Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/Y6ENL95pBlORaQSPne1hydftFYw.roa
File: Y6ENL95pBlORaQSPne1hydftFYw.roa (raw, json)
Hash identifier: TsIkJPZ7ZvDI2B07Jhr2UDIxSJsLU0SRPn1Y1PnWqkA=
Subject key identifier: 63:A1:0D:2F:DE:69:06:53:91:69:04:8F:9D:ED:61:C9:D7:ED:15:8C
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 17CD
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/Y6ENL95pBlORaQSPne1hydftFYw.roa
Signing time: Sat 07 Jun 2025 19:39:31 +0000
ROA not before: Sat 07 Jun 2025 19:39:31 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6093 (0x17cd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 7 19:39:31 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=63A10D2FDE6906539169048F9DED61C9D7ED158C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:29:1e:46:40:3b:7a:af:0d:20:fa:3e:c5:73:
a1:c3:87:49:61:2e:2b:05:36:a8:c2:55:b0:61:e7:
ce:15:06:1b:55:3f:49:51:3d:87:9e:d2:a4:ec:dc:
f0:ab:39:63:3e:69:38:7d:14:06:69:20:11:d7:91:
e7:b2:c9:37:2e:4a:f5:ae:ac:5d:d1:d3:73:f2:ce:
a2:25:74:dd:24:2c:bd:99:c7:8d:70:64:f6:d1:c6:
a1:33:ba:b5:43:98:56:90:c3:99:c9:a2:b7:0e:16:
af:91:4c:0a:c1:13:a0:4e:c9:3f:ee:7b:10:19:65:
71:1f:89:85:54:c0:db:21:7d:8d:e8:10:7a:01:ab:
ea:ad:a5:43:1f:ea:6f:85:a8:3f:57:65:26:74:03:
ab:f4:7e:50:4c:93:d4:f3:f2:03:1d:28:62:fc:73:
37:cc:c1:3b:f2:04:a1:82:6d:70:f7:15:6d:8d:d7:
00:9c:e3:f8:6b:96:54:18:7e:bc:b5:28:79:de:6d:
13:13:da:6e:c5:64:52:f9:40:5e:22:36:e0:57:20:
23:31:66:fa:ae:4d:58:66:c0:4f:7d:65:e0:e9:b3:
f2:b5:91:6b:b1:3b:41:31:08:7b:46:7f:62:5c:18:
a8:b7:b2:bd:91:86:8f:69:24:1b:37:b2:5e:4c:83:
fb:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:A1:0D:2F:DE:69:06:53:91:69:04:8F:9D:ED:61:C9:D7:ED:15:8C
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/Y6ENL95pBlORaQSPne1hydftFYw.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
50:03:85:0d:8e:dd:97:bf:3f:cb:7b:48:30:ba:dc:2d:fc:9d:
86:3c:9d:24:fd:ee:9e:7c:1b:44:66:87:62:b5:5e:3d:0b:94:
be:80:e4:11:a5:b0:91:44:1b:6e:b9:1e:9c:a7:83:ef:ac:28:
0e:61:69:57:38:2e:bb:f4:aa:e4:37:7e:39:6c:37:da:49:a8:
f3:15:bc:ba:d2:9a:32:3e:b7:0e:3f:0c:ab:96:b2:f6:be:a9:
e6:17:d4:fd:5a:a5:a7:34:98:93:80:68:1a:ae:e9:22:cb:8e:
28:e9:fd:14:ed:b0:70:b8:eb:f0:a1:35:e2:a3:ae:ad:33:a0:
10:2b:d4:89:bd:ba:43:54:0a:2c:84:73:37:c2:4f:20:b0:77:
cd:a7:e0:cb:94:64:56:d2:87:a7:9b:b7:36:f8:48:76:d5:4a:
3d:a8:ed:c1:eb:b0:b8:2c:77:bd:05:a1:4c:96:fa:02:02:37:
dc:96:41:78:b3:b0:9e:be:6c:14:85:d0:4b:f5:00:6e:2a:07:
f4:08:d6:3d:6e:e7:fd:bc:6f:b4:c7:c5:5d:14:f8:c9:e5:6b:
9f:3b:26:94:1e:c2:ec:5b:9a:f2:86:6e:cc:03:00:3d:de:48:
88:b8:75:48:3b:32:6b:e5:bf:4c:f8:8f:d4:27:91:5f:94:8f:
2b:45:05:0d
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICF80wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MDcx
OTM5MzFaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDYzQTEwRDJGREU2OTA2
NTM5MTY5MDQ4RjlERUQ2MUM5RDdFRDE1OEMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDHKR5GQDt6rw0g+j7Fc6HDh0lhLisFNqjCVbBh584VBhtVP0lR
PYee0qTs3PCrOWM+aTh9FAZpIBHXkeeyyTcuSvWurF3R03PyzqIldN0kLL2Zx41w
ZPbRxqEzurVDmFaQw5nJorcOFq+RTArBE6BOyT/uexAZZXEfiYVUwNshfY3oEHoB
q+qtpUMf6m+FqD9XZSZ0A6v0flBMk9Tz8gMdKGL8czfMwTvyBKGCbXD3FW2N1wCc
4/hrllQYfry1KHnebRMT2m7FZFL5QF4iNuBXICMxZvquTVhmwE99ZeDps/K1kWux
O0ExCHtGf2JcGKi3sr2Rho9pJBs3sl5Mg/u/AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUY6ENL95pBlORaQSPne1hydftFYwwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9ZNkVOTDk1cEJsT1JhUVNQ
bmUxaHlkZnRGWXcucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBAFADhQ2O3Ze/P8t7SDC63C38nYY8nST97p58
G0Rmh2K1Xj0LlL6A5BGlsJFEG265Hpyng++sKA5haVc4Lrv0quQ3fjlsN9pJqPMV
vLrSmjI+tw4/DKuWsva+qeYX1P1apac0mJOAaBqu6SLLjijp/RTtsHC46/ChNeKj
rq0zoBAr1Im9ukNUCiyEczfCTyCwd82n4MuUZFbSh6ebtzb4SHbVSj2o7cHrsLgs
d70FoUyW+gICN9yWQXizsJ6+bBSF0Ev1AG4qB/QI1j1u5/28b7THxV0U+Mnla587
JpQewuxbmvKGbswDAD3eSIi4dUg7Mmvlv0z4j9QnkV+UjytFBQ0=
-----END CERTIFICATE-----
Generated at Fri Jun 20 18:08:31 2025 by rpki-client