Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/eCdBSopU-Tckyr3KHfqL4zNJ9wU.roa
File: eCdBSopU-Tckyr3KHfqL4zNJ9wU.roa (raw, json)
Hash identifier: 8MnPMWl+TFJgEW/JPtC2fxKEmvmS1oiwm7HeTc7aZhc=
Subject key identifier: 78:27:41:4A:8A:54:F9:37:24:CA:BD:CA:1D:FA:8B:E3:33:49:F7:05
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 15E5
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/eCdBSopU-Tckyr3KHfqL4zNJ9wU.roa
Signing time: Thu 05 Jun 2025 06:39:23 +0000
ROA not before: Thu 05 Jun 2025 06:39:23 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5605 (0x15e5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 5 06:39:23 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=7827414A8A54F93724CABDCA1DFA8BE33349F705
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:c3:12:61:7a:73:8a:67:f4:04:7c:bc:ad:e7:
1e:fa:c7:93:6f:d2:0e:9c:53:68:b6:7f:67:c5:5d:
8c:30:3f:fb:50:b0:75:73:b2:bd:83:fc:19:93:e4:
7f:19:3e:d7:61:da:97:65:50:6e:75:9d:82:a8:0c:
0a:59:df:c4:e3:7a:dd:68:2a:56:c6:bc:a2:c6:e3:
32:a4:80:8d:26:dc:93:1b:f4:0c:c1:ef:1e:e3:a2:
bf:a8:fe:54:be:86:3f:d4:60:25:eb:68:96:5b:f8:
d0:0e:7c:e3:cb:81:e9:9d:72:e4:e6:45:ca:3b:3a:
5d:c7:c9:40:8d:23:d6:77:d8:2d:39:78:e2:46:69:
1a:39:87:b8:c8:f5:b0:87:a3:57:3e:ab:7c:25:48:
7c:65:56:d7:69:75:d7:fb:36:8b:66:b3:a8:a8:81:
d0:05:f0:82:cb:3c:15:e5:ac:19:03:db:8a:44:27:
05:0f:05:d8:17:3b:68:50:e2:2d:23:bd:86:a2:71:
cc:5e:27:07:03:52:a6:65:1d:eb:db:b6:55:ed:53:
6b:dd:9c:bb:ba:71:4c:c7:a2:a5:82:97:55:2b:1d:
60:8b:e6:3d:2f:d4:ea:58:78:c1:e9:d5:8d:7b:89:
16:8a:e5:27:4b:3d:44:fd:f9:2a:09:8d:57:2d:8d:
f5:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:27:41:4A:8A:54:F9:37:24:CA:BD:CA:1D:FA:8B:E3:33:49:F7:05
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/eCdBSopU-Tckyr3KHfqL4zNJ9wU.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
3b:4c:4b:e0:fa:e5:e2:06:af:e0:96:d6:51:c1:bc:7c:d9:3f:
93:43:73:aa:05:12:79:92:bd:25:4b:5a:60:56:cf:79:78:06:
eb:da:c9:de:94:ed:aa:08:84:3e:95:65:2f:de:b9:81:6e:f5:
47:9c:2e:13:96:62:28:7d:76:58:22:91:26:fc:2b:27:40:c8:
7c:86:9b:1c:72:24:dd:ac:07:41:8e:c9:80:24:48:36:86:6e:
02:36:a6:58:84:1f:19:ce:62:9b:a3:0f:79:ce:3f:1f:d1:ff:
ec:ea:54:f8:74:be:8d:5d:42:91:9a:77:e1:72:31:8c:62:5d:
68:fe:09:1a:30:0a:92:04:76:2b:ce:5b:c4:98:cf:cb:36:21:
96:cd:b4:90:68:5e:8b:c3:13:0d:18:b1:da:df:df:60:ca:35:
f6:48:b2:ab:74:c5:f0:1f:eb:f3:d6:18:3c:66:cb:07:74:c2:
6e:70:09:cc:cc:0d:f0:01:5b:14:b8:e4:5d:25:30:2c:fe:bf:
2d:8d:c7:d6:bb:c8:92:2e:7b:c1:79:de:3a:61:8c:0e:e0:60:
e4:43:02:f7:01:16:76:8b:06:0b:0a:15:35:f4:3d:4c:1b:22:
6f:5b:9b:a7:d3:c6:a6:8a:4a:1e:3a:56:6b:94:1a:79:c2:e9:
d1:78:d8:c3
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICFeUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MDUw
NjM5MjNaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDc4Mjc0MTRBOEE1NEY5
MzcyNENBQkRDQTFERkE4QkUzMzM0OUY3MDUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDZwxJhenOKZ/QEfLyt5x76x5Nv0g6cU2i2f2fFXYwwP/tQsHVz
sr2D/BmT5H8ZPtdh2pdlUG51nYKoDApZ38Tjet1oKlbGvKLG4zKkgI0m3JMb9AzB
7x7jor+o/lS+hj/UYCXraJZb+NAOfOPLgemdcuTmRco7Ol3HyUCNI9Z32C05eOJG
aRo5h7jI9bCHo1c+q3wlSHxlVtdpddf7Notms6iogdAF8ILLPBXlrBkD24pEJwUP
BdgXO2hQ4i0jvYaiccxeJwcDUqZlHevbtlXtU2vdnLu6cUzHoqWCl1UrHWCL5j0v
1OpYeMHp1Y17iRaK5SdLPUT9+SoJjVctjfUxAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUeCdBSopU+Tckyr3KHfqL4zNJ9wUwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9lQ2RCU29wVS1UY2t5cjNL
SGZxTDR6Tko5d1Uucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBADtMS+D65eIGr+CW1lHBvHzZP5NDc6oFEnmS
vSVLWmBWz3l4Buvayd6U7aoIhD6VZS/euYFu9UecLhOWYih9dlgikSb8KydAyHyG
mxxyJN2sB0GOyYAkSDaGbgI2pliEHxnOYpujD3nOPx/R/+zqVPh0vo1dQpGad+Fy
MYxiXWj+CRowCpIEdivOW8SYz8s2IZbNtJBoXovDEw0Ysdrf32DKNfZIsqt0xfAf
6/PWGDxmywd0wm5wCczMDfABWxS45F0lMCz+vy2Nx9a7yJIue8F53jphjA7gYORD
AvcBFnaLBgsKFTX0PUwbIm9bm6fTxqaKSh46VmuUGnnC6dF42MM=
-----END CERTIFICATE-----
Generated at Fri Jun 20 19:42:13 2025 by rpki-client