Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/etFa2eMncGqEuBdAzyZLTx2pLdE.roa
File: etFa2eMncGqEuBdAzyZLTx2pLdE.roa (raw, json)
Hash identifier: Nki2X1AwIeAVvPq7rc+/c0gsL3ergLZgEY8aJwIsrsI=
Subject key identifier: 7A:D1:5A:D9:E3:27:70:6A:84:B8:17:40:CF:26:4B:4F:1D:A9:2D:D1
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 1CBD
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/etFa2eMncGqEuBdAzyZLTx2pLdE.roa
Signing time: Sat 14 Jun 2025 09:40:03 +0000
ROA not before: Sat 14 Jun 2025 09:40:03 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7357 (0x1cbd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 14 09:40:03 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=7AD15AD9E327706A84B81740CF264B4F1DA92DD1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:61:09:29:e2:bd:1c:2c:e3:f1:9c:b3:e5:fa:
5e:c2:ff:d7:c3:36:23:1d:ee:d6:b7:a7:15:3a:10:
48:43:61:80:67:c8:85:a4:cc:e7:f5:cb:14:f0:d2:
40:01:48:b3:20:ac:12:3b:c4:93:1e:fb:39:c5:12:
d6:c8:48:1c:76:29:67:a7:7f:5e:c2:e9:0b:64:a2:
26:d9:bb:aa:22:9e:be:51:2c:b4:36:14:4e:a2:1f:
cf:8b:e0:7a:23:b9:db:0f:31:2f:b6:fd:88:fe:33:
a3:a6:ad:c6:ee:cb:8d:9d:b1:70:b8:f4:e4:66:07:
ea:8c:5b:66:a9:56:96:8c:2e:0d:aa:4d:81:18:c9:
64:8c:93:d5:0f:1b:f2:45:77:ba:3b:e7:d8:8b:fc:
ff:56:37:42:fe:9f:a5:e8:64:a5:db:0f:2e:27:31:
9c:9b:04:73:b4:23:d1:6a:de:37:17:bd:59:dd:43:
8c:90:8d:59:75:99:e1:48:f3:9d:d6:61:c1:6f:d6:
61:6d:06:32:12:10:dd:50:8f:17:fe:35:2e:3c:f3:
b2:6f:98:cf:b1:19:f1:b9:c3:c6:e5:65:37:90:c2:
5e:b6:83:b5:09:e1:6a:a0:f4:98:4d:f1:7b:2b:29:
53:82:99:1f:a7:28:d6:c4:fd:10:3f:f8:1b:5a:38:
de:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:D1:5A:D9:E3:27:70:6A:84:B8:17:40:CF:26:4B:4F:1D:A9:2D:D1
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/etFa2eMncGqEuBdAzyZLTx2pLdE.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
9e:86:36:d8:44:5e:c7:1f:d8:12:26:3d:0e:32:de:99:b3:52:
0d:39:6e:42:fc:58:8f:15:c9:2e:be:aa:41:9b:56:48:ef:63:
e6:05:dc:48:b5:77:ee:6a:8e:4d:87:98:84:16:c1:50:dd:74:
7e:35:54:20:d4:dd:bf:e2:85:6a:f9:17:33:15:a4:b5:74:d2:
f2:7e:c4:3f:dc:d1:e7:8e:94:b0:66:8d:5b:6a:b8:6f:74:72:
0c:8e:06:77:6e:b9:c0:e8:c3:c1:35:d1:77:c8:58:7a:da:91:
02:b1:fa:25:bd:3f:9f:56:73:d5:63:b2:d3:ad:cc:61:0a:c9:
d4:c9:49:5a:56:2b:13:3d:ac:36:b6:95:0f:01:6f:b0:ef:d1:
9b:09:5d:7d:dd:48:f9:81:54:dc:25:52:ff:e6:9e:b9:c4:a3:
e8:b4:7b:f6:50:f5:01:53:4f:55:6a:f4:79:be:20:c5:fe:6f:
cb:80:aa:35:cd:63:75:a3:e9:94:ff:4a:7d:7a:0a:23:d7:0f:
8a:e4:32:f2:3a:a0:af:84:99:5a:ab:8d:46:12:db:45:96:68:
51:04:ce:90:75:b0:75:9a:f3:24:21:d1:42:68:b3:59:4d:e7:
8d:52:00:80:fc:27:d5:3d:ec:95:2c:9c:8e:1c:9c:a8:33:0a:
f2:3f:f7:82
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICHL0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MTQw
OTQwMDNaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDdBRDE1QUQ5RTMyNzcw
NkE4NEI4MTc0MENGMjY0QjRGMURBOTJERDEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDRYQkp4r0cLOPxnLPl+l7C/9fDNiMd7ta3pxU6EEhDYYBnyIWk
zOf1yxTw0kABSLMgrBI7xJMe+znFEtbISBx2KWenf17C6QtkoibZu6oinr5RLLQ2
FE6iH8+L4HojudsPMS+2/Yj+M6Omrcbuy42dsXC49ORmB+qMW2apVpaMLg2qTYEY
yWSMk9UPG/JFd7o759iL/P9WN0L+n6XoZKXbDy4nMZybBHO0I9Fq3jcXvVndQ4yQ
jVl1meFI853WYcFv1mFtBjISEN1Qjxf+NS4887JvmM+xGfG5w8blZTeQwl62g7UJ
4Wqg9JhN8XsrKVOCmR+nKNbE/RA/+BtaON4JAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUetFa2eMncGqEuBdAzyZLTx2pLdEwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9ldEZhMmVNbmNHcUV1QmRB
enlaTFR4MnBMZEUucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBAJ6GNthEXscf2BImPQ4y3pmzUg05bkL8WI8V
yS6+qkGbVkjvY+YF3Ei1d+5qjk2HmIQWwVDddH41VCDU3b/ihWr5FzMVpLV00vJ+
xD/c0eeOlLBmjVtquG90cgyOBnduucDow8E10XfIWHrakQKx+iW9P59Wc9VjstOt
zGEKydTJSVpWKxM9rDa2lQ8Bb7Dv0ZsJXX3dSPmBVNwlUv/mnrnEo+i0e/ZQ9QFT
T1Vq9Hm+IMX+b8uAqjXNY3Wj6ZT/Sn16CiPXD4rkMvI6oK+EmVqrjUYS20WWaFEE
zpB1sHWa8yQh0UJos1lN541SAID8J9U97JUsnI4cnKgzCvI/94I=
-----END CERTIFICATE-----
Generated at Sun Jun 22 03:29:46 2025 by rpki-client