:2b:b8:0e:12:ba:7b:97:f9:
b0:0e:1b:3c:39:1d:6a:08:62:34:82:29:7d:61:85:
9a:20:c0:21:83:fd:d5:29:ca:58:a4:e7:9b:a8:2b:
37:21:ec:67:3a:aa:2a:3e:8e:9f:42:85:65:df:10:
87:30:9a:92:65:df:51:bd:f4:19:3d:77:5f:bb:ad:
81:48:2b:5b:5d:94:fa:5a:4d:2b:c7:64:5a:0b:d3:
ab:b4:c2:50:3b:39:9f:0b:69:48:01:c1:13:5f:f7:
ab:7b:2e:b1:50:0b:a7:c7:e4:1d:68:7c:8b:df:c1:
aa:a3:17:d6:65:f2:98:ba:3e:1e:ce:2e:8d:30:9c:
40:04:b6:b7:96:2d:26:b6:c4:cd:54:e3:c5:f2:3e:
d5:8d:7d:6c:f1:62:f1:dc:e4:78:6e:38:ec:6d:8a:
52:33:d3:46:f1:41:df:27:9f:d0:ed:59:25:99:03:
6d:eb:34:86:39:66:c1:1e:a8:c4:ca:73:6c:2f:92:
1b:95:ac:52:bb:73:d4:7c:3c:f6:1b:53:0a:73:90:
f9:bc:9c:a2:f3:51:d1:85:ea:59:a6:40:ab:4e:fa:
e9:f9:d8:07:37:a8:bf:8c:c0:01:e5:45:4b:f2:af:
f1:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:89:B7:64:02:B7:1D:7D:94:7D:F7:DC:7C:F9:42:D3:E3:DB:8D:80
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/EIm3ZAK3HX2UfffcfPlC0-PbjYA.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
31:5a:48:58:78:c9:4b:77:d6:e4:04:df:ae:86:b0:be:0d:bb:
99:08:ab:89:6e:59:ae:ef:69:cc:79:d1:83:40:35:93:1e:fc:
b8:ae:40:54:20:4e:be:d0:f0:72:24:34:ee:a9:00:bf:df:c1:
a9:2f:6d:fe:70:25:d3:b3:d7:e3:de:ad:09:db:9b:2a:d2:11:
02:da:75:8a:e2:ba:9d:f1:73:42:39:2d:25:e8:0d:29:45:d6:
65:79:67:72:07:b6:3b:30:2a:6d:94:f4:e1:ed:c6:c4:18:29:
11:5e:f0:59:d6:da:f6:6e:00:8a:ad:2f:a2:4c:bb:bb:93:ab:
dd:fc:ab:98:d5:2f:9e:e0:39:3c:67:c8:5a:c4:8c:7e:ef:74:
e3:42:83:6b:c2:83:b0:ae:9e:50:5b:5b:00:c5:50:01:6f:36:
07:bc:6e:17:e7:d7:1c:68:49:05:09:7b:3e:47:19:a2:8c:e7:
cb:aa:ca:86:b1:bd:a9:3d:7e:ff:f6:ef:d5:74:75:7c:8c:17:
c9:c0:b1:3a:61:8e:16:c3:0b:f2:90:de:2f:0c:6d:ae:52:e9:
20:1c:91:2f:d0:ce:5e:94:b6:5a:54:2d:ce:54:0f:f8:09:eb:
de:ad:10:f7:1a:d3:fe:29:e9:70:24:89:51:c2:47:f1:51:e9:
2d:ff:b4:d5
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICGFkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MDgx
MzA5NDVaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDEwODlCNzY0MDJCNzFE
N0Q5NDdERjdEQzdDRjk0MkQzRTNEQjhEODAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDYRuLOip3SXIL+0HgTE2T6ZhjbBJsruA4SunuX+bAOGzw5HWoI
YjSCKX1hhZogwCGD/dUpylik55uoKzch7Gc6qio+jp9ChWXfEIcwmpJl31G99Bk9
d1+7rYFIK1tdlPpaTSvHZFoL06u0wlA7OZ8LaUgBwRNf96t7LrFQC6fH5B1ofIvf
waqjF9Zl8pi6Ph7OLo0wnEAEtreWLSa2xM1U48XyPtWNfWzxYvHc5HhuOOxtilIz
00bxQd8nn9DtWSWZA23rNIY5ZsEeqMTKc2wvkhuVrFK7c9R8PPYbUwpzkPm8nKLz
UdGF6lmmQKtO+un52Ac3qL+MwAHlRUvyr/HxAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUEIm3ZAK3HX2UfffcfPlC0+PbjYAwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9FSW0zWkFLM0hYMlVmZmZj
ZlBsQzAtUGJqWUEucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBADFaSFh4yUt31uQE366GsL4Nu5kIq4luWa7v
acx50YNANZMe/LiuQFQgTr7Q8HIkNO6pAL/fwakvbf5wJdOz1+PerQnbmyrSEQLa
dYriup3xc0I5LSXoDSlF1mV5Z3IHtjswKm2U9OHtxsQYKRFe8FnW2vZuAIqtL6JM
u7uTq938q5jVL57gOTxnyFrEjH7vdONCg2vCg7CunlBbWwDFUAFvNge8bhfn1xxo
SQUJez5HGaKM58uqyoaxvak9fv/279V0dXyMF8nAsTphjhbDC/KQ3i8Mba5S6SAc
kS/Qzl6UtlpULc5UD/gJ696tEPca0/4p6XAkiVHCR/FR6S3/tNU=
-----END CERTIFICATE-----
Generated at Fri Jun 20 10:04:07 2025 by rpki-client