Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/Ef734R0kKGKObHKFY_wd2195Z_s.roa
File: Ef734R0kKGKObHKFY_wd2195Z_s.roa (raw, json)
Hash identifier: NX8pozlOSmd7HLPceHVXL8uVlEXqhD/k84ctboNWeYs=
Subject key identifier: 11:FE:F7:E1:1D:24:28:62:8E:6C:72:85:63:FC:1D:DB:5F:79:67:FB
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 07B5
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/Ef734R0kKGKObHKFY_wd2195Z_s.roa
Signing time: Sat 17 May 2025 08:38:11 +0000
ROA not before: Sat 17 May 2025 08:38:11 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1973 (0x7b5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 17 08:38:11 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=11FEF7E11D2428628E6C728563FC1DDB5F7967FB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:16:33:e7:15:ff:63:a8:48:31:02:d4:9a:0f:
2f:a1:a5:1e:b5:b2:5a:c0:ad:3d:dc:0d:f6:73:28:
bc:c4:d7:43:ec:67:de:a9:7a:1f:5f:5c:ca:b5:d7:
70:e9:5e:3b:48:74:96:88:a2:ae:ba:e7:3e:28:a2:
0a:a4:95:38:b1:c6:b9:bb:e7:84:ef:60:7a:e2:d8:
7b:eb:10:b8:4d:3c:d8:bc:81:f0:57:ab:2f:95:54:
74:dc:df:66:db:ad:7f:e4:51:88:41:70:0e:de:b1:
29:6b:86:f2:ad:48:26:86:3e:f7:cd:fb:38:2e:27:
76:21:c3:b0:c1:81:61:02:a4:a3:40:9f:60:13:8a:
63:97:55:5b:3a:3d:a5:70:cb:5a:3b:5d:df:a6:23:
d8:29:39:58:b8:d6:4a:60:22:73:05:71:ca:0a:92:
82:70:ee:36:e7:38:35:fa:df:94:96:a6:4d:b3:cf:
f1:ef:45:69:6f:47:69:5d:d7:70:3d:59:64:81:29:
11:f7:90:d1:41:c6:7c:e8:54:d7:47:67:a4:54:b6:
04:fa:26:b7:c7:d2:24:79:a6:9d:42:54:41:d2:76:
de:97:d0:a7:6a:33:56:99:a2:70:3d:e5:bb:41:58:
2e:0b:c2:60:83:68:ae:8d:a1:95:45:b5:b8:87:42:
50:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:FE:F7:E1:1D:24:28:62:8E:6C:72:85:63:FC:1D:DB:5F:79:67:FB
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/Ef734R0kKGKObHKFY_wd2195Z_s.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
a2:e5:f0:42:96:a2:04:d0:a0:ac:b0:29:1e:15:5b:21:63:78:
c5:6e:c9:ab:6b:47:67:59:69:9d:8f:22:f0:fc:3c:5b:ed:25:
7e:0a:01:58:07:3f:de:04:c2:6f:e3:98:bc:61:42:65:4e:db:
d0:77:4a:39:e9:68:cf:54:d3:d2:2e:25:0f:dc:b4:79:9f:34:
69:c1:53:28:be:d5:15:51:3d:c4:bb:8e:71:34:a7:d3:89:5e:
ea:3a:94:03:77:75:67:1c:f3:1e:97:3a:ed:26:04:ef:c3:80:
e4:42:e7:cf:83:dc:d7:fa:5b:af:b9:0c:87:2a:d8:a6:b2:5d:
85:82:df:ec:b8:28:7d:38:dc:9b:bc:14:58:48:80:df:11:91:
75:15:4c:89:f8:40:68:7c:bb:b0:5c:9c:3b:50:fd:5b:22:f4:
8b:02:b6:c7:92:d6:57:74:87:6e:14:21:db:bc:9c:7a:ae:82:
f2:56:dc:b0:03:ca:fe:19:bf:d0:81:61:4f:b5:69:fc:f6:11:
b8:52:f9:68:47:1f:ed:9d:80:7e:3c:ad:22:7a:7c:0c:f8:7d:
e4:3d:90:a8:af:11:31:7f:6f:6d:9e:ef:15:68:13:dd:49:de:
70:c7:3a:21:47:77:0d:a8:d5:9f:40:e3:11:95:f8:1b:eb:c7:
ad:56:e0:8b
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICB7UwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTcw
ODM4MTFaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDExRkVGN0UxMUQyNDI4
NjI4RTZDNzI4NTYzRkMxRERCNUY3OTY3RkIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC/FjPnFf9jqEgxAtSaDy+hpR61slrArT3cDfZzKLzE10PsZ96p
eh9fXMq113DpXjtIdJaIoq665z4oogqklTixxrm754TvYHri2HvrELhNPNi8gfBX
qy+VVHTc32bbrX/kUYhBcA7esSlrhvKtSCaGPvfN+zguJ3Yhw7DBgWECpKNAn2AT
imOXVVs6PaVwy1o7Xd+mI9gpOVi41kpgInMFccoKkoJw7jbnODX635SWpk2zz/Hv
RWlvR2ld13A9WWSBKRH3kNFBxnzoVNdHZ6RUtgT6JrfH0iR5pp1CVEHSdt6X0Kdq
M1aZonA95btBWC4LwmCDaK6NoZVFtbiHQlBbAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUEf734R0kKGKObHKFY/wd2195Z/swHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9FZjczNFIwa0tHS09iSEtG
WV93ZDIxOTVaX3Mucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBAKLl8EKWogTQoKywKR4VWyFjeMVuyatrR2dZ
aZ2PIvD8PFvtJX4KAVgHP94Ewm/jmLxhQmVO29B3SjnpaM9U09IuJQ/ctHmfNGnB
Uyi+1RVRPcS7jnE0p9OJXuo6lAN3dWcc8x6XOu0mBO/DgORC58+D3Nf6W6+5DIcq
2KayXYWC3+y4KH043Ju8FFhIgN8RkXUVTIn4QGh8u7BcnDtQ/Vsi9IsCtseS1ld0
h24UIdu8nHqugvJW3LADyv4Zv9CBYU+1afz2EbhS+WhHH+2dgH48rSJ6fAz4feQ9
kKivETF/b22e7xVoE91J3nDHOiFHdw2o1Z9A4xGV+Bvrx61W4Is=
-----END CERTIFICATE-----
Generated at Sun May 18 10:02:31 2025 by rpki-client