Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/dJkkZ7bOf2anqu4KOt1BOYoaeTc.roa
File: dJkkZ7bOf2anqu4KOt1BOYoaeTc.roa (raw, json)
Hash identifier: kYCdXn+50qlgUHi3ua8Ed/PBIXs6rsesmgyXAPBylic=
Subject key identifier: 74:99:24:67:B6:CE:7F:66:A7:AA:EE:0A:3A:DD:41:39:8A:1A:79:37
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0471
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/dJkkZ7bOf2anqu4KOt1BOYoaeTc.roa
Signing time: Tue 13 May 2025 00:09:07 +0000
ROA not before: Tue 13 May 2025 00:09:07 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1137 (0x471)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 13 00:09:07 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=74992467B6CE7F66A7AAEE0A3ADD41398A1A7937
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:92:26:b2:85:b2:ec:ff:65:ed:05:f7:4c:ff:
fb:ad:c9:85:5d:92:3f:44:40:0d:dd:63:0a:15:d5:
e8:a5:e2:0e:b1:9c:cb:57:15:4f:23:c9:3d:36:dc:
c5:07:74:25:65:84:96:44:ab:b4:80:dd:3d:d5:ad:
b1:6b:8f:3c:39:84:2d:ca:e2:7d:3e:44:c3:fc:c0:
e2:84:fa:a2:51:6d:59:50:a5:14:fe:e4:cf:55:ef:
d6:f3:63:12:67:48:72:06:0d:56:bd:df:07:0d:19:
6b:b7:67:81:e3:2e:a4:8b:35:13:b1:2c:4b:38:47:
ce:21:fb:76:ff:fb:d7:6d:f8:be:75:99:aa:9f:60:
ae:48:07:83:bb:ef:02:e0:f8:e3:e0:5f:5b:01:14:
49:43:31:18:82:da:2c:d6:87:06:f5:3c:97:89:b4:
2a:ca:dd:d7:84:d0:8d:94:b3:91:f6:39:af:bc:28:
d2:d9:9d:10:bc:c6:a6:b5:e4:e3:c4:82:e8:98:2d:
65:b7:42:31:58:58:b1:41:c8:e4:b9:0c:6e:5a:8f:
4a:1f:66:1a:c7:8c:6c:b1:ed:95:f7:c8:24:93:7b:
26:f3:cf:dd:b5:c9:c5:cf:b7:38:87:0b:65:51:29:
84:b0:3e:73:ce:f2:ff:b0:50:6f:53:66:1c:9b:91:
c9:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:99:24:67:B6:CE:7F:66:A7:AA:EE:0A:3A:DD:41:39:8A:1A:79:37
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/dJkkZ7bOf2anqu4KOt1BOYoaeTc.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
50:5a:3e:83:22:86:be:1f:d0:b9:97:c8:2d:ec:61:39:76:26:
e3:f1:f0:9c:ad:15:13:e2:dc:56:87:95:39:55:19:ce:5e:7b:
0b:1e:80:28:d5:23:8c:0a:79:db:48:4b:38:42:13:f0:68:d0:
dd:2d:89:61:d9:c8:53:c6:f6:d1:0a:71:e1:e5:2f:81:68:6f:
e8:15:d1:7e:13:a1:aa:a2:cd:19:d5:57:f7:9e:e5:d0:f2:49:
ab:c6:77:d0:0a:9b:d9:42:d1:cd:de:79:13:aa:f3:49:1b:23:
85:c1:10:3e:f7:d4:69:4b:7a:b0:9a:a6:0e:98:14:80:72:7c:
0e:f3:1d:49:d7:f6:73:2a:73:16:b1:a8:a8:af:20:c1:18:98:
7c:86:23:26:4c:11:5c:2f:af:e5:11:bc:a1:21:99:55:a8:7e:
92:39:a7:95:33:fb:80:43:44:c1:38:a6:eb:dd:eb:0b:81:a5:
43:75:01:04:23:ed:1e:7f:aa:06:6a:54:49:27:77:1c:f7:a0:
b6:1b:23:2a:19:d6:7a:7d:d4:36:92:f7:69:67:6f:64:86:ed:
57:d4:aa:06:ec:c1:84:8b:ae:90:6e:81:df:30:18:e7:24:fc:
6d:a9:b6:e7:04:97:81:3a:15:a8:f0:d8:b8:7d:c2:c8:69:04:
d7:30:14:d5
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICBHEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTMw
MDA5MDdaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDc0OTkyNDY3QjZDRTdG
NjZBN0FBRUUwQTNBREQ0MTM5OEExQTc5MzcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCmkiayhbLs/2XtBfdM//utyYVdkj9EQA3dYwoV1eil4g6xnMtX
FU8jyT023MUHdCVlhJZEq7SA3T3VrbFrjzw5hC3K4n0+RMP8wOKE+qJRbVlQpRT+
5M9V79bzYxJnSHIGDVa93wcNGWu3Z4HjLqSLNROxLEs4R84h+3b/+9dt+L51maqf
YK5IB4O77wLg+OPgX1sBFElDMRiC2izWhwb1PJeJtCrK3deE0I2Us5H2Oa+8KNLZ
nRC8xqa15OPEguiYLWW3QjFYWLFByOS5DG5aj0ofZhrHjGyx7ZX3yCSTeybzz921
ycXPtziHC2VRKYSwPnPO8v+wUG9TZhybkclPAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUdJkkZ7bOf2anqu4KOt1BOYoaeTcwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9kSmtrWjdiT2YyYW5xdTRL
T3QxQk9Zb2FlVGMucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBAFBaPoMihr4f0LmXyC3sYTl2JuPx8JytFRPi
3FaHlTlVGc5eewsegCjVI4wKedtISzhCE/Bo0N0tiWHZyFPG9tEKceHlL4Fob+gV
0X4ToaqizRnVV/ee5dDySavGd9AKm9lC0c3eeROq80kbI4XBED731GlLerCapg6Y
FIByfA7zHUnX9nMqcxaxqKivIMEYmHyGIyZMEVwvr+URvKEhmVWofpI5p5Uz+4BD
RME4puvd6wuBpUN1AQQj7R5/qgZqVEkndxz3oLYbIyoZ1np91DaS92lnb2SG7VfU
qgbswYSLrpBugd8wGOck/G2ptucEl4E6Fajw2Lh9wshpBNcwFNU=
-----END CERTIFICATE-----
Generated at Wed Jun 4 00:55:48 2025 by rpki-client