Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/07WdHFd6NasX4rxOn9msKbqpgpU.roa
File: 07WdHFd6NasX4rxOn9msKbqpgpU.roa (raw, json)
Hash identifier: 6dVw4nzkThaNfd1F/Z7Z8jii8t0TVUqxl1plHwQ4G84=
Subject key identifier: D3:B5:9D:1C:57:7A:35:AB:17:E2:BC:4E:9F:D9:AC:29:BA:A9:82:95
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 064D
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/07WdHFd6NasX4rxOn9msKbqpgpU.roa
Signing time: Thu 15 May 2025 11:38:50 +0000
ROA not before: Thu 15 May 2025 11:38:50 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1613 (0x64d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 15 11:38:50 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=D3B59D1C577A35AB17E2BC4E9FD9AC29BAA98295
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:a2:84:d0:36:89:95:2d:f0:2a:ef:f6:d1:27:
51:94:be:51:00:c2:31:00:00:ec:9b:fd:62:fa:84:
47:6e:9d:00:1e:c2:45:a4:25:c9:97:17:88:10:03:
a5:5c:2a:b8:2c:9a:b7:0c:b5:80:68:d5:51:a1:57:
31:b4:8f:ee:19:77:22:b7:3f:14:64:bc:73:33:47:
55:a0:8a:eb:be:48:4e:5b:20:19:23:c2:5f:ac:fc:
12:67:5f:96:97:3f:25:43:85:00:ab:64:a2:90:5f:
48:06:82:e7:48:89:ea:ff:82:a7:66:51:34:1f:24:
a4:16:d5:df:f0:53:5e:5e:8b:e2:c2:04:52:dc:28:
4e:bf:fd:75:87:7d:df:0a:a0:7f:dd:72:1d:39:98:
a8:fe:81:35:ab:c8:b7:b1:4b:0d:f7:f0:95:d1:ed:
29:03:fb:00:fb:3b:74:9d:87:78:bb:82:c4:10:7a:
29:3f:9b:2b:dc:39:18:32:99:5a:6f:cf:06:a0:4f:
cd:2f:78:47:32:42:78:38:30:67:40:da:9f:f1:8a:
1d:ce:fb:04:a2:ab:bb:e5:35:1e:03:85:95:eb:88:
2a:97:60:0f:25:e2:74:7b:ca:9c:e5:b2:b7:e9:12:
96:20:17:ee:fb:0b:9a:3b:ba:bd:be:09:a5:49:5d:
b7:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:B5:9D:1C:57:7A:35:AB:17:E2:BC:4E:9F:D9:AC:29:BA:A9:82:95
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/07WdHFd6NasX4rxOn9msKbqpgpU.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
39:a0:15:1c:b3:7d:81:1a:d4:03:b0:a2:64:15:95:92:4a:4b:
18:05:7e:84:4d:11:ec:6b:4c:ac:93:dc:c6:bc:e4:a8:c1:97:
04:ce:f8:c3:59:1f:4c:59:68:17:ca:bf:4e:8d:b3:52:7d:ea:
b5:1b:83:58:6c:d4:0b:c3:49:fa:6e:97:74:03:b4:71:ac:1c:
9f:8f:54:7a:5b:98:b1:c2:10:50:6e:7b:39:55:a3:d5:25:b6:
6b:7a:8b:cb:2d:0a:83:05:82:e3:60:ff:7e:48:9f:0b:d9:1b:
58:8c:00:45:82:6d:ba:79:d2:f5:2d:4e:ca:8e:19:69:80:b1:
72:92:9d:a4:f9:35:dd:8e:f1:6a:0f:6e:4f:26:10:52:d3:e1:
d5:5d:b1:97:d7:69:7a:db:c4:ed:f9:33:b2:d0:6e:be:3d:cc:
cd:f5:64:f8:e8:45:fb:d9:70:ce:09:45:3e:58:a3:e8:38:87:
b1:09:6c:8d:c6:90:d7:d4:88:bb:67:5c:a0:6a:88:90:60:6b:
2a:52:50:2d:f9:b4:04:e1:a1:e2:55:28:8a:46:4d:a1:9a:6c:
18:5d:03:c4:93:4c:07:28:84:17:17:b7:67:4c:0f:d2:2b:08:
f9:fe:89:1e:f8:fd:43:73:d7:3d:8c:78:c3:f9:d2:f8:56:79:
67:11:07:12
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICBk0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTUx
MTM4NTBaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEQzQjU5RDFDNTc3QTM1
QUIxN0UyQkM0RTlGRDlBQzI5QkFBOTgyOTUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDbooTQNomVLfAq7/bRJ1GUvlEAwjEAAOyb/WL6hEdunQAewkWk
JcmXF4gQA6VcKrgsmrcMtYBo1VGhVzG0j+4ZdyK3PxRkvHMzR1Wgiuu+SE5bIBkj
wl+s/BJnX5aXPyVDhQCrZKKQX0gGgudIier/gqdmUTQfJKQW1d/wU15ei+LCBFLc
KE6//XWHfd8KoH/dch05mKj+gTWryLexSw338JXR7SkD+wD7O3Sdh3i7gsQQeik/
myvcORgymVpvzwagT80veEcyQng4MGdA2p/xih3O+wSiq7vlNR4DhZXriCqXYA8l
4nR7ypzlsrfpEpYgF+77C5o7ur2+CaVJXbf5AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQU07WdHFd6NasX4rxOn9msKbqpgpUwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni8wN1dkSEZkNk5hc1g0cnhP
bjltc0ticXBncFUucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBADmgFRyzfYEa1AOwomQVlZJKSxgFfoRNEexr
TKyT3Ma85KjBlwTO+MNZH0xZaBfKv06Ns1J96rUbg1hs1AvDSfpul3QDtHGsHJ+P
VHpbmLHCEFBuezlVo9Ultmt6i8stCoMFguNg/35InwvZG1iMAEWCbbp50vUtTsqO
GWmAsXKSnaT5Nd2O8WoPbk8mEFLT4dVdsZfXaXrbxO35M7LQbr49zM31ZPjoRfvZ
cM4JRT5Yo+g4h7EJbI3GkNfUiLtnXKBqiJBgaypSUC35tAThoeJVKIpGTaGabBhd
A8STTAcohBcXt2dMD9IrCPn+iR74/UNz1z2MeMP50vhWeWcRBxI=
-----END CERTIFICATE-----
Generated at Sun May 18 02:05:15 2025 by rpki-client