Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/3njSZ0eYOcjZUhEvzwKs76SvM5g.roa
File: 3njSZ0eYOcjZUhEvzwKs76SvM5g.roa (raw, json)
Hash identifier: Zmny+r7KNZUNcB6mgBrf4JxBGVN+PuF9T0HL1VIPwUU=
Subject key identifier: DE:78:D2:67:47:98:39:C8:D9:52:11:2F:CF:02:AC:EF:A4:AF:33:98
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0839
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/3njSZ0eYOcjZUhEvzwKs76SvM5g.roa
Signing time: Sun 18 May 2025 01:08:08 +0000
ROA not before: Sun 18 May 2025 01:08:08 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2105 (0x839)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 18 01:08:08 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=DE78D267479839C8D952112FCF02ACEFA4AF3398
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:35:1c:98:50:96:ed:28:cc:f4:64:87:32:38:
9d:7d:3f:3c:2e:0e:04:30:c7:c1:2d:6c:4d:f2:04:
cc:c1:85:01:8a:c6:bb:67:65:9f:e9:cc:53:06:3f:
64:de:9a:04:c7:37:7c:75:62:cf:f4:4f:03:ad:ca:
ce:42:5b:ff:b6:38:52:b5:99:88:72:85:2a:26:6e:
27:cc:5c:8d:f1:75:c0:67:93:fe:ab:d3:fb:ae:d4:
36:fe:db:4a:17:71:9a:1b:17:12:f9:f5:b5:41:7d:
25:d2:ae:40:c9:26:25:6e:c4:8e:4f:96:fb:ce:93:
66:34:87:91:17:38:d4:36:29:a3:8a:ba:eb:76:9c:
8b:86:59:6e:e2:d2:67:10:34:d4:27:cd:ca:aa:1a:
97:1d:42:b8:17:4a:60:d1:8d:03:e0:42:73:f0:38:
ad:49:a4:23:78:ca:d9:e6:f1:b5:d3:d5:d7:59:54:
e7:f7:07:ba:4a:d7:a8:33:6a:88:9f:91:f0:3b:36:
33:a1:82:69:39:36:7e:79:88:fa:e1:16:a8:c7:6f:
ff:4e:08:27:53:6f:50:52:20:06:f5:a5:53:4d:b0:
df:fb:03:1e:06:5b:98:46:5b:b9:f9:18:f4:22:5d:
bf:c1:0a:e1:dc:0a:e4:ba:71:1f:14:f8:e8:b4:ca:
55:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:78:D2:67:47:98:39:C8:D9:52:11:2F:CF:02:AC:EF:A4:AF:33:98
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/3njSZ0eYOcjZUhEvzwKs76SvM5g.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
3c:ea:75:d2:5b:07:72:f1:c7:1c:b3:dc:d4:ab:f2:dd:cd:90:
f9:dd:6e:6c:c0:b1:06:08:3b:3e:9b:da:2e:3c:e2:f9:b3:3d:
b5:9b:29:a0:0a:46:f2:0f:ff:27:28:f7:3d:85:72:fc:e2:e4:
24:c4:53:ce:82:51:99:18:4d:8b:cd:c7:02:55:0c:33:a4:ca:
60:28:80:1e:21:af:63:de:e7:92:ae:50:5f:62:99:0d:89:22:
d9:7d:b6:49:5f:7d:0c:46:79:7c:55:2d:90:1d:fd:6c:20:31:
fd:ae:33:4d:48:33:10:1d:cb:db:93:09:fe:3b:43:c3:23:ca:
ef:9a:f6:d8:19:d9:5f:b3:38:6f:19:9e:33:24:d1:ce:ef:fb:
d3:a7:80:c3:4a:80:c4:3f:a8:6a:97:70:25:60:5b:bb:d6:04:
64:05:52:34:ef:a9:da:12:b1:3a:96:fb:df:37:06:2c:be:56:
ef:76:57:f2:16:20:90:fa:eb:bc:e9:c1:84:0f:8b:79:42:e0:
01:ae:0b:8f:2c:15:2a:52:76:13:5c:78:dc:5e:dd:9d:d6:28:
6d:9a:22:37:39:be:3f:49:57:1b:c1:ae:8b:62:bb:c7:2d:4a:
a6:db:e8:43:a6:a2:d7:fb:26:b9:57:10:6c:d2:3e:8c:af:04:
8c:8b:c1:0d
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICCDkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTgw
MTA4MDhaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKERFNzhEMjY3NDc5ODM5
QzhEOTUyMTEyRkNGMDJBQ0VGQTRBRjMzOTgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDCNRyYUJbtKMz0ZIcyOJ19PzwuDgQwx8EtbE3yBMzBhQGKxrtn
ZZ/pzFMGP2TemgTHN3x1Ys/0TwOtys5CW/+2OFK1mYhyhSombifMXI3xdcBnk/6r
0/uu1Db+20oXcZobFxL59bVBfSXSrkDJJiVuxI5PlvvOk2Y0h5EXONQ2KaOKuut2
nIuGWW7i0mcQNNQnzcqqGpcdQrgXSmDRjQPgQnPwOK1JpCN4ytnm8bXT1ddZVOf3
B7pK16gzaoifkfA7NjOhgmk5Nn55iPrhFqjHb/9OCCdTb1BSIAb1pVNNsN/7Ax4G
W5hGW7n5GPQiXb/BCuHcCuS6cR8U+Oi0ylU/AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQU3njSZ0eYOcjZUhEvzwKs76SvM5gwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni8zbmpTWjBlWU9jalpVaEV2
endLczc2U3ZNNWcucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBADzqddJbB3Lxxxyz3NSr8t3NkPndbmzAsQYI
Oz6b2i484vmzPbWbKaAKRvIP/yco9z2Fcvzi5CTEU86CUZkYTYvNxwJVDDOkymAo
gB4hr2Pe55KuUF9imQ2JItl9tklffQxGeXxVLZAd/WwgMf2uM01IMxAdy9uTCf47
Q8Mjyu+a9tgZ2V+zOG8ZnjMk0c7v+9OngMNKgMQ/qGqXcCVgW7vWBGQFUjTvqdoS
sTqW+983Biy+Vu92V/IWIJD667zpwYQPi3lC4AGuC48sFSpSdhNceNxe3Z3WKG2a
Ijc5vj9JVxvBrotiu8ctSqbb6EOmotf7JrlXEGzSPoyvBIyLwQ0=
-----END CERTIFICATE-----
Generated at Sun Jun 22 02:24:34 2025 by rpki-client