Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/xxNgcFmphh-Ram0k8sKLrFPRQ50.roa
File: xxNgcFmphh-Ram0k8sKLrFPRQ50.roa (raw, json)
Hash identifier: h8rTT6r+SgXNQjidKENyWe6HYslMDbvpwXj6JtgfHcE=
Subject key identifier: C7:13:60:70:59:A9:86:1F:91:6A:6D:24:F2:C2:8B:AC:53:D1:43:9D
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0E4D
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/xxNgcFmphh-Ram0k8sKLrFPRQ50.roa
Signing time: Mon 26 May 2025 03:38:39 +0000
ROA not before: Mon 26 May 2025 03:38:39 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3661 (0xe4d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 26 03:38:39 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=C713607059A9861F916A6D24F2C28BAC53D1439D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:a2:63:e3:6a:fc:af:e9:7b:a6:1e:ac:72:49:
4d:75:05:ea:6c:13:b5:8f:68:bc:94:de:48:dc:8f:
ac:7a:e8:93:26:eb:a3:9b:98:7a:71:bc:25:13:2b:
b5:96:03:64:3b:35:ff:52:18:29:e6:27:7d:b9:4d:
2c:e6:e2:f2:55:68:a4:f9:a5:9e:de:1e:a2:e5:e1:
9c:53:c4:b2:52:4c:4f:ae:4d:80:3e:c1:50:6e:f0:
05:8d:2b:63:b5:ac:51:79:a4:9e:55:38:8d:4c:0e:
c9:6d:35:ff:b9:c1:dc:9f:d0:18:f8:3e:3f:38:b2:
4d:e1:c3:79:ac:c3:29:03:f4:e3:55:2b:d5:33:57:
b7:3d:ff:4e:fa:90:17:6c:16:c3:f1:94:24:b0:58:
70:ab:e1:5c:55:8c:c4:cd:d9:4a:9b:01:fa:2c:6d:
38:e8:3f:4a:12:af:11:af:9f:8c:8c:88:af:52:38:
77:cc:aa:55:e2:6f:d9:83:b4:39:ce:4d:e1:93:c8:
87:86:1f:9b:44:0c:c4:c5:cc:6b:ec:2e:5b:9e:bf:
d1:4b:24:a5:8b:0c:b0:2b:29:56:37:bf:b2:57:68:
70:87:07:11:78:f4:14:3c:04:ca:53:53:08:97:d9:
44:9e:f1:78:e5:40:2a:72:ed:f2:d7:4b:a1:2d:4a:
d4:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:13:60:70:59:A9:86:1F:91:6A:6D:24:F2:C2:8B:AC:53:D1:43:9D
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/xxNgcFmphh-Ram0k8sKLrFPRQ50.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
1c:a3:e1:3b:c5:23:02:a8:6e:40:88:e3:46:8e:59:cb:0d:41:
f0:c3:5d:e6:f8:b1:e4:7d:4b:50:58:04:5b:1c:7d:49:40:fb:
13:1e:1a:c9:00:d4:13:02:e9:fe:a2:7d:52:32:d4:a7:35:ab:
5a:13:c7:69:f0:4f:34:7f:fe:fe:e7:81:ec:78:eb:a9:c2:bb:
7d:0b:5b:d8:41:16:58:af:83:f1:f9:d2:64:04:48:1b:80:4e:
1b:25:92:5c:3a:f6:da:28:6b:45:5a:36:23:23:cf:a4:d5:e0:
24:2d:04:91:3b:4e:e5:dc:c2:5b:f3:43:14:b7:69:89:ef:7d:
6f:61:9a:c3:86:24:fa:ad:1e:29:07:a9:e1:36:28:13:e4:c9:
68:b9:3d:00:e3:f1:e2:58:74:e5:61:68:fa:18:89:dd:8e:a2:
58:ee:72:29:c0:ab:46:b2:d6:bd:6e:8f:43:92:b3:1f:b2:41:
b2:0d:e8:c0:5a:9a:0e:e8:28:cc:cd:79:8b:74:92:9e:48:9a:
bb:13:81:8d:bb:0a:97:ce:40:b5:a9:c4:53:d5:f6:e3:b9:da:
92:3c:38:57:ce:4c:6b:a2:ec:bf:2a:dd:7b:b7:e1:43:66:5e:
9c:a3:b5:d3:48:74:77:e7:6b:dc:0b:81:82:6a:5e:b6:5b:44:
e1:77:4e:50
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICDk0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MjYw
MzM4MzlaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEM3MTM2MDcwNTlBOTg2
MUY5MTZBNkQyNEYyQzI4QkFDNTNEMTQzOUQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDGomPjavyv6XumHqxySU11BepsE7WPaLyU3kjcj6x66JMm66Ob
mHpxvCUTK7WWA2Q7Nf9SGCnmJ325TSzm4vJVaKT5pZ7eHqLl4ZxTxLJSTE+uTYA+
wVBu8AWNK2O1rFF5pJ5VOI1MDsltNf+5wdyf0Bj4Pj84sk3hw3mswykD9ONVK9Uz
V7c9/076kBdsFsPxlCSwWHCr4VxVjMTN2UqbAfosbTjoP0oSrxGvn4yMiK9SOHfM
qlXib9mDtDnOTeGTyIeGH5tEDMTFzGvsLluev9FLJKWLDLArKVY3v7JXaHCHBxF4
9BQ8BMpTUwiX2USe8XjlQCpy7fLXS6EtStTRAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUxxNgcFmphh+Ram0k8sKLrFPRQ50wHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni94eE5nY0ZtcGhoLVJhbTBr
OHNLTHJGUFJRNTAucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBAByj4TvFIwKobkCI40aOWcsNQfDDXeb4seR9
S1BYBFscfUlA+xMeGskA1BMC6f6ifVIy1Kc1q1oTx2nwTzR//v7ngex466nCu30L
W9hBFlivg/H50mQESBuAThslklw69tooa0VaNiMjz6TV4CQtBJE7TuXcwlvzQxS3
aYnvfW9hmsOGJPqtHikHqeE2KBPkyWi5PQDj8eJYdOVhaPoYid2OoljucinAq0ay
1r1uj0OSsx+yQbIN6MBamg7oKMzNeYt0kp5ImrsTgY27CpfOQLWpxFPV9uO52pI8
OFfOTGui7L8q3Xu34UNmXpyjtdNIdHfna9wLgYJqXrZbROF3TlA=
-----END CERTIFICATE-----
Generated at Wed Jun 4 01:17:51 2025 by rpki-client