Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/N97gp6DTuMHHzXhxdV8UH4mBKlY.roa
File: N97gp6DTuMHHzXhxdV8UH4mBKlY.roa (raw, json)
Hash identifier: iigevT1CL1YdN6R0SvgtYqdwFvpbmMafg9zSLcJJiwc=
Subject key identifier: 37:DE:E0:A7:A0:D3:B8:C1:C7:CD:78:71:75:5F:14:1F:89:81:2A:56
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 047D
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/N97gp6DTuMHHzXhxdV8UH4mBKlY.roa
Signing time: Tue 13 May 2025 01:37:58 +0000
ROA not before: Tue 13 May 2025 01:37:58 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1149 (0x47d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 13 01:37:58 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=37DEE0A7A0D3B8C1C7CD7871755F141F89812A56
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:2d:ec:a5:08:5c:19:0a:59:0b:70:f6:c6:a4:
34:00:cb:58:56:6f:5d:5d:05:96:6f:8f:f7:82:c1:
1f:d0:1e:84:0a:92:48:f2:c6:9b:12:77:d2:a3:d7:
f7:9a:ac:26:87:6e:8d:93:d5:08:b3:5c:72:9e:69:
93:cb:76:55:2b:67:27:d4:36:19:a2:46:7e:90:62:
a6:8c:91:25:56:90:51:0d:5f:9f:6d:ba:f5:d4:d9:
fb:31:9c:db:d6:d8:21:e9:3e:dd:e4:fc:6b:09:83:
6a:49:43:ec:2d:2e:14:d7:b9:e8:dd:41:e3:33:d9:
79:b4:29:5c:9a:8b:bd:f7:5d:bd:82:17:34:68:f9:
6a:56:40:14:5f:2a:df:fd:8b:53:be:0e:75:5f:58:
7f:8e:f1:ab:67:19:d1:47:64:b3:c2:a1:aa:fa:89:
1f:13:b4:96:40:81:93:f0:70:c3:5c:8d:55:77:ef:
53:1c:45:9a:98:2f:7e:76:97:a8:d3:4c:2b:e7:b4:
c4:1a:ea:6f:60:03:6e:ff:09:24:8a:17:1e:bc:3c:
b9:00:42:3d:50:b7:51:18:11:28:98:46:2f:d2:13:
c8:a2:3b:05:78:66:da:d5:1b:e6:ba:79:ce:65:29:
c4:e0:75:74:e5:80:48:c4:a0:dd:7f:5e:7d:e6:f5:
aa:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:DE:E0:A7:A0:D3:B8:C1:C7:CD:78:71:75:5F:14:1F:89:81:2A:56
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/N97gp6DTuMHHzXhxdV8UH4mBKlY.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
35:33:70:d1:e2:69:ac:2e:be:d6:7b:8d:57:a2:ed:9b:62:16:
18:ca:79:62:9d:f0:cd:51:97:ef:ea:3e:b5:a6:25:cf:30:8e:
58:94:6d:36:a5:fb:d4:e8:c6:85:b1:37:03:04:45:c6:e5:9a:
34:c9:08:44:10:1f:56:2e:ef:17:3e:92:cb:4a:cd:9c:d2:3d:
d7:10:f1:0b:66:de:49:e0:37:93:14:53:95:a7:3d:ef:40:1d:
ab:a1:ad:9e:8e:a7:72:45:15:b2:82:1a:4c:00:0c:19:6a:26:
84:8d:3e:26:ec:85:d8:70:93:fb:aa:a9:63:6f:2e:b1:b1:73:
20:99:24:10:1d:23:6f:1f:90:52:1c:20:47:73:06:36:36:31:
e7:46:ee:7a:b7:f5:89:4c:bd:17:27:e5:09:be:96:2b:c6:90:
5c:34:c2:8f:0e:e0:52:af:48:cf:2c:f8:b9:ec:93:31:11:92:
f7:c8:b2:4d:57:44:72:d2:c0:4b:77:99:9b:96:4a:41:d4:a7:
28:f6:ca:88:b9:7a:6f:22:f5:5a:85:89:f9:a5:2f:f5:e1:1d:
c7:7f:f9:e6:d3:c7:88:cf:8a:d6:5d:7e:8f:54:f8:53:f6:58:
c2:b3:a6:22:8c:12:7c:07:c6:6b:9b:17:fd:7e:b6:20:46:0e:
9d:54:83:ab
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICBH0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTMw
MTM3NThaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDM3REVFMEE3QTBEM0I4
QzFDN0NENzg3MTc1NUYxNDFGODk4MTJBNTYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDSLeylCFwZClkLcPbGpDQAy1hWb11dBZZvj/eCwR/QHoQKkkjy
xpsSd9Kj1/earCaHbo2T1QizXHKeaZPLdlUrZyfUNhmiRn6QYqaMkSVWkFENX59t
uvXU2fsxnNvW2CHpPt3k/GsJg2pJQ+wtLhTXuejdQeMz2Xm0KVyai733Xb2CFzRo
+WpWQBRfKt/9i1O+DnVfWH+O8atnGdFHZLPCoar6iR8TtJZAgZPwcMNcjVV371Mc
RZqYL352l6jTTCvntMQa6m9gA27/CSSKFx68PLkAQj1Qt1EYESiYRi/SE8iiOwV4
ZtrVG+a6ec5lKcTgdXTlgEjEoN1/Xn3m9ao/AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUN97gp6DTuMHHzXhxdV8UH4mBKlYwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9OOTdncDZEVHVNSEh6WGh4
ZFY4VUg0bUJLbFkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBADUzcNHiaawuvtZ7jVei7ZtiFhjKeWKd8M1R
l+/qPrWmJc8wjliUbTal+9ToxoWxNwMERcblmjTJCEQQH1Yu7xc+kstKzZzSPdcQ
8Qtm3kngN5MUU5WnPe9AHauhrZ6Op3JFFbKCGkwADBlqJoSNPibshdhwk/uqqWNv
LrGxcyCZJBAdI28fkFIcIEdzBjY2MedG7nq39YlMvRcn5Qm+livGkFw0wo8O4FKv
SM8s+LnskzERkvfIsk1XRHLSwEt3mZuWSkHUpyj2yoi5em8i9VqFifmlL/XhHcd/
+ebTx4jPitZdfo9U+FP2WMKzpiKMEnwHxmubF/1+tiBGDp1Ug6s=
-----END CERTIFICATE-----
Generated at Sun May 18 18:46:56 2025 by rpki-client