Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/oPshpqq8vSUL1MULoPjgwDSuQkM.roa
File: oPshpqq8vSUL1MULoPjgwDSuQkM.roa (raw, json)
Hash identifier: p/xED96t0wGendksKz1DF0wc78yFa+rr71kj7PW9fqY=
Subject key identifier: A0:FB:21:A6:AA:BC:BD:25:0B:D4:C5:0B:A0:F8:E0:C0:34:AE:42:43
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 040D
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/oPshpqq8vSUL1MULoPjgwDSuQkM.roa
Signing time: Mon 12 May 2025 11:37:57 +0000
ROA not before: Mon 12 May 2025 11:37:57 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1037 (0x40d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 12 11:37:57 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=A0FB21A6AABCBD250BD4C50BA0F8E0C034AE4243
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:cf:af:f1:c9:33:11:c4:65:44:b2:d9:76:bb:
b3:84:6d:10:f6:c1:37:11:32:97:8f:7b:58:7d:58:
56:39:b5:96:9a:05:14:31:b1:c0:10:2a:48:0d:54:
13:4c:31:3c:a1:9b:17:d1:0c:df:ad:2b:e6:b9:7f:
8b:08:76:38:21:68:7b:94:8f:36:36:44:e5:bb:ec:
b2:af:7d:bf:c4:62:cb:59:8f:da:74:07:30:2d:6c:
e4:d4:51:b5:69:6b:80:f6:36:1c:d1:33:40:d6:35:
db:5a:1f:db:43:91:39:ec:91:40:2b:18:26:aa:ae:
f0:e6:f1:1f:41:e7:fa:ae:8f:06:34:5d:39:5a:f0:
30:83:53:1b:20:63:e6:ec:06:8d:f6:5f:e5:37:26:
13:43:78:23:3f:4a:e7:33:64:91:ac:d1:50:84:a6:
a9:f3:81:80:07:86:9c:8f:41:3a:a2:6d:a8:80:30:
28:fc:e5:69:be:08:49:04:6d:ba:9e:6e:9d:b9:d3:
02:2b:75:8b:f6:80:a9:a3:21:b8:0c:e6:f1:b6:25:
7f:4f:54:f2:11:9e:36:70:8d:da:04:9e:de:44:57:
fc:11:41:6f:10:b8:72:2e:ea:50:a3:e6:a0:26:14:
06:8f:32:f2:c1:a4:58:8b:da:d3:13:51:33:d9:1d:
f3:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:FB:21:A6:AA:BC:BD:25:0B:D4:C5:0B:A0:F8:E0:C0:34:AE:42:43
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/oPshpqq8vSUL1MULoPjgwDSuQkM.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
3b:ab:ca:d6:60:01:a7:d6:00:fc:6a:53:65:27:ae:27:09:25:
8f:8a:ba:23:de:f4:4d:1f:0b:89:5d:f4:5e:28:10:d7:f0:de:
d2:38:70:77:11:68:8e:ac:0c:92:5d:50:16:e0:49:f8:ee:05:
49:36:76:1a:73:8c:63:bc:b4:42:c1:ef:ab:e9:bb:45:30:70:
ae:34:38:f0:74:7c:60:e7:d5:e3:85:fe:03:c6:64:a7:d1:e2:
33:25:b6:b8:39:3c:f6:2f:15:49:6c:f2:3f:b5:6b:ad:ce:d6:
61:72:6d:a4:54:09:0c:ed:3f:30:d1:70:9e:85:e8:6c:b3:5a:
31:7f:51:5a:0b:36:16:67:55:12:a9:1f:8d:f4:b0:2d:ed:d9:
93:2c:e0:61:d4:a9:7e:f2:cd:b1:fc:60:d5:90:84:d6:b5:7d:
1e:03:2d:39:64:b0:cf:20:ab:0c:5d:d8:f3:ed:f6:86:1f:fe:
da:50:5a:89:67:94:64:2b:ac:d4:75:de:e0:4f:71:01:d4:8a:
e5:e9:3e:a5:ed:3f:1e:81:3f:8e:fe:85:be:98:05:74:ff:b1:
6a:58:14:d6:1f:ff:7d:91:86:b4:2e:65:9e:51:4a:f6:a6:52:
5c:c8:b5:5d:07:6b:b3:3b:24:fd:e1:d7:9e:f0:e5:c8:e7:85:
57:e8:c5:c7
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICBA0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTIx
MTM3NTdaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEEwRkIyMUE2QUFCQ0JE
MjUwQkQ0QzUwQkEwRjhFMEMwMzRBRTQyNDMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCiz6/xyTMRxGVEstl2u7OEbRD2wTcRMpePe1h9WFY5tZaaBRQx
scAQKkgNVBNMMTyhmxfRDN+tK+a5f4sIdjghaHuUjzY2ROW77LKvfb/EYstZj9p0
BzAtbOTUUbVpa4D2NhzRM0DWNdtaH9tDkTnskUArGCaqrvDm8R9B5/qujwY0XTla
8DCDUxsgY+bsBo32X+U3JhNDeCM/SuczZJGs0VCEpqnzgYAHhpyPQTqibaiAMCj8
5Wm+CEkEbbqebp250wIrdYv2gKmjIbgM5vG2JX9PVPIRnjZwjdoEnt5EV/wRQW8Q
uHIu6lCj5qAmFAaPMvLBpFiL2tMTUTPZHfOPAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUoPshpqq8vSUL1MULoPjgwDSuQkMwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9vUHNocHFxOHZTVUwxTVVM
b1BqZ3dEU3VRa00ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBADurytZgAafWAPxqU2UnricJJY+KuiPe9E0f
C4ld9F4oENfw3tI4cHcRaI6sDJJdUBbgSfjuBUk2dhpzjGO8tELB76vpu0UwcK40
OPB0fGDn1eOF/gPGZKfR4jMltrg5PPYvFUls8j+1a63O1mFybaRUCQztPzDRcJ6F
6GyzWjF/UVoLNhZnVRKpH430sC3t2ZMs4GHUqX7yzbH8YNWQhNa1fR4DLTlksM8g
qwxd2PPt9oYf/tpQWolnlGQrrNR13uBPcQHUiuXpPqXtPx6BP47+hb6YBXT/sWpY
FNYf/32RhrQuZZ5RSvamUlzItV0Ha7M7JP3h157w5cjnhVfoxcc=
-----END CERTIFICATE-----
Generated at Sun May 18 07:17:30 2025 by rpki-client