Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/_dSPf3ptplAYYODEeWQJSAUm_gM.roa
File: _dSPf3ptplAYYODEeWQJSAUm_gM.roa (raw, json)
Hash identifier: /nIKYo9B+QZs+0+Og6STu6D1N2NBojPG77iTO/cupl8=
Subject key identifier: FD:D4:8F:7F:7A:6D:A6:50:18:60:E0:C4:79:64:09:48:05:26:FE:03
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0561
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/_dSPf3ptplAYYODEeWQJSAUm_gM.roa
Signing time: Wed 14 May 2025 06:08:52 +0000
ROA not before: Wed 14 May 2025 06:08:52 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1377 (0x561)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 14 06:08:52 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=FDD48F7F7A6DA6501860E0C4796409480526FE03
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f9:0b:8a:30:45:e9:ce:4e:88:29:3b:44:c9:ba:
2a:04:a7:ba:1e:de:ed:ee:77:48:c1:4d:a5:b4:cf:
54:3e:32:72:61:3f:78:c4:dc:4f:76:fb:ca:d0:56:
04:5c:f5:4e:8b:28:61:05:65:c0:d1:9b:2f:4b:33:
ac:9d:1f:65:76:16:b0:8d:95:dd:d2:21:ed:a2:b9:
62:a4:b6:f5:6b:1c:88:83:6a:ab:e4:51:5e:6a:62:
e8:cd:7d:28:d4:03:9b:72:95:dc:59:89:35:68:4c:
16:9c:2a:a9:88:3a:d3:cb:a2:ce:39:b8:ac:09:8c:
13:97:dc:8b:ae:60:19:e6:13:ad:28:0e:65:23:c6:
5a:59:0e:94:5e:4a:16:ac:0e:97:07:e1:46:73:63:
81:91:b4:a1:c2:77:97:b0:8e:17:a7:f3:3c:ad:86:
a3:aa:88:9a:1d:b8:b1:f1:2d:d5:a0:54:65:6f:f6:
59:ee:06:73:4e:3e:4e:5a:ae:07:28:a5:c1:23:a4:
e6:b8:cc:9f:91:e8:89:1f:57:e2:a9:23:46:64:e4:
dd:0b:1f:98:be:ad:1b:d4:c5:9c:b6:4e:69:07:8e:
75:2f:bf:60:9d:f6:ac:8f:93:e5:b7:da:ef:eb:91:
fe:47:45:1b:f6:46:e6:43:74:d9:67:43:c8:96:c1:
70:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:D4:8F:7F:7A:6D:A6:50:18:60:E0:C4:79:64:09:48:05:26:FE:03
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/_dSPf3ptplAYYODEeWQJSAUm_gM.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
26:9f:53:25:36:3a:4e:95:56:97:97:0a:66:db:36:49:93:44:
6b:81:aa:78:76:a0:3a:22:d3:4f:7b:da:56:89:35:5f:6d:42:
73:79:e7:ec:c9:4d:c8:19:6d:5a:a3:04:7b:cc:98:54:ca:0b:
8c:ec:0e:55:d8:17:e4:9b:fe:e9:25:70:1d:f5:9e:ea:8b:90:
71:ab:70:fa:35:8d:26:1f:d9:dc:24:27:3b:b0:f8:d0:85:ed:
e9:ce:a7:e1:8b:42:fd:ce:74:f2:a1:a5:fd:96:73:b6:3c:87:
56:71:d2:86:00:19:44:af:da:ae:4f:8f:63:86:37:05:68:f4:
df:77:3f:70:d5:20:c0:ad:be:8a:bc:06:eb:b1:ec:b9:5b:9a:
d1:ca:b6:a5:72:7c:41:cb:c8:3b:a6:98:53:04:8f:de:c9:fc:
fe:9a:d4:08:90:95:c8:ff:d4:34:83:1e:4b:db:f4:8e:0c:15:
03:09:d2:5b:5e:ea:6f:6b:9d:a8:a8:58:4c:c9:c7:72:24:8b:
a2:4a:e4:7f:0b:96:13:ff:bc:19:c4:de:b7:f0:90:c4:a0:9d:
73:b2:c9:6e:21:0b:96:5b:16:66:54:f0:2f:2d:e2:00:98:c0:
ce:03:bb:88:08:c5:3b:7a:2b:1d:b1:92:f6:f7:bb:2b:78:70:
4b:bf:a3:3d
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICBWEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTQw
NjA4NTJaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEZERDQ4RjdGN0E2REE2
NTAxODYwRTBDNDc5NjQwOTQ4MDUyNkZFMDMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQD5C4owRenOTogpO0TJuioEp7oe3u3ud0jBTaW0z1Q+MnJhP3jE
3E92+8rQVgRc9U6LKGEFZcDRmy9LM6ydH2V2FrCNld3SIe2iuWKktvVrHIiDaqvk
UV5qYujNfSjUA5tyldxZiTVoTBacKqmIOtPLos45uKwJjBOX3IuuYBnmE60oDmUj
xlpZDpReShasDpcH4UZzY4GRtKHCd5ewjhen8zythqOqiJoduLHxLdWgVGVv9lnu
BnNOPk5argcopcEjpOa4zJ+R6IkfV+KpI0Zk5N0LH5i+rRvUxZy2TmkHjnUvv2Cd
9qyPk+W32u/rkf5HRRv2RuZDdNlnQ8iWwXAHAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQU/dSPf3ptplAYYODEeWQJSAUm/gMwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9fZFNQZjNwdHBsQVlZT0RF
ZVdRSlNBVW1fZ00ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBACafUyU2Ok6VVpeXCmbbNkmTRGuBqnh2oDoi
00972laJNV9tQnN55+zJTcgZbVqjBHvMmFTKC4zsDlXYF+Sb/uklcB31nuqLkHGr
cPo1jSYf2dwkJzuw+NCF7enOp+GLQv3OdPKhpf2Wc7Y8h1Zx0oYAGUSv2q5Pj2OG
NwVo9N93P3DVIMCtvoq8Buux7LlbmtHKtqVyfEHLyDummFMEj97J/P6a1AiQlcj/
1DSDHkvb9I4MFQMJ0lte6m9rnaioWEzJx3Iki6JK5H8LlhP/vBnE3rfwkMSgnXOy
yW4hC5ZbFmZU8C8t4gCYwM4Du4gIxTt6Kx2xkvb3uyt4cEu/oz0=
-----END CERTIFICATE-----
Generated at Sat May 17 19:35:34 2025 by rpki-client