Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/s-7mKM72InnENRs10oMXRoBprdM.roa
File: s-7mKM72InnENRs10oMXRoBprdM.roa (raw, json)
Hash identifier: DDT8YAznWNkydOzngscyLbErsrww1iyGBy0/4Nxmwes=
Subject key identifier: B3:EE:E6:28:CE:F6:22:79:C4:35:1B:35:D2:83:17:46:80:69:AD:D3
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 1B79
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/s-7mKM72InnENRs10oMXRoBprdM.roa
Signing time: Thu 12 Jun 2025 17:09:52 +0000
ROA not before: Thu 12 Jun 2025 17:09:52 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7033 (0x1b79)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 12 17:09:52 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=B3EEE628CEF62279C4351B35D28317468069ADD3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:eb:1b:27:15:19:f3:b5:89:f7:9f:39:21:cf:
ce:29:45:42:bc:a1:e4:17:68:b6:67:ea:49:30:1d:
16:90:13:b7:ff:3f:ef:bc:b6:c1:03:e9:13:43:05:
0d:71:3d:fa:3d:30:27:54:16:41:a0:c4:4c:cc:8f:
86:24:d7:26:8a:6c:dc:e0:96:6d:bc:29:ab:39:29:
ce:57:c4:6a:fe:dd:8b:de:a1:3c:25:fa:d4:ea:e0:
ad:35:6c:07:5d:23:4a:3a:f4:95:81:4a:69:68:cf:
cf:0f:e3:c4:ea:d4:12:fa:14:77:e6:db:1c:dd:05:
eb:82:92:2d:f8:b2:88:79:69:bb:44:19:cb:0b:90:
18:a4:af:1a:89:b6:24:dc:f7:2a:c1:0d:bf:48:c5:
60:e4:52:60:a5:90:c4:e6:9f:21:70:10:23:24:b9:
a6:f4:6c:35:cf:3c:f3:32:fd:52:8c:46:ca:bb:ee:
df:f7:2a:73:cb:de:a0:45:20:84:e8:6c:7f:5c:cb:
07:f7:1e:c1:3e:8f:26:67:ea:01:cb:60:21:fc:e9:
21:67:84:9e:a2:e3:ee:f1:0f:46:3f:e0:73:39:a8:
99:ef:98:41:9a:e0:da:0e:e1:13:ad:d7:77:3b:c8:
cf:fb:40:08:a7:5e:62:af:99:7f:7c:c0:6f:08:24:
83:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:EE:E6:28:CE:F6:22:79:C4:35:1B:35:D2:83:17:46:80:69:AD:D3
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/s-7mKM72InnENRs10oMXRoBprdM.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
52:82:4c:6c:b3:6f:76:53:6c:85:cf:64:17:66:63:da:67:3c:
9f:b9:7e:33:15:04:d8:ba:24:63:4d:ba:7f:e0:3a:88:f6:2d:
02:68:1a:26:34:64:5a:c2:f6:ea:89:d4:23:b8:d3:81:71:77:
8a:53:6c:87:83:37:26:c4:d9:9b:f4:c3:22:e9:12:db:bb:bf:
3c:fd:ee:71:c6:92:eb:84:f2:0c:2e:6d:fb:fd:69:e3:59:bc:
f3:2b:5a:32:2a:3f:ab:ec:56:4f:f0:da:4b:08:92:b8:9a:ca:
19:b2:e1:98:13:6d:e6:09:3f:93:32:e6:88:ae:03:86:28:0f:
69:b2:69:5f:a0:b6:e1:14:2c:2c:e7:91:43:8f:3d:9d:ab:52:
55:79:a5:55:46:5e:49:b3:40:1d:15:fd:85:fc:dd:e3:cd:b2:
39:58:ab:6d:62:56:81:2b:18:1e:f4:ff:5c:82:32:dd:c9:8e:
65:07:10:92:a5:d0:bf:7e:6c:1a:52:90:45:98:54:2f:16:95:
04:fd:17:23:24:60:66:3c:56:c5:4a:91:a1:33:5f:59:22:15:
77:4a:47:79:dd:6a:29:e1:63:64:9e:6b:68:99:ea:e1:bd:fb:
99:49:66:34:21:50:ea:27:e9:fe:8a:05:41:fe:8f:43:5a:67:
8d:f1:32:60
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICG3kwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MTIx
NzA5NTJaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEIzRUVFNjI4Q0VGNjIy
NzlDNDM1MUIzNUQyODMxNzQ2ODA2OUFERDMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDb6xsnFRnztYn3nzkhz84pRUK8oeQXaLZn6kkwHRaQE7f/P++8
tsED6RNDBQ1xPfo9MCdUFkGgxEzMj4Yk1yaKbNzglm28Kas5Kc5XxGr+3YveoTwl
+tTq4K01bAddI0o69JWBSmloz88P48Tq1BL6FHfm2xzdBeuCki34soh5abtEGcsL
kBikrxqJtiTc9yrBDb9IxWDkUmClkMTmnyFwECMkuab0bDXPPPMy/VKMRsq77t/3
KnPL3qBFIITobH9cywf3HsE+jyZn6gHLYCH86SFnhJ6i4+7xD0Y/4HM5qJnvmEGa
4NoO4ROt13c7yM/7QAinXmKvmX98wG8IJIP/AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUs+7mKM72InnENRs10oMXRoBprdMwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9zLTdtS003MklubkVOUnMx
MG9NWFJvQnByZE0ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBAFKCTGyzb3ZTbIXPZBdmY9pnPJ+5fjMVBNi6
JGNNun/gOoj2LQJoGiY0ZFrC9uqJ1CO404Fxd4pTbIeDNybE2Zv0wyLpEtu7vzz9
7nHGkuuE8gwubfv9aeNZvPMrWjIqP6vsVk/w2ksIkriayhmy4ZgTbeYJP5My5oiu
A4YoD2myaV+gtuEULCznkUOPPZ2rUlV5pVVGXkmzQB0V/YX83ePNsjlYq21iVoEr
GB70/1yCMt3JjmUHEJKl0L9+bBpSkEWYVC8WlQT9FyMkYGY8VsVKkaEzX1kiFXdK
R3ndainhY2Sea2iZ6uG9+5lJZjQhUOon6f6KBUH+j0NaZ43xMmA=
-----END CERTIFICATE-----
Generated at Sun Jun 22 03:57:52 2025 by rpki-client