Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/NtROGhmIXCeI87svr2H86JyNCkY.roa
File: NtROGhmIXCeI87svr2H86JyNCkY.roa (raw, json)
Hash identifier: ju9gU3qDznpnVtzekEBqczvY7R9ly+Oj/GqNk4ZvXQo=
Subject key identifier: 36:D4:4E:1A:19:88:5C:27:88:F3:BB:2F:AF:61:FC:E8:9C:8D:0A:46
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 2349
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/NtROGhmIXCeI87svr2H86JyNCkY.roa
Signing time: Mon 23 Jun 2025 14:41:53 +0000
ROA not before: Mon 23 Jun 2025 14:41:53 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 9033 (0x2349)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 23 14:41:53 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=36D44E1A19885C2788F3BB2FAF61FCE89C8D0A46
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:ee:c4:d2:bb:a4:ad:7e:67:44:42:01:23:c3:
03:b4:65:14:a0:f9:ea:3d:a1:5e:d1:5b:9a:57:17:
93:b5:98:9f:f9:5a:e3:2a:03:f8:91:ee:7c:e7:c3:
85:e1:40:1a:66:7b:2e:d2:38:ea:9a:0e:6e:57:47:
e0:85:b2:9d:41:a6:32:c2:2d:4e:b0:a2:e1:4c:24:
0a:c4:8e:e9:05:f5:cc:6f:c0:13:c0:2a:8f:e5:15:
84:99:df:2a:d0:7d:05:8b:0e:9b:18:70:24:ca:76:
cf:2d:b3:e5:e7:1d:ba:3b:2c:83:28:a1:02:eb:e0:
61:99:c4:d4:ef:12:a1:06:0c:7f:9b:4c:6d:a1:d6:
8b:a6:a8:19:61:30:d7:6b:d1:16:4f:41:99:60:1b:
b7:72:80:6e:d0:d4:c0:e4:60:9a:28:20:ae:6b:01:
42:26:10:d1:f6:42:4d:7b:29:8d:bf:ab:55:9f:7c:
38:7b:43:d3:20:8d:34:c5:51:c2:bf:12:59:c8:4e:
1f:24:21:9c:c2:0d:88:01:a2:94:17:78:d6:4e:aa:
35:4b:7e:97:5c:28:d6:6a:83:ce:22:e8:54:7d:6b:
2b:7c:eb:df:f5:f7:28:c6:eb:be:82:0a:d7:ad:e8:
8c:e6:c0:eb:b2:6d:16:58:96:30:d2:d3:da:b3:1d:
83:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:D4:4E:1A:19:88:5C:27:88:F3:BB:2F:AF:61:FC:E8:9C:8D:0A:46
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/NtROGhmIXCeI87svr2H86JyNCkY.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
63:42:37:ea:72:75:b2:64:c8:ac:ed:28:e5:46:ca:ba:dd:bf:
a6:6a:ca:22:a2:91:63:c3:d4:b0:12:5e:6f:e9:b1:89:8d:e4:
53:b4:27:d7:f8:2c:c4:1e:d5:0e:d9:ab:02:88:43:7d:1c:45:
e2:f2:0b:a6:eb:56:d2:3d:4a:f3:c6:e5:86:84:d4:79:fa:e7:
8f:bd:18:d8:96:27:21:ec:b2:96:ca:8c:8f:43:1d:d8:45:c9:
a3:41:2a:76:58:85:68:ef:5e:58:da:13:6f:70:26:6e:3b:24:
95:3d:e8:99:13:e5:3b:5d:70:8e:7a:92:c5:0b:86:41:ce:34:
92:1d:f9:e5:f8:45:57:a9:3f:26:a9:79:65:1f:00:9f:51:6b:
7b:34:dd:2d:da:a8:c9:37:00:f5:1f:8a:bc:9d:f0:48:1c:8d:
ba:b9:c2:ec:15:e2:ea:c0:1c:fc:fd:4f:8e:db:f0:40:83:e9:
6f:09:f6:95:8b:9d:1b:ef:de:c3:4d:64:10:1d:4a:50:e6:ec:
14:8d:15:9d:28:4e:65:64:c5:05:2b:64:16:a3:e8:06:f7:43:
b8:a9:4f:e4:93:c7:26:a6:ea:76:f6:2d:09:ae:8a:e1:d7:bd:
6c:60:42:2e:13:ee:eb:af:14:60:75:eb:03:35:cd:12:62:1d:
dc:16:3e:13
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICI0kwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MjMx
NDQxNTNaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDM2RDQ0RTFBMTk4ODVD
Mjc4OEYzQkIyRkFGNjFGQ0U4OUM4RDBBNDYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDB7sTSu6StfmdEQgEjwwO0ZRSg+eo9oV7RW5pXF5O1mJ/5WuMq
A/iR7nznw4XhQBpmey7SOOqaDm5XR+CFsp1BpjLCLU6wouFMJArEjukF9cxvwBPA
Ko/lFYSZ3yrQfQWLDpsYcCTKds8ts+XnHbo7LIMooQLr4GGZxNTvEqEGDH+bTG2h
1oumqBlhMNdr0RZPQZlgG7dygG7Q1MDkYJooIK5rAUImENH2Qk17KY2/q1WffDh7
Q9MgjTTFUcK/ElnITh8kIZzCDYgBopQXeNZOqjVLfpdcKNZqg84i6FR9ayt869/1
9yjG676CCtet6IzmwOuybRZYljDS09qzHYOlAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUNtROGhmIXCeI87svr2H86JyNCkYwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9OdFJPR2htSVhDZUk4N3N2
cjJIODZKeU5Da1kucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBAGNCN+pydbJkyKztKOVGyrrdv6ZqyiKikWPD
1LASXm/psYmN5FO0J9f4LMQe1Q7ZqwKIQ30cReLyC6brVtI9SvPG5YaE1Hn654+9
GNiWJyHsspbKjI9DHdhFyaNBKnZYhWjvXljaE29wJm47JJU96JkT5TtdcI56ksUL
hkHONJId+eX4RVepPyapeWUfAJ9Ra3s03S3aqMk3APUfiryd8Egcjbq5wuwV4urA
HPz9T47b8ECD6W8J9pWLnRvv3sNNZBAdSlDm7BSNFZ0oTmVkxQUrZBaj6Ab3Q7ip
T+STxyam6nb2LQmuiuHXvWxgQi4T7uuvFGB16wM1zRJiHdwWPhM=
-----END CERTIFICATE-----
Generated at Mon Jul 21 03:03:41 2025 by rpki-client