Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/dgQprwRTYzhWY5CV_DUuJgArPck.roa
File: dgQprwRTYzhWY5CV_DUuJgArPck.roa (raw, json)
Hash identifier: dj85e7OEm+k29gNytRAGmYMsrWEca+USKchIJ83JfFQ=
Subject key identifier: 76:04:29:AF:04:53:63:38:56:63:90:95:FC:35:2E:26:00:2B:3D:C9
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 136D
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/dgQprwRTYzhWY5CV_DUuJgArPck.roa
Signing time: Sun 01 Jun 2025 23:39:13 +0000
ROA not before: Sun 01 Jun 2025 23:39:13 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4973 (0x136d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 1 23:39:13 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=760429AF0453633856639095FC352E26002B3DC9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:af:95:73:fd:a2:90:40:6c:ce:e7:32:f9:bc:
21:12:df:6f:0c:b6:6a:92:21:33:8b:9f:49:45:f8:
1c:7c:3f:3e:59:20:f2:e4:ed:bf:f4:aa:5a:cd:b0:
30:90:05:07:a8:da:76:a3:48:b4:18:e6:65:67:bb:
01:9e:5f:5d:04:ec:4e:f5:de:c9:92:49:82:f0:29:
55:07:51:ca:b7:b8:5b:87:64:11:e9:34:d1:b3:e4:
8b:02:c4:13:98:dd:dc:2f:34:a4:c6:d6:cd:4a:c6:
04:85:a1:9d:fb:57:d6:ba:61:95:65:cf:34:8d:7b:
07:33:7b:b5:61:7d:6b:80:69:d4:32:1c:3e:af:d0:
2e:eb:62:0d:9a:39:7e:e8:97:a3:e2:a2:cb:d1:6a:
35:2c:13:c6:10:b5:b2:bb:b0:66:89:23:74:f0:48:
b7:32:3e:bc:7b:51:d7:fd:49:c1:da:cf:90:ac:70:
91:d9:a3:cc:b8:27:1d:2d:f1:dc:8d:af:28:c0:ba:
c3:ee:7d:a2:d4:d1:2d:86:7e:3d:26:2d:1a:b5:a0:
84:5e:ea:55:d9:07:c7:70:4e:e9:ee:6d:a7:06:32:
eb:77:e8:fa:aa:98:fa:2d:4b:bd:9a:5d:6d:ac:30:
d2:48:3c:c9:fb:dc:36:6d:b2:d5:86:db:b4:cd:3c:
3f:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:04:29:AF:04:53:63:38:56:63:90:95:FC:35:2E:26:00:2B:3D:C9
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/dgQprwRTYzhWY5CV_DUuJgArPck.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
91:81:36:e4:43:b1:df:fd:34:15:c3:f5:f3:ce:ba:86:7f:e5:
0a:30:71:b1:49:2a:f4:09:76:bd:ae:0b:b4:9e:89:a5:0c:58:
46:0b:e1:bf:f9:90:17:1e:60:a2:d9:90:a4:52:b9:56:84:4d:
22:00:22:fc:b1:0e:3c:a0:b9:5d:13:ab:0c:8d:6f:a3:a3:f8:
ee:7f:a9:4c:f3:ae:b0:ae:26:0d:cc:c4:b3:a5:65:57:ec:22:
85:9f:a3:83:74:d5:94:4c:a5:58:86:26:70:d6:b2:d4:76:ca:
3f:c0:da:49:46:ce:2f:e9:b9:21:ff:32:27:51:5b:9d:14:6e:
8b:82:66:d1:3a:e0:3d:a5:62:5f:05:e5:9b:5e:de:c3:6f:f8:
7b:fa:fe:53:33:15:71:5e:41:28:ef:bd:f3:25:e9:55:ae:55:
97:50:7b:6f:5a:4d:a4:d1:49:bf:3c:24:69:04:60:5e:91:54:
ca:3f:af:8a:dd:97:41:26:bb:f8:10:0c:d2:01:68:08:45:3c:
92:f3:28:d7:9d:8d:23:e6:7d:45:2c:69:ad:69:49:94:81:39:
1a:36:cc:35:0d:11:8b:78:30:db:c8:0e:54:88:e7:a6:75:d2:
86:a2:d1:37:c1:3b:0d:cf:58:e5:79:7f:88:86:45:2e:1a:95:
c5:b7:11:2c
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICE20wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MDEy
MzM5MTNaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDc2MDQyOUFGMDQ1MzYz
Mzg1NjYzOTA5NUZDMzUyRTI2MDAyQjNEQzkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDHr5Vz/aKQQGzO5zL5vCES328MtmqSITOLn0lF+Bx8Pz5ZIPLk
7b/0qlrNsDCQBQeo2najSLQY5mVnuwGeX10E7E713smSSYLwKVUHUcq3uFuHZBHp
NNGz5IsCxBOY3dwvNKTG1s1KxgSFoZ37V9a6YZVlzzSNewcze7VhfWuAadQyHD6v
0C7rYg2aOX7ol6PiosvRajUsE8YQtbK7sGaJI3TwSLcyPrx7Udf9ScHaz5CscJHZ
o8y4Jx0t8dyNryjAusPufaLU0S2Gfj0mLRq1oIRe6lXZB8dwTunubacGMut36Pqq
mPotS72aXW2sMNJIPMn73DZtstWG27TNPD9jAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUdgQprwRTYzhWY5CV/DUuJgArPckwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9kZ1FwcndSVFl6aFdZNUNW
X0RVdUpnQXJQY2sucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBAJGBNuRDsd/9NBXD9fPOuoZ/5QowcbFJKvQJ
dr2uC7SeiaUMWEYL4b/5kBceYKLZkKRSuVaETSIAIvyxDjyguV0TqwyNb6Oj+O5/
qUzzrrCuJg3MxLOlZVfsIoWfo4N01ZRMpViGJnDWstR2yj/A2klGzi/puSH/MidR
W50UbouCZtE64D2lYl8F5Zte3sNv+Hv6/lMzFXFeQSjvvfMl6VWuVZdQe29aTaTR
Sb88JGkEYF6RVMo/r4rdl0Emu/gQDNIBaAhFPJLzKNedjSPmfUUsaa1pSZSBORo2
zDUNEYt4MNvIDlSI56Z10oai0TfBOw3PWOV5f4iGRS4alcW3ESw=
-----END CERTIFICATE-----
Generated at Wed Jun 4 01:14:48 2025 by rpki-client