Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/dG2s-eBfBHyINdqxY6Ccb28kFMs.roa
File: dG2s-eBfBHyINdqxY6Ccb28kFMs.roa (raw, json)
Hash identifier: tO8LAMMKnQ6FNqNt6+8rxNFZKglOZbUrkI7IHg6uZh8=
Subject key identifier: 74:6D:AC:F9:E0:5F:04:7C:88:35:DA:B1:63:A0:9C:6F:6F:24:14:CB
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0D4D
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/dG2s-eBfBHyINdqxY6Ccb28kFMs.roa
Signing time: Sat 24 May 2025 19:38:31 +0000
ROA not before: Sat 24 May 2025 19:38:31 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3405 (0xd4d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 24 19:38:31 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=746DACF9E05F047C8835DAB163A09C6F6F2414CB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:66:e6:21:72:b9:34:5b:df:1c:a2:41:eb:32:
65:9c:29:61:93:b4:20:7a:0e:f0:47:cc:d3:79:d3:
69:19:56:d9:da:66:33:94:6b:61:ea:43:bd:66:4c:
ae:a9:1b:41:e2:c9:af:09:23:46:7e:a0:78:4e:74:
2e:73:f4:e3:80:56:07:30:b5:09:df:e5:84:36:8b:
cf:67:e3:95:b6:ba:47:9d:85:bf:f5:f6:80:88:fa:
b8:0f:0c:24:91:36:06:7f:77:d1:e9:58:61:95:e9:
54:af:43:cf:85:5f:73:e1:b5:77:97:d2:b6:d9:21:
d8:2c:be:74:e3:6f:23:1a:cf:ad:e7:67:a4:60:be:
02:e9:a3:f0:67:54:3b:97:a6:8b:02:7e:0d:df:8c:
3d:74:d7:a1:18:be:99:54:ac:6c:c7:1e:3a:79:66:
29:56:c3:c0:87:25:64:08:e1:88:1f:d9:94:74:f6:
40:89:15:a1:1d:d4:b6:d0:7d:ae:3d:85:3b:b7:49:
ad:e3:b3:95:ce:8d:48:7d:93:58:0a:be:d3:cf:b1:
29:c5:61:86:01:28:8e:36:60:c2:59:fe:76:c8:71:
ee:00:13:37:fb:1d:d7:ee:c3:17:6f:c0:5c:9b:23:
fe:49:5f:df:79:34:ee:00:e7:42:38:da:3f:3a:32:
50:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:6D:AC:F9:E0:5F:04:7C:88:35:DA:B1:63:A0:9C:6F:6F:24:14:CB
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/dG2s-eBfBHyINdqxY6Ccb28kFMs.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
1a:d8:9f:ad:d2:3d:15:84:22:02:8a:73:58:54:dd:04:e3:a2:
79:0a:70:f2:45:b7:b2:cf:1a:12:bf:00:41:3c:c9:aa:9f:c8:
7b:c1:10:42:93:54:58:45:24:9e:01:43:fe:08:6e:4f:03:31:
da:db:31:d8:66:27:dd:72:fc:a3:cc:20:b2:1a:08:d4:79:b5:
97:cc:61:58:1e:af:d6:18:e3:e9:17:fd:91:d7:cb:4c:61:cf:
33:13:9c:78:9a:c6:89:9f:4a:68:99:9f:b4:f4:29:d1:ca:d9:
d9:0c:fd:44:82:76:ec:f1:df:2c:69:5c:62:95:8c:83:45:b5:
70:d1:a1:73:c5:1b:9d:c4:08:56:af:ee:19:1e:93:d3:45:27:
42:cc:56:73:d1:c7:57:5f:e4:7d:df:e4:32:ca:bd:f8:a7:c8:
b7:5d:28:0f:74:31:3f:6b:91:b5:1c:1f:83:68:fa:c5:01:9d:
1d:5d:08:50:3c:b2:8a:4a:89:3a:14:e6:d7:c8:f9:f0:ea:c7:
f6:ed:e1:7a:75:43:58:13:d4:7f:37:fa:1d:af:d0:67:06:31:
a8:0d:5a:fe:fd:41:72:c1:fd:b0:b1:cd:2e:ff:ce:f6:82:31:
0b:e5:05:ec:89:5e:28:45:87:40:47:4d:d6:d4:1e:00:a1:ef:
8e:ae:15:95
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICDU0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MjQx
OTM4MzFaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDc0NkRBQ0Y5RTA1RjA0
N0M4ODM1REFCMTYzQTA5QzZGNkYyNDE0Q0IwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDIZuYhcrk0W98cokHrMmWcKWGTtCB6DvBHzNN502kZVtnaZjOU
a2HqQ71mTK6pG0Hiya8JI0Z+oHhOdC5z9OOAVgcwtQnf5YQ2i89n45W2ukedhb/1
9oCI+rgPDCSRNgZ/d9HpWGGV6VSvQ8+FX3PhtXeX0rbZIdgsvnTjbyMaz63nZ6Rg
vgLpo/BnVDuXposCfg3fjD1016EYvplUrGzHHjp5ZilWw8CHJWQI4Ygf2ZR09kCJ
FaEd1LbQfa49hTu3Sa3js5XOjUh9k1gKvtPPsSnFYYYBKI42YMJZ/nbIce4AEzf7
HdfuwxdvwFybI/5JX995NO4A50I42j86MlB5AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUdG2s+eBfBHyINdqxY6Ccb28kFMswHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9kRzJzLWVCZkJIeUlOZHF4
WTZDY2IyOGtGTXMucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBABrYn63SPRWEIgKKc1hU3QTjonkKcPJFt7LP
GhK/AEE8yaqfyHvBEEKTVFhFJJ4BQ/4Ibk8DMdrbMdhmJ91y/KPMILIaCNR5tZfM
YVger9YY4+kX/ZHXy0xhzzMTnHiaxomfSmiZn7T0KdHK2dkM/USCduzx3yxpXGKV
jINFtXDRoXPFG53ECFav7hkek9NFJ0LMVnPRx1df5H3f5DLKvfinyLddKA90MT9r
kbUcH4No+sUBnR1dCFA8sopKiToU5tfI+fDqx/bt4Xp1Q1gT1H83+h2v0GcGMagN
Wv79QXLB/bCxzS7/zvaCMQvlBeyJXihFh0BHTdbUHgCh746uFZU=
-----END CERTIFICATE-----
Generated at Thu Jun 5 19:17:02 2025 by rpki-client