Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/DqnJAd84QLtQ4kl48QT_e1RFgIs.roa
File: DqnJAd84QLtQ4kl48QT_e1RFgIs.roa (raw, json)
Hash identifier: RbfeXMHZpm85mMGIqqF7HaZeptNGKnZ8a9OqjMfWXE8=
Subject key identifier: 0E:A9:C9:01:DF:38:40:BB:50:E2:49:78:F1:04:FF:7B:54:45:80:8B
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 03DD
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/DqnJAd84QLtQ4kl48QT_e1RFgIs.roa
Signing time: Mon 12 May 2025 05:38:17 +0000
ROA not before: Mon 12 May 2025 05:38:17 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 989 (0x3dd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 12 05:38:17 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=0EA9C901DF3840BB50E24978F104FF7B5445808B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:df:60:49:23:33:53:c7:f8:79:d3:8c:94:f3:
3b:30:1c:5f:40:a5:3c:ac:75:be:35:5c:20:d9:bc:
03:39:54:4c:4d:d6:df:50:1a:2b:28:8b:6d:69:62:
dd:0a:ef:de:a2:9d:1d:ac:2a:67:5b:cc:c1:fb:77:
4a:f5:e0:21:45:60:11:2d:d0:fc:75:45:2a:9a:a2:
7e:e5:00:e5:89:57:e1:aa:b9:e3:f2:ed:a5:9e:24:
d2:76:88:48:bc:1f:db:84:70:c6:36:82:95:27:21:
fb:3e:03:2c:e4:93:86:5b:07:bb:6c:2a:a3:ba:46:
3d:88:d1:7c:40:56:ce:5c:0a:eb:8f:af:f1:27:5f:
96:b6:ad:c1:51:25:1b:8d:55:46:5e:91:e9:25:8c:
59:e6:91:d3:11:c8:96:b4:ce:6c:2b:91:ef:e4:ab:
cf:44:92:0a:45:1c:41:1e:ac:88:b2:73:41:cb:c5:
14:31:dc:5e:4f:62:83:b9:38:c4:24:ea:ac:ab:d1:
78:ad:ad:80:db:66:08:86:d2:aa:d2:9a:04:de:f5:
70:c2:bc:0a:84:16:10:f7:78:a8:34:69:08:57:0b:
14:e2:88:61:69:ce:0d:d8:8e:39:c5:13:ae:ee:47:
5e:34:bd:30:45:45:9e:5f:20:cc:39:34:af:1c:ba:
90:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:A9:C9:01:DF:38:40:BB:50:E2:49:78:F1:04:FF:7B:54:45:80:8B
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/DqnJAd84QLtQ4kl48QT_e1RFgIs.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
81:33:3c:bc:ed:eb:06:d8:67:86:bb:f6:d8:92:57:6b:ea:6d:
6a:c3:56:08:00:cc:c3:10:6a:f7:46:41:92:4a:c1:e9:7a:f3:
3d:74:17:36:eb:1f:bf:c8:e3:e3:48:c5:bc:6b:c6:ec:b2:23:
00:04:6b:1c:1c:0a:44:b3:4e:7c:43:89:db:95:69:2e:ce:2d:
14:9a:57:09:2a:71:8a:7a:ea:39:05:89:78:cc:c4:aa:9e:3a:
eb:75:14:47:68:8a:63:c2:a1:d9:9e:b6:cc:0c:e9:7a:70:7d:
ac:8e:a2:87:bd:24:b7:d1:f1:d1:2e:a7:47:7d:51:cf:4d:68:
5a:ab:fd:4f:70:6d:23:39:66:00:0f:0d:54:1a:3f:f5:9e:f0:
1d:75:34:d2:2e:9c:60:82:87:ef:cc:b4:b5:72:2d:42:bc:85:
2d:fa:b8:71:3b:e1:72:a3:06:31:7b:f9:e2:c3:25:3e:36:d6:
58:75:f3:ad:92:c2:7a:3c:b4:62:a3:46:ac:e7:8a:71:ff:15:
2e:a3:d8:13:ad:47:77:4c:7c:a6:ad:6f:56:ce:6d:a9:66:7c:
79:79:3f:af:57:4f:60:57:aa:6d:3c:c1:89:ab:89:c6:13:95:
d5:36:ef:bc:17:7f:be:17:6a:3f:b6:34:cd:4f:23:d5:fc:b7:
82:d9:21:6a
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICA90wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTIw
NTM4MTdaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDBFQTlDOTAxREYzODQw
QkI1MEUyNDk3OEYxMDRGRjdCNTQ0NTgwOEIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDX32BJIzNTx/h504yU8zswHF9ApTysdb41XCDZvAM5VExN1t9Q
Gisoi21pYt0K796inR2sKmdbzMH7d0r14CFFYBEt0Px1RSqaon7lAOWJV+GquePy
7aWeJNJ2iEi8H9uEcMY2gpUnIfs+Ayzkk4ZbB7tsKqO6Rj2I0XxAVs5cCuuPr/En
X5a2rcFRJRuNVUZekekljFnmkdMRyJa0zmwrke/kq89EkgpFHEEerIiyc0HLxRQx
3F5PYoO5OMQk6qyr0XitrYDbZgiG0qrSmgTe9XDCvAqEFhD3eKg0aQhXCxTiiGFp
zg3YjjnFE67uR140vTBFRZ5fIMw5NK8cupA5AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUDqnJAd84QLtQ4kl48QT/e1RFgIswHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9EcW5KQWQ4NFFMdFE0a2w0
OFFUX2UxUkZnSXMucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBAIEzPLzt6wbYZ4a79tiSV2vqbWrDVggAzMMQ
avdGQZJKwel68z10FzbrH7/I4+NIxbxrxuyyIwAEaxwcCkSzTnxDiduVaS7OLRSa
VwkqcYp66jkFiXjMxKqeOut1FEdoimPCodmetswM6XpwfayOooe9JLfR8dEup0d9
Uc9NaFqr/U9wbSM5ZgAPDVQaP/We8B11NNIunGCCh+/MtLVyLUK8hS36uHE74XKj
BjF7+eLDJT421lh1862Swno8tGKjRqzninH/FS6j2BOtR3dMfKatb1bObalmfHl5
P69XT2BXqm08wYmricYTldU277wXf74Xaj+2NM1PI9X8t4LZIWo=
-----END CERTIFICATE-----
Generated at Sat May 17 19:46:42 2025 by rpki-client