Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/nc9oAeSeEC2eytfgEbcbP0rbzaw.roa
File: nc9oAeSeEC2eytfgEbcbP0rbzaw.roa (raw, json)
Hash identifier: lvqU5G9lG50hFVye5OfYC0jOD+2Iw8R6+5UVZM2yj2o=
Subject key identifier: 9D:CF:68:01:E4:9E:10:2D:9E:CA:D7:E0:11:B7:1B:3F:4A:DB:CD:AC
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 1DFD
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/nc9oAeSeEC2eytfgEbcbP0rbzaw.roa
Signing time: Mon 16 Jun 2025 01:40:00 +0000
ROA not before: Mon 16 Jun 2025 01:40:00 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7677 (0x1dfd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 16 01:40:00 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=9DCF6801E49E102D9ECAD7E011B71B3F4ADBCDAC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:0c:27:dc:78:34:2e:80:89:54:22:f6:3e:e9:
f7:0b:9a:c4:6b:f2:e2:d7:a8:4e:0a:35:eb:1c:0e:
89:62:a2:ba:6e:8e:a8:3e:4f:7c:2f:1d:95:95:67:
37:f2:2f:24:9d:7c:e2:37:04:5c:f2:e2:59:b3:c1:
45:07:db:eb:63:b6:df:1a:23:c5:9b:48:c6:29:54:
97:92:93:4c:68:c3:e7:e3:c9:7f:6e:dc:1b:ff:44:
51:c6:dd:c3:aa:25:5a:1f:53:eb:c8:82:c7:9e:fd:
82:78:9a:29:94:07:c8:13:ca:7b:00:d5:4c:23:1f:
fc:ed:ed:15:b5:43:c3:f3:be:69:4e:e1:b1:d5:ae:
c5:f2:c2:cb:81:7d:34:80:e7:22:28:32:08:ca:2d:
50:fc:d8:59:2d:f6:9d:ea:b9:f0:11:f4:87:2e:26:
c2:66:45:ca:07:6b:79:80:87:38:e5:ee:8e:ef:e5:
42:e3:e1:20:13:2e:98:5f:90:ad:17:fc:60:40:46:
27:bb:35:4d:93:02:80:28:2c:76:9c:b6:83:99:63:
c3:2f:df:25:80:b5:95:6b:96:c8:85:ee:a3:b5:b6:
55:ed:80:af:19:15:f5:6d:c3:ea:3d:9d:3e:82:91:
b3:75:51:74:5c:3e:11:12:0b:a3:70:c6:61:55:eb:
b1:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:CF:68:01:E4:9E:10:2D:9E:CA:D7:E0:11:B7:1B:3F:4A:DB:CD:AC
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/nc9oAeSeEC2eytfgEbcbP0rbzaw.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
7c:4a:c8:db:00:32:54:f2:36:fc:65:c6:17:fc:76:66:2f:8f:
5d:70:7f:d7:e0:f2:88:53:76:09:6c:c0:be:69:6f:37:85:49:
a0:32:68:ae:14:56:82:cf:50:40:62:d3:37:ae:57:eb:ac:c8:
b5:6f:1e:1f:f2:63:5d:3f:0a:71:a9:77:99:8d:9f:91:58:4e:
e7:1b:53:92:46:96:6f:be:f2:ba:d3:0e:43:1a:54:6f:af:46:
82:28:79:3b:0a:4e:fa:44:05:29:57:51:d8:63:a9:55:16:13:
1e:6a:2f:fe:b0:10:d0:01:67:b2:08:dc:3d:1f:5d:c3:7c:89:
f2:67:3c:75:1b:20:2a:e9:84:28:89:4d:7c:25:1f:c9:69:40:
68:5b:82:c7:e4:5b:13:14:d1:2e:21:0b:0b:80:61:e0:b4:98:
98:ad:30:f4:f1:37:e7:1e:ef:89:24:15:69:f3:43:9c:37:49:
ea:e9:82:8b:94:ee:6e:1f:1a:aa:2c:eb:09:fa:86:d6:5a:19:
4c:c1:45:14:cb:30:16:42:2f:be:87:61:0b:fc:cb:90:67:0d:
39:3f:d9:f2:43:2a:0a:a6:e9:ba:bf:f0:b6:a1:21:1b:38:b5:
dd:af:90:46:c1:23:29:b1:e3:b9:af:5a:82:e7:2a:b4:0f:52:
72:e7:0e:8b
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICHf0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MTYw
MTQwMDBaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDlEQ0Y2ODAxRTQ5RTEw
MkQ5RUNBRDdFMDExQjcxQjNGNEFEQkNEQUMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCtDCfceDQugIlUIvY+6fcLmsRr8uLXqE4KNescDoliorpujqg+
T3wvHZWVZzfyLySdfOI3BFzy4lmzwUUH2+tjtt8aI8WbSMYpVJeSk0xow+fjyX9u
3Bv/RFHG3cOqJVofU+vIgsee/YJ4mimUB8gTynsA1UwjH/zt7RW1Q8PzvmlO4bHV
rsXywsuBfTSA5yIoMgjKLVD82Fkt9p3qufAR9IcuJsJmRcoHa3mAhzjl7o7v5ULj
4SATLphfkK0X/GBARie7NU2TAoAoLHactoOZY8Mv3yWAtZVrlsiF7qO1tlXtgK8Z
FfVtw+o9nT6CkbN1UXRcPhESC6NwxmFV67GlAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUnc9oAeSeEC2eytfgEbcbP0rbzawwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9uYzlvQWVTZUVDMmV5dGZn
RWJjYlAwcmJ6YXcucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBAHxKyNsAMlTyNvxlxhf8dmYvj11wf9fg8ohT
dglswL5pbzeFSaAyaK4UVoLPUEBi0zeuV+usyLVvHh/yY10/CnGpd5mNn5FYTucb
U5JGlm++8rrTDkMaVG+vRoIoeTsKTvpEBSlXUdhjqVUWEx5qL/6wENABZ7II3D0f
XcN8ifJnPHUbICrphCiJTXwlH8lpQGhbgsfkWxMU0S4hCwuAYeC0mJitMPTxN+ce
74kkFWnzQ5w3SerpgouU7m4fGqos6wn6htZaGUzBRRTLMBZCL76HYQv8y5BnDTk/
2fJDKgqm6bq/8LahIRs4td2vkEbBIymx47mvWoLnKrQPUnLnDos=
-----END CERTIFICATE-----
Generated at Sun Jul 20 12:38:41 2025 by rpki-client