Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/OSWToDZb7-cU--MPrSjrJLdhWOw.roa
File: OSWToDZb7-cU--MPrSjrJLdhWOw.roa (raw, json)
Hash identifier: kkTAIJorCLV6daiDszs3iRRj1Zf7bJsxVU7hFUop9zw=
Subject key identifier: 39:25:93:A0:36:5B:EF:E7:14:FB:E3:0F:AD:28:EB:24:B7:61:58:EC
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0355
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/OSWToDZb7-cU--MPrSjrJLdhWOw.roa
Signing time: Sun 11 May 2025 12:37:54 +0000
ROA not before: Sun 11 May 2025 12:37:54 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 853 (0x355)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 11 12:37:54 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=392593A0365BEFE714FBE30FAD28EB24B76158EC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:0f:ec:a1:1a:82:55:44:40:fe:b6:3d:77:b1:
0e:6d:a0:7e:1e:20:e8:2a:c5:94:92:0f:a6:27:ba:
b1:24:33:62:40:02:7f:dc:05:82:ac:a7:b1:bc:8b:
ed:e9:c5:97:8b:cc:66:33:7c:67:08:6b:76:03:34:
56:0e:d5:9b:30:1b:fc:f4:ed:a3:e1:db:aa:bc:0f:
a6:53:11:12:6a:21:dc:9d:96:78:f4:f0:93:bc:be:
a0:98:73:a5:1f:61:92:df:10:1b:3f:13:e7:4c:38:
38:94:f3:ba:2e:50:e2:cf:06:3c:e7:ce:be:90:93:
8f:0f:b4:a9:8b:18:58:5f:50:8d:7f:24:67:f4:e2:
4a:8c:28:e5:e1:87:7b:9b:c4:c0:39:66:b2:1e:18:
1b:8b:ce:ef:2c:5c:f6:67:25:ae:0c:50:7d:4d:41:
22:c9:30:9e:dc:65:ba:40:f6:71:9f:92:e0:7e:66:
ea:77:c9:df:0c:86:c0:4a:fa:10:14:3a:e7:f6:9d:
1d:21:10:0c:39:78:86:eb:2f:9f:6c:26:85:e0:13:
86:de:58:5d:0a:cd:41:56:ba:08:a6:20:83:dc:2e:
a1:8b:26:2e:a6:f5:25:68:51:86:f7:7c:d9:53:d2:
f6:f9:6b:4c:ba:ac:b5:bc:26:08:20:97:a0:38:9b:
45:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:25:93:A0:36:5B:EF:E7:14:FB:E3:0F:AD:28:EB:24:B7:61:58:EC
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/OSWToDZb7-cU--MPrSjrJLdhWOw.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
9c:6a:29:d8:af:23:1f:d5:30:85:c2:1c:48:05:fc:28:2f:c6:
e4:df:4d:36:da:78:f1:9c:ca:1a:b3:89:96:97:78:e4:26:10:
4a:0f:82:cc:2a:ad:bd:41:49:8e:fb:3a:00:47:f1:ef:d4:46:
31:3a:e7:2e:dc:b3:62:f3:70:db:e1:5c:a5:0b:00:a1:b6:2e:
12:29:d8:b6:2a:72:15:97:fc:ca:59:97:7f:44:ca:49:8d:5b:
da:3c:ac:33:1c:d9:f3:f6:f1:f5:96:cd:37:35:d2:05:84:b7:
f3:6b:8f:54:fd:c9:f5:30:01:c2:14:e7:63:2a:61:9c:96:bb:
42:e1:cc:dc:7c:25:9f:c4:ca:aa:b3:53:e1:2d:bd:31:f7:7e:
48:b2:49:57:74:92:5b:d1:2b:e3:43:aa:bc:29:fe:4d:36:fd:
e2:1d:d3:ea:3a:65:64:90:56:79:c7:5d:4a:2e:78:3d:d9:17:
0c:14:b0:35:89:f4:f9:a1:a6:4a:97:c3:34:4f:26:c0:e2:04:
a3:5b:cb:37:36:72:e1:28:3b:38:bf:a2:a8:ed:ca:0d:07:64:
ef:95:35:66:67:1a:f2:55:6a:4a:cb:f9:91:27:2c:7c:36:1e:
ea:db:49:49:b1:97:a8:67:9a:f6:a4:71:84:0e:82:b0:51:08:
18:15:29:13
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICA1UwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTEx
MjM3NTRaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDM5MjU5M0EwMzY1QkVG
RTcxNEZCRTMwRkFEMjhFQjI0Qjc2MTU4RUMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDfD+yhGoJVRED+tj13sQ5toH4eIOgqxZSSD6YnurEkM2JAAn/c
BYKsp7G8i+3pxZeLzGYzfGcIa3YDNFYO1ZswG/z07aPh26q8D6ZTERJqIdydlnj0
8JO8vqCYc6UfYZLfEBs/E+dMODiU87ouUOLPBjznzr6Qk48PtKmLGFhfUI1/JGf0
4kqMKOXhh3ubxMA5ZrIeGBuLzu8sXPZnJa4MUH1NQSLJMJ7cZbpA9nGfkuB+Zup3
yd8MhsBK+hAUOuf2nR0hEAw5eIbrL59sJoXgE4beWF0KzUFWugimIIPcLqGLJi6m
9SVoUYb3fNlT0vb5a0y6rLW8Jgggl6A4m0WtAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUOSWToDZb7+cU++MPrSjrJLdhWOwwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9PU1dUb0RaYjctY1UtLU1Q
clNqckpMZGhXT3cucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBAJxqKdivIx/VMIXCHEgF/CgvxuTfTTbaePGc
yhqziZaXeOQmEEoPgswqrb1BSY77OgBH8e/URjE65y7cs2LzcNvhXKULAKG2LhIp
2LYqchWX/MpZl39EykmNW9o8rDMc2fP28fWWzTc10gWEt/Nrj1T9yfUwAcIU52Mq
YZyWu0LhzNx8JZ/EyqqzU+EtvTH3fkiySVd0klvRK+NDqrwp/k02/eId0+o6ZWSQ
VnnHXUoueD3ZFwwUsDWJ9PmhpkqXwzRPJsDiBKNbyzc2cuEoOzi/oqjtyg0HZO+V
NWZnGvJVakrL+ZEnLHw2HurbSUmxl6hnmvakcYQOgrBRCBgVKRM=
-----END CERTIFICATE-----
Generated at Sat May 17 22:37:05 2025 by rpki-client