Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/hrf-E_7f6_ixPcMP4HRy1PQXxoQ.roa
File: hrf-E_7f6_ixPcMP4HRy1PQXxoQ.roa (raw, json)
Hash identifier: ep1I19AHqC384IU8pZrvFA13hLqouWQJ0QhlfBRThpE=
Subject key identifier: 86:B7:FE:13:FE:DF:EB:F8:B1:3D:C3:0F:E0:74:72:D4:F4:17:C6:84
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 1A6D
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/hrf-E_7f6_ixPcMP4HRy1PQXxoQ.roa
Signing time: Wed 11 Jun 2025 07:40:31 +0000
ROA not before: Wed 11 Jun 2025 07:40:31 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6765 (0x1a6d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 11 07:40:31 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=86B7FE13FEDFEBF8B13DC30FE07472D4F417C684
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fb:6a:8e:c4:0c:43:39:88:44:fc:9d:bd:ab:b9:
ff:c2:ef:83:83:e9:04:3f:fa:b1:af:0f:94:b8:7f:
b4:b5:69:e4:ba:fb:b4:0c:30:5a:c0:eb:14:c1:48:
67:e0:8f:6d:5b:21:48:71:5b:86:cb:dd:45:43:67:
5f:6a:82:ae:40:41:0d:01:be:38:65:aa:ad:a5:b6:
54:d2:db:66:b9:12:d0:24:f7:35:3b:b3:77:84:5a:
52:90:72:6e:98:8c:07:3b:1e:51:cb:53:2f:3f:2b:
3c:e8:cd:fe:f7:8b:53:06:69:58:d7:bb:75:2a:9b:
49:bd:05:07:1a:0f:26:b9:75:31:64:c0:f9:59:4d:
0a:54:f6:11:72:7e:68:bb:89:ea:63:10:ad:21:74:
9e:59:8b:14:70:14:db:78:4d:42:94:d9:2a:59:03:
dd:97:93:cf:6d:1a:61:30:74:f4:8e:94:84:71:eb:
63:af:ad:93:aa:68:c6:89:45:c7:b9:1e:b0:0c:5f:
18:20:34:8d:dd:29:b6:5b:94:95:ad:8d:da:72:ef:
45:16:39:a1:d9:64:f0:8f:09:61:1a:34:3a:27:19:
7f:65:81:47:58:ab:b1:84:59:74:1f:79:bf:b7:51:
34:58:a4:04:ab:13:ef:32:6e:9b:37:cf:40:0f:3b:
07:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:B7:FE:13:FE:DF:EB:F8:B1:3D:C3:0F:E0:74:72:D4:F4:17:C6:84
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/hrf-E_7f6_ixPcMP4HRy1PQXxoQ.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
60:d1:64:f5:ad:2b:0d:0d:8d:ab:0a:0f:ab:93:cf:12:aa:be:
41:ab:c1:67:02:15:d9:7a:ae:a1:b7:79:1f:3e:72:4f:e9:15:
58:d4:92:df:d2:e9:66:ff:66:2a:37:15:f1:d6:49:e9:f4:f8:
17:98:44:ec:f6:6f:4d:30:2a:34:39:a4:df:c5:ae:30:67:86:
7a:8b:e4:f7:7c:35:04:07:83:2f:b5:19:69:02:ad:23:da:1c:
b3:8a:ec:da:eb:88:fb:b5:76:bd:fc:64:90:04:40:79:a0:1c:
7e:1c:5d:eb:47:71:77:f5:e7:1c:2d:0b:84:0c:f8:6c:65:d6:
e6:db:ab:f5:9a:7f:e0:e2:c2:5b:2d:98:32:dd:bf:e1:f6:bf:
00:d0:cb:11:0a:d2:17:48:22:15:e3:33:4a:18:10:54:e1:a4:
71:d3:34:dc:a1:0d:22:ef:0e:fa:6d:fc:59:4d:94:3a:ef:fb:
44:3e:c0:5f:1b:6b:e5:a7:9b:a6:9b:c9:12:9c:63:d2:63:1e:
4a:72:46:7a:e7:76:13:03:ec:ce:c3:a5:92:9a:ee:78:13:72:
65:1e:fc:3f:d9:ba:a0:34:96:1a:33:34:4a:c4:3e:52:82:04:
8a:f7:1c:7a:1f:a4:0d:32:d1:d1:0f:ec:64:6a:99:24:35:8e:
b8:40:ef:57
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICGm0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MTEw
NzQwMzFaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDg2QjdGRTEzRkVERkVC
RjhCMTNEQzMwRkUwNzQ3MkQ0RjQxN0M2ODQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQD7ao7EDEM5iET8nb2ruf/C74OD6QQ/+rGvD5S4f7S1aeS6+7QM
MFrA6xTBSGfgj21bIUhxW4bL3UVDZ19qgq5AQQ0Bvjhlqq2ltlTS22a5EtAk9zU7
s3eEWlKQcm6YjAc7HlHLUy8/Kzzozf73i1MGaVjXu3Uqm0m9BQcaDya5dTFkwPlZ
TQpU9hFyfmi7iepjEK0hdJ5ZixRwFNt4TUKU2SpZA92Xk89tGmEwdPSOlIRx62Ov
rZOqaMaJRce5HrAMXxggNI3dKbZblJWtjdpy70UWOaHZZPCPCWEaNDonGX9lgUdY
q7GEWXQfeb+3UTRYpASrE+8ybps3z0APOwfvAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUhrf+E/7f6/ixPcMP4HRy1PQXxoQwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9ocmYtRV83ZjZfaXhQY01Q
NEhSeTFQUVh4b1Eucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBAGDRZPWtKw0NjasKD6uTzxKqvkGrwWcCFdl6
rqG3eR8+ck/pFVjUkt/S6Wb/Zio3FfHWSen0+BeYROz2b00wKjQ5pN/FrjBnhnqL
5Pd8NQQHgy+1GWkCrSPaHLOK7NrriPu1dr38ZJAEQHmgHH4cXetHcXf15xwtC4QM
+Gxl1ubbq/Waf+DiwlstmDLdv+H2vwDQyxEK0hdIIhXjM0oYEFThpHHTNNyhDSLv
Dvpt/FlNlDrv+0Q+wF8ba+Wnm6abyRKcY9JjHkpyRnrndhMD7M7DpZKa7ngTcmUe
/D/ZuqA0lhozNErEPlKCBIr3HHofpA0y0dEP7GRqmSQ1jrhA71c=
-----END CERTIFICATE-----
Generated at Sat Jun 21 14:52:05 2025 by rpki-client