Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/D81UdQd9POU-a4TP1kaEdCxTCbE.roa
File: D81UdQd9POU-a4TP1kaEdCxTCbE.roa (raw, json)
Hash identifier: vmcYlO7NbylzZ304aZSWd0blk6GCxYLqz5JXzUuqEro=
Subject key identifier: 0F:CD:54:75:07:7D:3C:E5:3E:6B:84:CF:D6:46:84:74:2C:53:09:B1
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0631
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/D81UdQd9POU-a4TP1kaEdCxTCbE.roa
Signing time: Thu 15 May 2025 08:08:02 +0000
ROA not before: Thu 15 May 2025 08:08:02 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1585 (0x631)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 15 08:08:02 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=0FCD5475077D3CE53E6B84CFD64684742C5309B1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:5d:66:fd:a1:79:1d:82:4a:56:bd:47:55:36:
3f:f9:06:d0:42:fb:37:f8:cf:9b:82:e6:c5:3b:53:
a9:b6:6f:5e:00:30:b8:71:9a:19:8e:be:00:9a:6f:
9f:b9:62:cd:1c:f9:0a:26:07:da:86:e2:6b:6c:b0:
64:79:95:25:53:5b:c1:46:4e:32:c0:0e:7f:f5:2a:
9d:60:28:e2:8f:01:c2:d8:78:98:b8:2c:e5:58:8a:
a2:9e:a4:53:46:77:84:08:0f:d3:84:3e:83:63:18:
3d:13:72:d7:1b:64:83:c3:75:ae:c4:90:75:75:26:
47:9b:6b:60:c9:27:e0:44:30:3f:c0:35:83:2c:b1:
33:37:b8:50:0a:f5:df:b7:9d:79:08:18:72:c8:14:
a7:70:cf:0e:08:c2:60:de:4b:0a:f3:23:b1:6f:b2:
28:19:34:fa:58:ee:bc:11:cc:78:a7:13:23:33:9b:
f0:fa:a4:54:69:7a:63:56:0a:b5:4e:6d:c3:63:33:
bd:71:a4:72:81:54:19:e8:7b:87:11:f7:c3:1c:94:
94:73:7f:6a:cf:0c:96:bc:12:12:39:71:03:fc:1a:
2e:c9:7b:88:3d:77:a4:e9:ec:27:eb:7e:a7:b4:3f:
83:29:ae:ff:c3:3c:90:e0:23:f0:22:fe:60:d2:31:
d5:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:CD:54:75:07:7D:3C:E5:3E:6B:84:CF:D6:46:84:74:2C:53:09:B1
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/D81UdQd9POU-a4TP1kaEdCxTCbE.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
8e:2f:d9:38:4f:8d:e5:a8:e2:f7:01:98:7e:d0:40:c1:87:94:
46:12:a7:fc:be:b3:2f:21:f2:6a:f7:71:fa:40:9c:4e:b8:94:
ba:1c:1f:05:97:c2:07:0d:92:29:fe:95:7d:81:76:c9:dc:73:
73:63:15:bd:ac:18:fd:06:a6:d7:d8:ce:58:41:34:ca:bb:e2:
52:66:2c:37:5f:9e:e6:a4:dd:bf:86:98:4a:49:2d:a4:cb:b0:
0d:38:09:58:5d:d8:78:67:35:10:5f:e7:49:46:33:4b:90:f3:
f5:08:a3:55:e9:a7:e9:3f:a3:52:ec:f8:0a:1d:ab:20:e6:93:
8c:7e:62:2a:21:a0:45:77:61:24:dd:91:72:31:39:ce:af:3a:
96:05:02:f6:7d:80:b5:9e:10:62:05:b5:f8:d9:04:ba:d9:88:
c2:a2:b6:eb:d0:22:c9:91:bb:03:08:8c:20:d9:15:ec:a7:67:
56:36:dc:59:10:d0:94:0d:14:93:98:c1:43:22:c8:3d:7b:75:
e0:6d:cd:bf:9f:27:3f:99:21:02:30:63:13:1b:f2:78:ea:f2:
f1:ec:97:8a:00:cf:3c:06:32:cc:fb:f7:0e:8f:f6:d3:7e:af:
49:6f:2c:da:b6:29:60:dc:e9:a9:94:52:15:a1:d5:74:8e:4e:
13:a7:8e:74
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICBjEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTUw
ODA4MDJaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDBGQ0Q1NDc1MDc3RDND
RTUzRTZCODRDRkQ2NDY4NDc0MkM1MzA5QjEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCkXWb9oXkdgkpWvUdVNj/5BtBC+zf4z5uC5sU7U6m2b14AMLhx
mhmOvgCab5+5Ys0c+QomB9qG4mtssGR5lSVTW8FGTjLADn/1Kp1gKOKPAcLYeJi4
LOVYiqKepFNGd4QID9OEPoNjGD0TctcbZIPDda7EkHV1Jkeba2DJJ+BEMD/ANYMs
sTM3uFAK9d+3nXkIGHLIFKdwzw4IwmDeSwrzI7FvsigZNPpY7rwRzHinEyMzm/D6
pFRpemNWCrVObcNjM71xpHKBVBnoe4cR98MclJRzf2rPDJa8EhI5cQP8Gi7Je4g9
d6Tp7Cfrfqe0P4Mprv/DPJDgI/Ai/mDSMdUtAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUD81UdQd9POU+a4TP1kaEdCxTCbEwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9EODFVZFFkOVBPVS1hNFRQ
MWthRWRDeFRDYkUucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBAI4v2ThPjeWo4vcBmH7QQMGHlEYSp/y+sy8h
8mr3cfpAnE64lLocHwWXwgcNkin+lX2Bdsncc3NjFb2sGP0GptfYzlhBNMq74lJm
LDdfnuak3b+GmEpJLaTLsA04CVhd2HhnNRBf50lGM0uQ8/UIo1Xpp+k/o1Ls+Aod
qyDmk4x+YiohoEV3YSTdkXIxOc6vOpYFAvZ9gLWeEGIFtfjZBLrZiMKituvQIsmR
uwMIjCDZFeynZ1Y23FkQ0JQNFJOYwUMiyD17deBtzb+fJz+ZIQIwYxMb8njq8vHs
l4oAzzwGMsz79w6P9tN+r0lvLNq2KWDc6amUUhWh1XSOThOnjnQ=
-----END CERTIFICATE-----
Generated at Sat May 17 19:38:51 2025 by rpki-client