Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/MyDCYdISD4yJET4zLP6q8gJ8y7M.roa
File: MyDCYdISD4yJET4zLP6q8gJ8y7M.roa (raw, json)
Hash identifier: KQ/FTRaaaSiA/T8HeST6jarcz/l3vgrFqXGPcPNkjBE=
Subject key identifier: 33:20:C2:61:D2:12:0F:8C:89:11:3E:33:2C:FE:AA:F2:02:7C:CB:B3
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 20ED
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/MyDCYdISD4yJET4zLP6q8gJ8y7M.roa
Signing time: Fri 20 Jun 2025 11:11:40 +0000
ROA not before: Fri 20 Jun 2025 11:11:40 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8429 (0x20ed)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 20 11:11:40 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=3320C261D2120F8C89113E332CFEAAF2027CCBB3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:86:53:c0:1d:78:ca:09:31:c0:57:46:8e:fc:
1f:8e:28:8e:bf:d2:fb:d7:d8:f7:5a:90:cc:81:4b:
b6:56:d9:3b:4e:8c:35:aa:bc:ac:9a:25:32:1e:02:
c0:7b:7a:38:2b:78:0a:e5:3c:85:ec:a1:8a:5f:17:
b1:7c:9f:cb:8c:09:02:4e:e9:1f:80:4f:6c:06:d4:
5d:dd:fa:9e:0b:65:62:b2:f9:79:e3:03:e5:cc:8e:
02:87:ad:a9:6d:08:92:1c:4f:70:2c:e4:68:9a:51:
bc:c2:a3:75:84:07:7d:aa:d5:c8:3e:9b:17:fd:ee:
b5:89:50:2c:b3:d9:95:8d:bb:81:2a:49:63:89:9d:
cc:39:9f:82:ae:6a:b5:6e:96:f6:ae:a7:90:55:12:
4e:58:29:7a:2d:5f:3a:c8:b9:c2:1c:cc:72:3c:aa:
9d:27:f9:1e:ee:68:ed:4f:3d:30:ee:2b:15:7f:d9:
93:b8:d7:03:9d:43:55:71:c0:2d:1e:3f:78:42:82:
86:1c:e6:5f:bb:78:78:f6:61:7e:ec:3e:ef:dc:16:
57:c5:68:c7:3f:6d:d0:28:53:a9:66:a9:bd:3d:f5:
4f:29:b5:71:8f:bd:8a:59:50:f8:af:8c:c5:4b:95:
c3:1b:09:e9:ec:fe:8b:c8:f9:b9:1e:1f:f7:09:f2:
c5:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:20:C2:61:D2:12:0F:8C:89:11:3E:33:2C:FE:AA:F2:02:7C:CB:B3
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/MyDCYdISD4yJET4zLP6q8gJ8y7M.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
75:2e:bc:04:46:98:c5:c4:0c:47:73:17:53:3d:b9:0b:f7:c4:
c6:b4:3c:fc:44:0c:e1:e5:f2:e6:71:7a:72:da:f4:47:c2:22:
e0:45:46:ae:f0:61:33:8d:7d:68:14:ff:b6:69:4e:eb:e7:ee:
ab:16:e5:5e:5e:ff:1d:29:57:63:c9:75:ec:28:7a:e7:4b:e3:
ee:d1:80:32:ef:c5:29:cb:d8:fb:80:b6:d4:4a:8d:44:f7:c2:
ac:cb:8d:57:a0:c0:bd:f8:24:91:f6:47:18:cc:01:81:d1:d3:
52:83:5b:61:d3:00:8a:46:11:e2:ba:5e:04:bc:82:ae:cb:ea:
37:60:69:11:c4:08:2a:05:71:8c:40:5a:70:84:99:38:cb:67:
e9:df:c0:26:b8:28:02:da:d7:f5:74:d7:2d:a4:57:9b:3c:ea:
b3:0a:49:87:e4:ae:02:b9:dd:e4:00:5f:8b:5b:d4:a3:c9:bf:
79:5d:52:60:9e:e5:c9:74:01:5c:f4:58:e3:9a:9f:18:19:b4:
ac:78:ef:9a:e5:21:31:a6:b4:48:2b:35:d2:93:ac:8e:1d:50:
a5:01:02:33:66:b3:0d:27:ca:a2:8f:cd:d6:3f:47:92:d7:81:
73:bc:37:45:52:91:55:ac:12:fd:4a:c2:70:fe:8b:fa:14:ae:
23:d5:a9:55
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICIO0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MjAx
MTExNDBaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDMzMjBDMjYxRDIxMjBG
OEM4OTExM0UzMzJDRkVBQUYyMDI3Q0NCQjMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDjhlPAHXjKCTHAV0aO/B+OKI6/0vvX2PdakMyBS7ZW2TtOjDWq
vKyaJTIeAsB7ejgreArlPIXsoYpfF7F8n8uMCQJO6R+AT2wG1F3d+p4LZWKy+Xnj
A+XMjgKHraltCJIcT3As5GiaUbzCo3WEB32q1cg+mxf97rWJUCyz2ZWNu4EqSWOJ
ncw5n4KuarVulvaup5BVEk5YKXotXzrIucIczHI8qp0n+R7uaO1PPTDuKxV/2ZO4
1wOdQ1VxwC0eP3hCgoYc5l+7eHj2YX7sPu/cFlfFaMc/bdAoU6lmqb099U8ptXGP
vYpZUPivjMVLlcMbCens/ovI+bkeH/cJ8sVpAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUMyDCYdISD4yJET4zLP6q8gJ8y7MwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9NeURDWWRJU0Q0eUpFVDR6
TFA2cThnSjh5N00ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBAHUuvARGmMXEDEdzF1M9uQv3xMa0PPxEDOHl
8uZxenLa9EfCIuBFRq7wYTONfWgU/7ZpTuvn7qsW5V5e/x0pV2PJdewoeudL4+7R
gDLvxSnL2PuAttRKjUT3wqzLjVegwL34JJH2RxjMAYHR01KDW2HTAIpGEeK6XgS8
gq7L6jdgaRHECCoFcYxAWnCEmTjLZ+nfwCa4KALa1/V01y2kV5s86rMKSYfkrgK5
3eQAX4tb1KPJv3ldUmCe5cl0AVz0WOOanxgZtKx475rlITGmtEgrNdKTrI4dUKUB
AjNmsw0nyqKPzdY/R5LXgXO8N0VSkVWsEv1KwnD+i/oUriPVqVU=
-----END CERTIFICATE-----
Generated at Sun Jul 20 19:04:09 2025 by rpki-client