Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/idRNA5xIOGqD4Z_OTta84v1RFfU.roa
File: idRNA5xIOGqD4Z_OTta84v1RFfU.roa (raw, json)
Hash identifier: 60YFSRLBHEN1y0P928fCPhnOC28x+7Ral6JjHwkjjuY=
Subject key identifier: 89:D4:4D:03:9C:48:38:6A:83:E1:9F:CE:4E:D6:BC:E2:FD:51:15:F5
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0D1D
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/idRNA5xIOGqD4Z_OTta84v1RFfU.roa
Signing time: Sat 24 May 2025 13:38:32 +0000
ROA not before: Sat 24 May 2025 13:38:32 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3357 (0xd1d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 24 13:38:32 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=89D44D039C48386A83E19FCE4ED6BCE2FD5115F5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:f4:ec:08:ff:18:18:5a:b3:a7:4b:be:ad:46:
5a:2d:3e:5a:a2:11:61:60:ca:ec:e0:18:a9:20:1f:
49:02:72:0d:fa:33:b1:59:92:68:ec:e4:7d:12:99:
90:59:e1:d5:8b:e2:ec:b6:59:cd:73:f0:cf:fe:2d:
57:f7:0c:5b:04:36:7f:df:25:87:77:d0:e7:55:86:
4b:4a:f6:f5:ba:39:a5:e0:a4:7d:cc:ff:f1:71:ea:
30:51:61:45:1b:b5:8d:60:0a:83:30:4d:80:34:5c:
c7:a2:7a:e2:b5:6d:fc:24:3f:72:a6:60:f5:69:04:
43:df:f5:fe:f1:a8:a7:19:6f:81:98:db:43:b5:e8:
ee:43:9e:6e:d0:d2:8a:fb:79:fb:8d:67:97:52:59:
92:89:e3:ca:29:e7:e9:b2:98:c6:7f:42:e1:f3:57:
a9:c5:d7:2a:0f:48:03:aa:21:7e:ca:66:13:47:13:
db:f4:cd:d2:2f:df:07:50:02:6c:80:2a:2a:8f:40:
4c:f6:80:bd:d4:09:c6:b1:47:87:15:1e:73:5e:95:
e4:f8:85:33:7d:0c:73:20:07:3e:c4:15:93:0c:5e:
46:8a:4a:7a:76:37:27:b3:3a:62:18:f7:09:ff:1e:
a6:a8:2a:4b:20:bc:63:7b:0a:03:0c:2f:80:8d:30:
4f:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:D4:4D:03:9C:48:38:6A:83:E1:9F:CE:4E:D6:BC:E2:FD:51:15:F5
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/idRNA5xIOGqD4Z_OTta84v1RFfU.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
4f:b1:ea:91:bd:e7:44:b6:08:fb:99:a1:1b:7c:37:c5:48:35:
33:8e:7b:89:65:b2:cc:f9:e1:47:98:3a:0d:07:e8:ea:87:bd:
a2:75:b7:9f:99:93:87:3b:48:52:74:47:22:60:0a:bb:48:2a:
f2:15:9f:ed:09:52:e5:ea:3f:3a:fd:bc:ee:5e:95:72:18:83:
3a:61:c1:20:d1:75:f1:81:66:1b:a3:9e:63:2a:31:a9:b8:26:
10:ce:82:5a:c2:d3:06:54:3b:06:06:79:6a:e5:42:a0:fa:c8:
bf:2b:59:f2:0c:38:56:4f:65:37:24:97:86:3e:a6:45:1b:f3:
9f:78:6c:93:da:fd:ad:d6:af:73:83:a3:47:bb:9d:cf:de:ae:
06:79:d5:41:c8:6c:19:f8:d8:3e:9c:a1:29:f7:71:14:a9:cb:
d5:9d:14:72:d3:6c:a1:a9:96:ee:fb:dc:a4:81:29:ed:cd:ee:
3f:e4:28:57:c8:8c:1c:82:a7:b7:19:73:d0:4b:ad:57:71:5a:
d9:1d:d9:ea:e2:f1:35:a1:da:b9:66:bf:1d:1d:cb:99:6b:8e:
08:7f:56:ab:4b:bd:39:6c:b5:28:37:b8:39:f9:0f:27:45:8e:
90:f8:e5:67:79:3b:01:21:c2:5d:f0:ee:29:76:a0:bd:bd:fb:
84:95:4e:cd
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICDR0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MjQx
MzM4MzJaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDg5RDQ0RDAzOUM0ODM4
NkE4M0UxOUZDRTRFRDZCQ0UyRkQ1MTE1RjUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC49OwI/xgYWrOnS76tRlotPlqiEWFgyuzgGKkgH0kCcg36M7FZ
kmjs5H0SmZBZ4dWL4uy2Wc1z8M/+LVf3DFsENn/fJYd30OdVhktK9vW6OaXgpH3M
//Fx6jBRYUUbtY1gCoMwTYA0XMeieuK1bfwkP3KmYPVpBEPf9f7xqKcZb4GY20O1
6O5Dnm7Q0or7efuNZ5dSWZKJ48op5+mymMZ/QuHzV6nF1yoPSAOqIX7KZhNHE9v0
zdIv3wdQAmyAKiqPQEz2gL3UCcaxR4cVHnNeleT4hTN9DHMgBz7EFZMMXkaKSnp2
NyezOmIY9wn/HqaoKksgvGN7CgMML4CNME9XAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUidRNA5xIOGqD4Z/OTta84v1RFfUwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9pZFJOQTV4SU9HcUQ0Wl9P
VHRhODR2MVJGZlUucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBAE+x6pG950S2CPuZoRt8N8VINTOOe4llssz5
4UeYOg0H6OqHvaJ1t5+Zk4c7SFJ0RyJgCrtIKvIVn+0JUuXqPzr9vO5elXIYgzph
wSDRdfGBZhujnmMqMam4JhDOglrC0wZUOwYGeWrlQqD6yL8rWfIMOFZPZTckl4Y+
pkUb8594bJPa/a3Wr3ODo0e7nc/ergZ51UHIbBn42D6coSn3cRSpy9WdFHLTbKGp
lu773KSBKe3N7j/kKFfIjByCp7cZc9BLrVdxWtkd2eri8TWh2rlmvx0dy5lrjgh/
VqtLvTlstSg3uDn5DydFjpD45Wd5OwEhwl3w7il2oL29+4SVTs0=
-----END CERTIFICATE-----
Generated at Sun Jul 20 12:43:09 2025 by rpki-client