Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/3TuSP16ffR6uz8oAQviAqOCVpgE.roa
File: 3TuSP16ffR6uz8oAQviAqOCVpgE.roa (raw, json)
Hash identifier: 160pkrcZgBQZyTKWfJa8ESPN/BZ1wHV5mlBUD/PbTFM=
Subject key identifier: DD:3B:92:3F:5E:9F:7D:1E:AE:CF:CA:00:42:F8:80:A8:E0:95:A6:01
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: D5
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/3TuSP16ffR6uz8oAQviAqOCVpgE.roa
Signing time: Thu 08 May 2025 04:37:42 +0000
ROA not before: Thu 08 May 2025 04:37:42 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 213 (0xd5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 8 04:37:42 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=DD3B923F5E9F7D1EAECFCA0042F880A8E095A601
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:ff:f6:6a:3a:e1:20:72:ca:ee:13:c3:56:c9:
75:14:fa:e2:ee:df:a2:ae:90:8b:5d:58:9b:58:9d:
ee:8e:f5:37:0f:84:bb:41:c0:54:03:ae:b7:85:38:
2c:08:d1:d7:3f:0d:bf:4b:e7:34:cf:c0:03:13:1c:
9f:ce:78:f7:88:8a:92:19:fc:b0:9c:60:7e:02:d1:
a5:04:ee:85:9e:5d:df:e2:26:60:1d:92:cf:12:59:
70:d0:1e:cf:16:a2:ea:42:d1:77:dc:9f:11:5f:13:
e8:ad:59:9b:ab:4a:57:28:1d:f1:71:ba:b1:f9:bc:
c3:bb:65:8d:2b:43:78:99:56:d5:82:d7:8d:1e:83:
ee:41:ce:20:39:2c:47:d0:84:46:50:a4:87:20:d8:
f1:a3:95:63:2d:ac:44:57:1d:62:43:24:9c:ec:e0:
ef:44:d0:ba:77:8a:7f:81:45:3f:26:94:e4:85:60:
76:c3:98:c0:36:3d:8c:16:58:f5:f9:4e:f4:69:21:
00:e4:08:0a:b7:15:7f:25:17:f8:4b:d6:88:43:c5:
29:dc:fd:30:65:8e:ce:4a:6d:73:45:a5:fd:f7:66:
e2:4f:b4:0b:c0:be:2a:c7:e8:36:2c:ff:fa:2e:14:
d1:91:7d:0f:74:45:38:d0:ab:4c:a9:0b:19:4d:ee:
19:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:3B:92:3F:5E:9F:7D:1E:AE:CF:CA:00:42:F8:80:A8:E0:95:A6:01
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/3TuSP16ffR6uz8oAQviAqOCVpgE.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
3a:db:9e:88:48:e7:f1:fc:94:ba:86:49:2e:55:8a:7c:d1:f1:
bf:f4:d2:d0:4d:28:b8:67:f3:47:b6:96:1c:ec:1d:92:90:29:
8a:50:71:b3:bc:e5:43:8b:06:26:d8:3c:9f:a7:e2:4f:66:cc:
a2:ad:aa:85:44:83:08:f3:a2:b1:a1:91:1e:5b:c7:ff:f2:7e:
eb:84:25:28:20:14:22:4b:5a:a8:40:e2:d4:8f:93:d5:be:49:
98:db:18:98:4c:82:45:95:52:41:a6:67:bb:9a:bc:fb:41:6d:
c2:4b:fc:e6:c0:1e:2b:dc:8b:de:d5:75:ea:15:d1:4c:e0:a5:
1a:12:c7:c6:00:ba:93:bd:0a:3b:b5:ea:84:76:fd:1b:1a:d5:
d8:b9:46:3c:3b:30:96:08:d1:58:43:e7:22:44:a8:84:0f:f6:
4c:d3:e8:ac:88:f9:d2:d9:ed:a1:11:fd:63:8d:1e:5a:da:53:
53:55:bd:6b:dd:ab:77:dd:8d:98:f7:23:9e:0c:3d:85:b8:d6:
f9:2c:3b:03:f9:4e:f1:9f:22:26:a6:4f:20:58:b5:30:54:35:
f8:ab:8c:25:5a:5c:db:0e:84:d2:4a:59:cb:90:6b:cb:2d:30:
24:5d:f1:77:6b:70:d4:e2:80:ba:98:b8:ba:2c:19:b8:a7:ad:
c6:02:bc:60
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICANUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MDgw
NDM3NDJaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEREM0I5MjNGNUU5RjdE
MUVBRUNGQ0EwMDQyRjg4MEE4RTA5NUE2MDEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC4//ZqOuEgcsruE8NWyXUU+uLu36KukItdWJtYne6O9TcPhLtB
wFQDrreFOCwI0dc/Db9L5zTPwAMTHJ/OePeIipIZ/LCcYH4C0aUE7oWeXd/iJmAd
ks8SWXDQHs8WoupC0XfcnxFfE+itWZurSlcoHfFxurH5vMO7ZY0rQ3iZVtWC140e
g+5BziA5LEfQhEZQpIcg2PGjlWMtrERXHWJDJJzs4O9E0Lp3in+BRT8mlOSFYHbD
mMA2PYwWWPX5TvRpIQDkCAq3FX8lF/hL1ohDxSnc/TBljs5KbXNFpf33ZuJPtAvA
virH6DYs//ouFNGRfQ90RTjQq0ypCxlN7hmtAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQU3TuSP16ffR6uz8oAQviAqOCVpgEwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni8zVHVTUDE2ZmZSNnV6OG9B
UXZpQXFPQ1ZwZ0Uucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBADrbnohI5/H8lLqGSS5VinzR8b/00tBNKLhn
80e2lhzsHZKQKYpQcbO85UOLBibYPJ+n4k9mzKKtqoVEgwjzorGhkR5bx//yfuuE
JSggFCJLWqhA4tSPk9W+SZjbGJhMgkWVUkGmZ7uavPtBbcJL/ObAHivci97VdeoV
0UzgpRoSx8YAupO9Cju16oR2/Rsa1di5Rjw7MJYI0VhD5yJEqIQP9kzT6KyI+dLZ
7aER/WONHlraU1NVvWvdq3fdjZj3I54MPYW41vksOwP5TvGfIiamTyBYtTBUNfir
jCVaXNsOhNJKWcuQa8stMCRd8XdrcNTigLqYuLosGbinrcYCvGA=
-----END CERTIFICATE-----
Generated at Sun May 18 03:07:28 2025 by rpki-client