Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/dpmuDuH8p0cxrzIma6tslxE9q4U.roa
File: dpmuDuH8p0cxrzIma6tslxE9q4U.roa (raw, json)
Hash identifier: Psk5oop6xfl7452FRORuopQYH+0spHrQPlUENgIJkL4=
Subject key identifier: 76:99:AE:0E:E1:FC:A7:47:31:AF:32:26:6B:AB:6C:97:11:3D:AB:85
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 05A1
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/dpmuDuH8p0cxrzIma6tslxE9q4U.roa
Signing time: Wed 14 May 2025 14:08:04 +0000
ROA not before: Wed 14 May 2025 14:08:04 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1441 (0x5a1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 14 14:08:04 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=7699AE0EE1FCA74731AF32266BAB6C97113DAB85
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:d3:e0:43:38:d0:48:1c:11:7a:ab:0a:bd:97:
be:01:e5:c3:17:4d:22:50:4f:d5:a0:26:95:47:7e:
68:1b:46:ee:b6:7e:6c:03:d2:92:e4:fd:28:99:2d:
0e:9f:c6:b9:ba:41:f9:ab:39:cf:32:c3:0b:ed:6e:
c3:f1:d9:26:ea:8b:66:cb:ec:ec:d5:e2:ea:9b:9e:
aa:bf:d7:3c:b8:e9:65:c3:6a:37:dc:84:22:13:9c:
4b:8b:88:0d:47:e8:fa:aa:80:0a:ef:26:cf:30:30:
f9:9b:0c:d4:f1:b5:38:a1:fe:ec:bb:c4:37:88:b8:
ee:41:72:58:03:bb:28:bb:ae:82:79:31:af:e6:98:
53:85:44:f7:2c:a7:08:fd:4d:37:2c:ef:dd:57:ea:
bb:1b:5c:53:d4:7c:86:d1:64:11:f5:b5:ed:cc:e8:
a0:14:aa:bf:0a:14:34:8c:93:19:9d:ea:59:3c:9c:
e7:71:7e:bb:89:60:8f:60:e3:a7:d5:67:0f:e6:66:
13:7f:f7:ed:7f:c7:26:e9:51:ba:2e:32:b6:7a:8b:
9a:68:36:3b:b5:83:95:b8:e3:06:f6:64:39:4a:f6:
c8:92:60:bd:7a:f1:5a:55:5d:3a:96:43:e4:46:d7:
84:f6:66:0e:9d:13:92:b2:a6:01:b7:3a:e3:54:e3:
36:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:99:AE:0E:E1:FC:A7:47:31:AF:32:26:6B:AB:6C:97:11:3D:AB:85
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/dpmuDuH8p0cxrzIma6tslxE9q4U.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
49:48:a9:04:05:18:24:44:ad:70:be:4d:c0:de:ab:51:2e:4b:
71:b1:8b:68:ab:77:98:d4:55:db:d6:31:b0:96:94:9f:72:6d:
38:22:77:27:59:00:46:c7:34:5e:0f:c6:31:b3:7c:cc:50:d5:
6c:58:e9:0e:24:03:72:81:de:e1:bc:b7:5b:d1:18:9d:e5:dd:
a4:07:8f:ff:36:96:08:b4:b3:a4:9f:77:58:59:1f:ee:56:a0:
a5:11:f6:58:b5:f7:05:3a:e1:a1:fd:9e:76:c6:6b:a1:2a:a8:
85:cd:a5:b2:ec:49:3e:9f:13:c3:4c:44:0f:4a:65:f7:e5:33:
87:4c:51:2d:1c:4a:5e:3c:53:23:09:a7:67:0c:6e:37:13:62:
60:21:5f:f9:8b:25:f4:b9:a6:da:17:31:f2:14:a8:90:4d:b9:
ec:95:14:8b:63:1d:44:83:47:6e:8d:68:4e:d0:c7:15:6d:c2:
19:00:4e:1e:f5:65:8c:24:41:41:e5:b5:c3:ca:32:0c:e3:24:
76:d6:fc:07:4e:9b:88:cf:d6:39:cf:d9:fe:a1:09:cb:88:eb:
06:54:c6:82:99:ce:eb:90:7b:d4:91:44:47:ad:01:06:22:45:
92:30:17:f0:95:68:b0:14:f4:04:ae:0d:de:4f:76:67:56:2f:
65:2c:a5:f4
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICBaEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTQx
NDA4MDRaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDc2OTlBRTBFRTFGQ0E3
NDczMUFGMzIyNjZCQUI2Qzk3MTEzREFCODUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCW0+BDONBIHBF6qwq9l74B5cMXTSJQT9WgJpVHfmgbRu62fmwD
0pLk/SiZLQ6fxrm6QfmrOc8ywwvtbsPx2Sbqi2bL7OzV4uqbnqq/1zy46WXDajfc
hCITnEuLiA1H6PqqgArvJs8wMPmbDNTxtTih/uy7xDeIuO5BclgDuyi7roJ5Ma/m
mFOFRPcspwj9TTcs791X6rsbXFPUfIbRZBH1te3M6KAUqr8KFDSMkxmd6lk8nOdx
fruJYI9g46fVZw/mZhN/9+1/xybpUbouMrZ6i5poNju1g5W44wb2ZDlK9siSYL16
8VpVXTqWQ+RG14T2Zg6dE5KypgG3OuNU4zaHAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUdpmuDuH8p0cxrzIma6tslxE9q4UwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9kcG11RHVIOHAwY3hyeklt
YTZ0c2x4RTlxNFUucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBAElIqQQFGCRErXC+TcDeq1EuS3Gxi2ird5jU
VdvWMbCWlJ9ybTgidydZAEbHNF4PxjGzfMxQ1WxY6Q4kA3KB3uG8t1vRGJ3l3aQH
j/82lgi0s6Sfd1hZH+5WoKUR9li19wU64aH9nnbGa6EqqIXNpbLsST6fE8NMRA9K
ZfflM4dMUS0cSl48UyMJp2cMbjcTYmAhX/mLJfS5ptoXMfIUqJBNueyVFItjHUSD
R26NaE7QxxVtwhkATh71ZYwkQUHltcPKMgzjJHbW/AdOm4jP1jnP2f6hCcuI6wZU
xoKZzuuQe9SRREetAQYiRZIwF/CVaLAU9ASuDd5PdmdWL2UspfQ=
-----END CERTIFICATE-----
Generated at Sat May 17 23:21:17 2025 by rpki-client