Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/7EPB3aOjAuZczjpmmr-lPCwKWn8.roa
File: 7EPB3aOjAuZczjpmmr-lPCwKWn8.roa (raw, json)
Hash identifier: UY4hk7f4nBiggpgbJFWnmS5k/zyZY7m55B6pwl6YDaw=
Subject key identifier: EC:43:C1:DD:A3:A3:02:E6:5C:CE:3A:66:9A:BF:A5:3C:2C:0A:5A:7F
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 05A9
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/7EPB3aOjAuZczjpmmr-lPCwKWn8.roa
Signing time: Wed 14 May 2025 15:08:03 +0000
ROA not before: Wed 14 May 2025 15:08:03 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1449 (0x5a9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 14 15:08:03 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=EC43C1DDA3A302E65CCE3A669ABFA53C2C0A5A7F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:51:41:a6:00:c0:4e:95:28:f1:ee:94:d4:f3:
de:93:10:3b:33:66:96:1d:7a:aa:28:00:0b:9e:e8:
23:20:e0:54:fe:d0:e6:6c:93:bb:f2:5a:82:f2:73:
22:39:4a:d3:e3:ce:05:a9:d2:21:98:e7:74:18:66:
56:4a:a0:80:ea:4c:fa:46:f2:ff:7f:fb:a8:15:67:
15:16:a5:43:d8:48:c4:e3:be:03:38:63:5c:44:4e:
17:6d:31:41:5b:c9:04:07:53:50:a6:b1:94:36:5a:
6e:d5:6d:42:2e:b5:62:ec:7b:49:16:83:e6:66:88:
41:f5:37:cb:40:b5:ef:a2:fc:87:9c:be:0d:62:f5:
05:c7:c4:97:49:29:79:31:c7:1b:7e:aa:39:c3:27:
74:94:e7:66:fd:48:13:b2:54:b6:45:5d:b6:c5:40:
9f:fb:5d:66:d0:f6:ff:72:20:9d:81:11:49:a0:9a:
26:8d:a4:1f:ca:b9:fa:fd:2a:43:96:d5:6d:c7:d9:
af:63:c9:73:0b:e3:35:ea:a7:c6:b1:d8:09:b0:b1:
92:30:75:d9:f5:54:99:ac:5d:5e:17:89:7f:a5:38:
af:34:9a:b4:4c:18:7b:29:42:01:46:3b:c8:d9:01:
65:18:a7:97:cb:77:05:58:be:66:10:db:68:f6:6d:
4d:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:43:C1:DD:A3:A3:02:E6:5C:CE:3A:66:9A:BF:A5:3C:2C:0A:5A:7F
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/7EPB3aOjAuZczjpmmr-lPCwKWn8.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
15:ac:06:8a:6c:dd:c3:ea:08:f6:ed:cf:fe:f1:9f:21:f1:3e:
44:d2:3e:3c:fb:61:24:91:9c:01:2d:f3:92:b3:0c:85:e3:5d:
a7:b2:12:7b:7d:e4:33:27:aa:50:46:0d:67:a0:21:70:78:49:
00:ab:13:e1:4c:d6:b3:69:31:b5:ae:14:02:c1:20:bd:7e:b3:
a4:f6:64:95:96:d1:2f:c5:de:86:85:a2:4c:59:eb:69:de:5d:
43:e4:19:2f:c3:0a:ac:85:f8:93:b5:2a:9f:74:82:5f:3a:47:
fa:a1:57:a0:d0:51:a1:25:c8:0d:0a:a9:b5:b8:bf:64:b4:fb:
91:23:eb:cd:30:1e:ce:95:8a:fe:3d:cd:d3:43:99:45:0a:66:
29:ef:3f:a0:cc:96:97:7e:22:b8:96:47:95:bc:ea:4f:f2:72:
d0:31:4c:93:70:db:49:79:94:d9:f3:b9:64:c1:6a:c9:58:b3:
6c:13:ae:09:b4:f3:a5:25:bd:84:d3:59:1a:42:dd:0a:6c:57:
f9:93:7d:22:a1:30:0f:4e:69:b3:3b:4a:48:94:25:83:2e:6f:
5f:07:2b:41:a7:bf:85:23:b2:28:12:d1:88:2a:c2:85:75:10:
37:7c:d3:b4:c6:78:98:2c:28:fd:6e:2f:24:d6:6f:c9:c5:5c:
51:5b:ec:f7
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICBakwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTQx
NTA4MDNaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEVDNDNDMUREQTNBMzAy
RTY1Q0NFM0E2NjlBQkZBNTNDMkMwQTVBN0YwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDrUUGmAMBOlSjx7pTU896TEDszZpYdeqooAAue6CMg4FT+0OZs
k7vyWoLycyI5StPjzgWp0iGY53QYZlZKoIDqTPpG8v9/+6gVZxUWpUPYSMTjvgM4
Y1xEThdtMUFbyQQHU1CmsZQ2Wm7VbUIutWLse0kWg+ZmiEH1N8tAte+i/Iecvg1i
9QXHxJdJKXkxxxt+qjnDJ3SU52b9SBOyVLZFXbbFQJ/7XWbQ9v9yIJ2BEUmgmiaN
pB/Kufr9KkOW1W3H2a9jyXML4zXqp8ax2AmwsZIwddn1VJmsXV4XiX+lOK80mrRM
GHspQgFGO8jZAWUYp5fLdwVYvmYQ22j2bU3ZAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQU7EPB3aOjAuZczjpmmr+lPCwKWn8wHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni83RVBCM2FPakF1WmN6anBt
bXItbFBDd0tXbjgucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBABWsBops3cPqCPbtz/7xnyHxPkTSPjz7YSSR
nAEt85KzDIXjXaeyEnt95DMnqlBGDWegIXB4SQCrE+FM1rNpMbWuFALBIL1+s6T2
ZJWW0S/F3oaFokxZ62neXUPkGS/DCqyF+JO1Kp90gl86R/qhV6DQUaElyA0KqbW4
v2S0+5Ej680wHs6Viv49zdNDmUUKZinvP6DMlpd+IriWR5W86k/yctAxTJNw20l5
lNnzuWTBaslYs2wTrgm086UlvYTTWRpC3QpsV/mTfSKhMA9OabM7SkiUJYMub18H
K0Gnv4UjsigS0YgqwoV1EDd807TGeJgsKP1uLyTWb8nFXFFb7Pc=
-----END CERTIFICATE-----
Generated at Sat May 17 21:30:18 2025 by rpki-client