Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/n4nVOGlPP0Imo3H3s4BweyatNWU.roa
File: n4nVOGlPP0Imo3H3s4BweyatNWU.roa (raw, json)
Hash identifier: p8N2lfuW3DpfiSp0qBMmesswdUkOqpUttrQIByqlfEw=
Subject key identifier: 9F:89:D5:38:69:4F:3F:42:26:A3:71:F7:B3:80:70:7B:26:AD:35:65
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0BC9
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/n4nVOGlPP0Imo3H3s4BweyatNWU.roa
Signing time: Thu 22 May 2025 19:08:24 +0000
ROA not before: Thu 22 May 2025 19:08:24 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3017 (0xbc9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 22 19:08:24 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=9F89D538694F3F4226A371F7B380707B26AD3565
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:f4:ce:7c:83:cc:85:16:cd:bf:f7:b4:14:18:
0e:ae:f1:8d:83:ee:c8:b6:21:2d:b0:43:96:87:11:
54:81:22:5c:34:ae:91:5c:f9:b4:d7:19:d9:85:32:
69:c9:5e:78:12:73:ed:0d:82:6e:bd:d3:c0:ae:be:
f2:5b:f5:b2:4e:19:07:fc:e4:e8:35:92:3f:d8:db:
c2:dd:45:b4:45:f9:99:35:ec:6a:ac:58:84:aa:fe:
53:2f:0a:24:2d:48:40:14:e8:1e:96:90:d5:73:99:
3b:85:f6:98:81:ea:b1:2d:b5:d0:2d:44:34:b1:5f:
51:66:32:8d:95:a8:1a:15:67:82:fb:32:37:05:93:
49:0f:e3:96:71:bf:e6:ff:c1:f0:7c:95:ab:50:df:
31:84:e5:0a:3f:c5:45:9c:5b:36:bb:c6:c6:f2:bf:
54:80:56:f5:79:36:ae:36:e3:27:6a:b3:c8:63:7b:
53:e7:6d:b2:9b:f3:ab:da:8b:e4:3e:96:33:cf:58:
c8:62:6c:26:e4:ac:37:37:cd:54:be:dd:71:25:3b:
2d:af:b9:b6:44:ed:40:f6:c9:56:84:cb:f6:9e:c6:
2f:5f:ee:5f:bc:b7:6c:82:6d:d0:03:61:11:f4:87:
a5:b0:c8:1a:38:fd:eb:db:0e:1f:75:0f:a3:6d:97:
b9:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:89:D5:38:69:4F:3F:42:26:A3:71:F7:B3:80:70:7B:26:AD:35:65
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/n4nVOGlPP0Imo3H3s4BweyatNWU.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
6d:07:b4:cc:cb:ab:1c:81:e2:42:c1:53:1a:c8:55:80:06:d1:
76:fe:1b:f3:98:7c:d7:04:20:25:aa:b8:96:a0:38:97:e1:bf:
1a:ec:97:9d:ef:d2:70:04:09:00:a6:86:35:c3:a7:35:30:a7:
00:97:41:23:40:ad:55:16:ef:e3:70:b7:33:56:1c:26:a9:f9:
86:32:d4:3a:d7:91:04:11:15:dc:b7:35:dd:ac:aa:18:a8:c6:
99:23:fb:02:9f:50:14:6b:9f:b5:1a:31:ef:5d:ed:4a:8e:4b:
50:48:f4:41:01:2d:78:4a:25:3d:56:08:6c:2c:1c:8e:23:74:
60:7b:e5:47:75:3e:3c:4f:54:6c:fe:9f:b3:ee:e6:96:99:43:
29:bd:e2:49:94:86:90:e5:c4:f9:e0:ed:13:5b:2b:2f:cc:4b:
96:46:f2:d7:47:78:28:68:14:d9:87:94:76:7d:e7:5a:83:5a:
72:de:bf:52:bc:f3:ce:44:57:cb:6e:10:38:39:07:7b:c9:ac:
c9:81:17:a6:c2:4f:ac:73:46:c8:18:fe:16:95:d1:9f:1e:d0:
e6:51:cd:4d:b0:87:ac:a4:cb:bf:7a:7a:8d:f2:3f:be:72:10:
4f:02:a2:f9:87:a4:6d:2c:7c:b6:53:42:09:12:0b:1b:db:d3:
24:7b:d2:40
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICC8kwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MjIx
OTA4MjRaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDlGODlENTM4Njk0RjNG
NDIyNkEzNzFGN0IzODA3MDdCMjZBRDM1NjUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDN9M58g8yFFs2/97QUGA6u8Y2D7si2IS2wQ5aHEVSBIlw0rpFc
+bTXGdmFMmnJXngSc+0Ngm6908CuvvJb9bJOGQf85Og1kj/Y28LdRbRF+Zk17Gqs
WISq/lMvCiQtSEAU6B6WkNVzmTuF9piB6rEttdAtRDSxX1FmMo2VqBoVZ4L7MjcF
k0kP45Zxv+b/wfB8latQ3zGE5Qo/xUWcWza7xsbyv1SAVvV5Nq424ydqs8hje1Pn
bbKb86vai+Q+ljPPWMhibCbkrDc3zVS+3XElOy2vubZE7UD2yVaEy/aexi9f7l+8
t2yCbdADYRH0h6WwyBo4/evbDh91D6Ntl7nXAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUn4nVOGlPP0Imo3H3s4BweyatNWUwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9uNG5WT0dsUFAwSW1vM0gz
czRCd2V5YXROV1Uucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBAG0HtMzLqxyB4kLBUxrIVYAG0Xb+G/OYfNcE
ICWquJagOJfhvxrsl53v0nAECQCmhjXDpzUwpwCXQSNArVUW7+NwtzNWHCap+YYy
1DrXkQQRFdy3Nd2sqhioxpkj+wKfUBRrn7UaMe9d7UqOS1BI9EEBLXhKJT1WCGws
HI4jdGB75Ud1PjxPVGz+n7Pu5paZQym94kmUhpDlxPng7RNbKy/MS5ZG8tdHeCho
FNmHlHZ951qDWnLev1K8885EV8tuEDg5B3vJrMmBF6bCT6xzRsgY/haV0Z8e0OZR
zU2wh6yky796eo3yP75yEE8CovmHpG0sfLZTQgkSCxvb0yR70kA=
-----END CERTIFICATE-----
Generated at Wed Jun 4 01:16:05 2025 by rpki-client