Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/PVnUub_BlhsvYd89HN0-Do5bdgc.roa
File: PVnUub_BlhsvYd89HN0-Do5bdgc.roa (raw, json)
Hash identifier: MMmLtNhuXW+Pk+QfqwYa3/mL3WTVwFoNC3IEk8FYTa0=
Subject key identifier: 3D:59:D4:B9:BF:C1:96:1B:2F:61:DF:3D:1C:DD:3E:0E:8E:5B:76:07
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 03B1
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/PVnUub_BlhsvYd89HN0-Do5bdgc.roa
Signing time: Mon 12 May 2025 00:08:15 +0000
ROA not before: Mon 12 May 2025 00:08:15 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 945 (0x3b1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 12 00:08:15 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=3D59D4B9BFC1961B2F61DF3D1CDD3E0E8E5B7607
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:87:4c:50:9e:4e:84:16:52:b4:4a:17:7d:b6:
72:11:a6:4d:9c:f2:50:00:d1:88:3e:99:02:fb:39:
b6:ca:a5:da:62:5e:8d:e4:36:4d:a1:6d:0e:ce:44:
d0:9a:5e:72:7e:d4:bf:9d:e0:42:44:ec:ff:54:7f:
cb:20:28:58:e8:10:44:a9:ba:fa:9b:69:90:55:18:
97:f0:27:f3:4c:88:85:bc:e7:6c:e4:e0:ad:bf:06:
54:0d:2c:19:7a:a8:b1:30:3b:67:d6:9c:14:b1:16:
5b:57:c7:95:38:ad:ee:b2:1b:bb:40:bb:29:3e:98:
48:2c:36:14:c0:4d:08:6f:cd:5b:f2:41:80:b6:b6:
e0:62:ba:45:32:4c:1d:a9:c3:94:ce:c4:78:dd:ff:
de:93:42:d4:a3:27:ec:32:7d:c6:35:9c:6d:d9:ef:
5a:66:1f:c7:76:65:dc:be:44:56:bc:af:cf:69:0f:
1d:ab:a6:c5:09:2f:5c:37:85:89:55:3f:1e:36:34:
9c:8b:0f:e1:94:97:88:d0:02:92:e4:69:47:b7:90:
d4:80:00:78:d0:12:9a:05:eb:9e:5b:6b:36:ff:9e:
62:34:88:bc:b5:47:29:e9:73:e2:a7:39:63:8c:39:
f0:56:9f:96:8a:3a:f6:74:d9:c8:78:e4:17:e7:d9:
25:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:59:D4:B9:BF:C1:96:1B:2F:61:DF:3D:1C:DD:3E:0E:8E:5B:76:07
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/PVnUub_BlhsvYd89HN0-Do5bdgc.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
2e:5d:7a:8e:66:37:af:2f:aa:84:9c:0f:cd:3b:dc:f3:64:0d:
2a:34:9b:bc:a9:73:9c:ea:37:78:68:12:d9:de:fd:eb:37:e2:
a7:30:8b:07:2e:c8:93:e6:9e:4d:e3:ca:d4:f8:d9:72:c3:71:
e3:c1:6a:66:aa:65:fa:62:b3:d2:7e:8a:9a:7c:aa:4e:95:ad:
f0:f4:ae:29:a4:06:f9:6f:c9:3d:ad:42:39:04:7f:38:fd:65:
13:d5:77:2c:5b:dd:25:25:4d:7e:aa:f0:4c:0a:b7:40:70:d7:
e0:37:a6:86:cc:c8:d7:8d:3b:89:6e:ce:2c:73:7d:ec:97:18:
64:17:ad:c0:5d:98:f0:80:ef:8c:cf:a1:4d:2d:0f:1d:6b:f6:
38:f8:ad:90:e9:28:0d:72:24:fd:f5:7f:ab:bc:09:fc:f3:3b:
74:79:d5:62:b3:67:03:80:4d:6a:dd:8a:50:b3:30:6f:ba:b8:
4f:a7:7d:a5:35:aa:ac:8b:96:c6:3f:c4:97:f5:c6:49:c0:a8:
be:3b:88:4e:7d:e0:5f:03:e3:23:54:f0:85:80:ad:a2:46:0b:
a2:47:44:25:63:de:56:02:3c:7a:1d:a9:ce:ee:e7:2a:f5:82:
d3:8d:b6:85:40:97:3b:d6:dc:31:36:2a:0e:8b:a3:14:e7:e8:
ae:f1:39:82
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICA7EwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTIw
MDA4MTVaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDNENTlENEI5QkZDMTk2
MUIyRjYxREYzRDFDREQzRTBFOEU1Qjc2MDcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDRh0xQnk6EFlK0Shd9tnIRpk2c8lAA0Yg+mQL7ObbKpdpiXo3k
Nk2hbQ7ORNCaXnJ+1L+d4EJE7P9Uf8sgKFjoEESpuvqbaZBVGJfwJ/NMiIW852zk
4K2/BlQNLBl6qLEwO2fWnBSxFltXx5U4re6yG7tAuyk+mEgsNhTATQhvzVvyQYC2
tuBiukUyTB2pw5TOxHjd/96TQtSjJ+wyfcY1nG3Z71pmH8d2Zdy+RFa8r89pDx2r
psUJL1w3hYlVPx42NJyLD+GUl4jQApLkaUe3kNSAAHjQEpoF655bazb/nmI0iLy1
Rynpc+KnOWOMOfBWn5aKOvZ02ch45Bfn2SWVAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUPVnUub/BlhsvYd89HN0+Do5bdgcwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9QVm5VdWJfQmxoc3ZZZDg5
SE4wLURvNWJkZ2Mucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBAC5deo5mN68vqoScD8073PNkDSo0m7ypc5zq
N3hoEtne/es34qcwiwcuyJPmnk3jytT42XLDcePBamaqZfpis9J+ipp8qk6VrfD0
rimkBvlvyT2tQjkEfzj9ZRPVdyxb3SUlTX6q8EwKt0Bw1+A3pobMyNeNO4luzixz
feyXGGQXrcBdmPCA74zPoU0tDx1r9jj4rZDpKA1yJP31f6u8CfzzO3R51WKzZwOA
TWrdilCzMG+6uE+nfaU1qqyLlsY/xJf1xknAqL47iE594F8D4yNU8IWAraJGC6JH
RCVj3lYCPHodqc7u5yr1gtONtoVAlzvW3DE2Kg6LoxTn6K7xOYI=
-----END CERTIFICATE-----
Generated at Wed Jun 4 01:03:37 2025 by rpki-client