Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/NNmw-LYLnDEayydNPRveGIJseLk.roa
File: NNmw-LYLnDEayydNPRveGIJseLk.roa (raw, json)
Hash identifier: 39btSiVrJVbgAMtvni5x/VEFUEdHUoCDAJbMjteRJ5Q=
Subject key identifier: 34:D9:B0:F8:B6:0B:9C:31:1A:CB:27:4D:3D:1B:DE:18:82:6C:78:B9
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0199
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/NNmw-LYLnDEayydNPRveGIJseLk.roa
Signing time: Fri 09 May 2025 05:07:44 +0000
ROA not before: Fri 09 May 2025 05:07:44 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 409 (0x199)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 9 05:07:44 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=34D9B0F8B60B9C311ACB274D3D1BDE18826C78B9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:46:b5:8d:1e:5c:42:6e:1d:32:76:83:4c:e8:
58:9c:a8:f8:02:6f:bf:15:5c:f4:dc:34:c8:23:9e:
82:0c:b8:f3:98:97:d2:69:2e:5d:86:4f:7a:3a:3a:
bf:3a:d8:50:36:ff:1c:f0:f9:6b:05:63:17:e0:85:
58:38:4d:14:e8:23:8b:c1:be:eb:76:d1:5c:76:b1:
1d:8c:d8:70:22:51:fa:e2:a6:4f:f5:03:b3:27:d3:
76:f2:69:a4:a5:f7:08:7b:66:86:2a:7c:96:f2:af:
88:f4:ed:db:8a:7c:29:7b:71:b1:c6:b4:c2:5b:4c:
8b:f9:37:79:da:e3:01:ca:3a:39:14:ee:74:62:5f:
79:d6:5c:e9:e2:87:0e:ee:d9:05:b8:51:be:f2:58:
e7:a6:78:ee:2d:bd:0a:e8:39:96:18:84:2e:7d:d3:
2d:45:d8:d0:72:04:92:13:d0:df:b5:13:81:29:d1:
32:77:2e:26:3e:bb:0b:64:79:de:09:31:97:a5:b7:
f1:b2:8b:71:e2:3f:fc:6a:dc:d3:22:70:e1:fa:aa:
be:d8:dd:5c:19:34:de:9b:f5:79:9c:2e:f6:f7:1e:
af:d4:a2:6c:f0:7c:51:86:d0:14:7d:2b:1e:9e:ea:
87:81:b0:f2:cc:bc:87:7a:4a:3c:75:e4:70:f8:bf:
e6:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:D9:B0:F8:B6:0B:9C:31:1A:CB:27:4D:3D:1B:DE:18:82:6C:78:B9
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/NNmw-LYLnDEayydNPRveGIJseLk.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
a7:05:e7:ee:10:d9:b1:eb:5c:d5:c2:f7:22:34:08:b6:e4:4d:
60:7c:dc:94:50:bf:76:fa:35:5c:e2:a6:03:a4:c5:51:c6:a4:
14:33:6b:cf:31:b0:a4:48:29:4e:42:cf:fe:11:12:b8:37:fd:
d6:56:b3:8a:7c:84:b5:01:fd:df:4f:88:55:8a:f6:93:92:95:
30:7d:48:fa:3d:e7:6a:c7:a5:99:b8:ba:53:e0:ef:3b:d0:92:
f6:2e:70:74:71:26:06:46:56:45:53:6b:da:08:32:f0:06:6c:
5a:f2:20:0a:23:45:6d:f5:e0:10:0b:25:ab:b2:ea:db:ad:04:
a1:7a:da:02:c0:02:dd:61:f4:bb:be:c3:05:22:7d:fd:29:67:
08:ef:c7:7c:61:74:c4:7a:ff:3c:ff:e3:65:b7:b4:4d:7f:9e:
66:b6:67:0e:50:44:5a:0c:4d:c3:d4:08:0c:88:29:b8:be:ff:
3e:64:46:45:1e:17:8c:b8:59:94:cf:95:6b:76:98:8f:20:58:
b5:3b:f1:96:48:52:51:fd:c1:36:af:b4:ad:e0:42:80:69:8d:
f2:71:45:9f:e5:16:76:f1:b3:55:0e:13:46:f8:4b:0a:04:d1:
ff:02:fc:a5:f7:37:36:d1:33:b8:69:39:b3:6e:1f:98:29:62:
c8:8c:9c:3e
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICAZkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MDkw
NTA3NDRaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDM0RDlCMEY4QjYwQjlD
MzExQUNCMjc0RDNEMUJERTE4ODI2Qzc4QjkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCeRrWNHlxCbh0ydoNM6FicqPgCb78VXPTcNMgjnoIMuPOYl9Jp
Ll2GT3o6Or862FA2/xzw+WsFYxfghVg4TRToI4vBvut20Vx2sR2M2HAiUfripk/1
A7Mn03byaaSl9wh7ZoYqfJbyr4j07duKfCl7cbHGtMJbTIv5N3na4wHKOjkU7nRi
X3nWXOnihw7u2QW4Ub7yWOemeO4tvQroOZYYhC590y1F2NByBJIT0N+1E4Ep0TJ3
LiY+uwtked4JMZelt/Gyi3HiP/xq3NMicOH6qr7Y3VwZNN6b9XmcLvb3Hq/Uomzw
fFGG0BR9Kx6e6oeBsPLMvId6Sjx15HD4v+YzAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUNNmw+LYLnDEayydNPRveGIJseLkwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9OTm13LUxZTG5ERWF5eWRO
UFJ2ZUdJSnNlTGsucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBAKcF5+4Q2bHrXNXC9yI0CLbkTWB83JRQv3b6
NVzipgOkxVHGpBQza88xsKRIKU5Cz/4RErg3/dZWs4p8hLUB/d9PiFWK9pOSlTB9
SPo952rHpZm4ulPg7zvQkvYucHRxJgZGVkVTa9oIMvAGbFryIAojRW314BALJauy
6tutBKF62gLAAt1h9Lu+wwUiff0pZwjvx3xhdMR6/zz/42W3tE1/nma2Zw5QRFoM
TcPUCAyIKbi+/z5kRkUeF4y4WZTPlWt2mI8gWLU78ZZIUlH9wTavtK3gQoBpjfJx
RZ/lFnbxs1UOE0b4SwoE0f8C/KX3NzbRM7hpObNuH5gpYsiMnD4=
-----END CERTIFICATE-----
Generated at Sat May 17 23:21:24 2025 by rpki-client