Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/nTB6r0ZydDtf_BzIUDajmCbAdTg.roa
File: nTB6r0ZydDtf_BzIUDajmCbAdTg.roa (raw, json)
Hash identifier: cNVLHrIWZy06Gf+0JJHCIFj1R3iHs2aWnepD3IBoQik=
Subject key identifier: 9D:30:7A:AF:46:72:74:3B:5F:FC:1C:C8:50:36:A3:98:26:C0:75:38
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 12A1
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/nTB6r0ZydDtf_BzIUDajmCbAdTg.roa
Signing time: Sat 31 May 2025 22:09:11 +0000
ROA not before: Sat 31 May 2025 22:09:11 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4769 (0x12a1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 31 22:09:11 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=9D307AAF4672743B5FFC1CC85036A39826C07538
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:d9:83:39:20:2d:4b:a0:36:66:fa:53:09:44:
00:75:ab:fc:c2:ab:db:9b:ae:5b:75:27:8d:2d:ea:
ce:70:81:3d:e6:1b:68:75:9d:ec:f2:a5:83:87:48:
13:15:49:41:79:21:f8:94:52:f3:8b:2a:b2:48:eb:
1a:8b:2f:fb:bf:39:f0:58:30:d4:76:d8:d9:f0:d6:
9c:70:d0:9e:33:da:fd:ab:06:17:48:d0:ae:ca:84:
47:12:34:a3:b8:a2:f5:63:8a:85:26:b1:df:ee:52:
69:88:63:92:57:7f:19:90:54:80:9c:be:0f:16:39:
ec:f4:5b:e1:d9:dc:5c:7e:78:cf:8a:d0:9f:7c:88:
a4:e9:0a:e9:b8:20:82:92:f5:e0:90:a5:7e:ea:9f:
18:5f:34:e6:c2:ca:a6:78:12:7e:d5:d7:aa:9b:d6:
08:a9:ba:b2:b8:21:a5:ce:ce:f5:b8:98:08:0e:0a:
05:17:91:82:57:92:3d:f9:10:7c:96:71:4c:b0:ca:
58:51:1f:cc:e0:86:8c:0c:44:29:f2:b0:14:90:72:
f9:ac:14:8a:3f:35:30:6d:72:5f:a7:1d:22:30:16:
6e:b4:6b:60:99:ad:cd:77:5a:b3:97:44:7e:10:7d:
1e:c3:ee:08:8b:74:b4:12:c0:fb:c7:8f:12:b3:73:
99:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:30:7A:AF:46:72:74:3B:5F:FC:1C:C8:50:36:A3:98:26:C0:75:38
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/nTB6r0ZydDtf_BzIUDajmCbAdTg.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
54:3b:18:10:f0:07:38:6b:e2:c4:4b:67:8a:77:dd:ee:c6:7a:
1e:bc:00:5c:92:ea:10:9a:5e:d7:59:7d:90:98:d8:15:60:56:
6a:ab:2e:5d:51:5d:6a:99:a1:87:40:e0:c9:a9:3b:98:df:93:
13:54:d5:6c:f9:a4:ef:5f:c6:5b:ac:e9:bf:48:f6:87:e4:6c:
c8:8b:0d:63:df:ef:a6:f7:e2:ec:14:d0:34:15:11:ca:8c:9a:
ae:c9:1c:a3:13:b7:61:b3:2e:3e:68:dd:40:fa:86:6a:9b:63:
80:8b:e2:67:38:4f:b2:1e:0b:8b:da:76:85:08:84:76:ee:db:
ba:66:cb:83:f6:8e:a3:9d:b9:83:79:23:b6:5e:d4:7d:b2:c5:
e8:6a:54:5e:82:51:d0:ee:5b:0d:d5:b6:2b:61:39:23:06:35:
a1:16:2f:a3:25:c0:34:d3:90:94:75:a7:89:cb:d6:58:c0:68:
52:c1:f2:5a:49:68:24:4c:5a:6d:32:22:1f:1b:a4:15:2f:17:
f5:1c:83:a6:4b:1f:4d:79:79:22:8c:08:b1:9c:43:95:a1:6d:
de:1a:2c:ee:ff:25:b6:3f:6d:81:77:d5:40:08:45:39:a4:a9:
2c:a7:50:84:4b:6f:05:64:25:61:fb:e5:8e:c2:d3:10:2d:95:
07:67:e6:85
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICEqEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MzEy
MjA5MTFaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDlEMzA3QUFGNDY3Mjc0
M0I1RkZDMUNDODUwMzZBMzk4MjZDMDc1MzgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC62YM5IC1LoDZm+lMJRAB1q/zCq9ubrlt1J40t6s5wgT3mG2h1
nezypYOHSBMVSUF5IfiUUvOLKrJI6xqLL/u/OfBYMNR22Nnw1pxw0J4z2v2rBhdI
0K7KhEcSNKO4ovVjioUmsd/uUmmIY5JXfxmQVICcvg8WOez0W+HZ3Fx+eM+K0J98
iKTpCum4IIKS9eCQpX7qnxhfNObCyqZ4En7V16qb1gipurK4IaXOzvW4mAgOCgUX
kYJXkj35EHyWcUywylhRH8zghowMRCnysBSQcvmsFIo/NTBtcl+nHSIwFm60a2CZ
rc13WrOXRH4QfR7D7giLdLQSwPvHjxKzc5mFAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUnTB6r0ZydDtf/BzIUDajmCbAdTgwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9uVEI2cjBaeWREdGZfQnpJ
VURham1DYkFkVGcucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBAFQ7GBDwBzhr4sRLZ4p33e7Geh68AFyS6hCa
XtdZfZCY2BVgVmqrLl1RXWqZoYdA4MmpO5jfkxNU1Wz5pO9fxlus6b9I9ofkbMiL
DWPf76b34uwU0DQVEcqMmq7JHKMTt2GzLj5o3UD6hmqbY4CL4mc4T7IeC4vadoUI
hHbu27pmy4P2jqOduYN5I7Ze1H2yxehqVF6CUdDuWw3VtithOSMGNaEWL6MlwDTT
kJR1p4nL1ljAaFLB8lpJaCRMWm0yIh8bpBUvF/Ucg6ZLH015eSKMCLGcQ5Whbd4a
LO7/JbY/bYF31UAIRTmkqSynUIRLbwVkJWH75Y7C0xAtlQdn5oU=
-----END CERTIFICATE-----
Generated at Wed Jun 4 01:03:44 2025 by rpki-client