Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/Cdscs4_KtQs5dCg_fWInFaygbsk.roa
File: Cdscs4_KtQs5dCg_fWInFaygbsk.roa (raw, json)
Hash identifier: FwQyUh2RtIXZbOt2QJpG1Uec5ZrkmZQxXndv0Dz/884=
Subject key identifier: 09:DB:1C:B3:8F:CA:B5:0B:39:74:28:3F:7D:62:27:15:AC:A0:6E:C9
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 1D1D
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/Cdscs4_KtQs5dCg_fWInFaygbsk.roa
Signing time: Sat 14 Jun 2025 21:41:07 +0000
ROA not before: Sat 14 Jun 2025 21:41:07 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7453 (0x1d1d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 14 21:41:07 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=09DB1CB38FCAB50B3974283F7D622715ACA06EC9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:57:49:ff:ce:da:ef:8d:ec:94:30:b8:27:19:
2f:83:9c:14:7c:71:c4:1c:45:67:bb:7a:86:83:34:
8b:4c:58:a7:7f:3e:ec:47:a6:a2:9a:bc:e1:e0:ad:
13:33:1f:b3:f2:67:9f:fa:ba:f5:4f:04:2c:61:8c:
d3:54:e4:8c:9f:bf:e2:41:e5:a2:6b:22:72:5b:32:
1d:a1:a4:1b:1b:75:8d:f0:df:92:8c:71:2c:0e:c3:
50:d6:f9:1c:54:05:06:9d:21:f0:65:56:2f:40:a1:
aa:53:c9:b4:58:ec:af:e7:e1:0f:70:37:b4:7d:60:
60:4c:34:8a:e6:7a:e5:05:29:fe:7a:a8:a1:16:1b:
75:3a:2b:c6:d0:89:14:58:13:00:a2:74:28:3e:18:
b9:ec:e5:6f:5a:2f:2a:67:38:b2:e6:87:e1:10:76:
e3:58:45:5e:e0:07:a1:9a:6c:9f:0a:ca:68:05:4c:
ea:62:c1:a5:e9:78:16:23:04:e5:bf:a0:d5:1c:9a:
a4:fe:41:8b:63:50:e5:92:b2:51:d5:78:2f:d7:1e:
83:05:4b:7e:d1:42:87:a5:a4:4c:fe:ef:f9:81:62:
f1:70:bd:46:ca:b9:8e:15:2c:d2:d6:60:62:ee:d3:
e9:0e:14:f7:03:42:14:47:33:5f:f2:85:6f:ee:92:
6d:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:DB:1C:B3:8F:CA:B5:0B:39:74:28:3F:7D:62:27:15:AC:A0:6E:C9
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/Cdscs4_KtQs5dCg_fWInFaygbsk.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
24:fe:0a:9d:72:72:3e:18:e2:08:71:05:c3:19:40:1b:da:db:
1d:d3:39:37:fd:ee:fd:11:ca:e0:aa:44:40:fd:66:ac:a9:c2:
1d:3e:8a:b4:03:41:22:13:5b:69:0d:cc:52:ac:e1:a6:6e:1a:
d8:77:06:54:7d:3b:09:35:4f:54:57:54:ba:e5:2c:ec:f6:c5:
bd:a0:16:00:10:34:82:aa:83:01:5d:fa:41:6d:47:cf:3a:bf:
50:ee:f5:dc:6b:6b:a2:02:e2:58:43:97:c0:39:ab:d1:fc:4b:
44:39:7d:2e:02:42:63:bf:97:63:0d:74:ce:a2:a1:90:7b:62:
06:84:26:4a:47:51:73:38:ea:71:88:68:44:cd:57:02:a3:fa:
74:d1:18:d3:03:9a:ff:33:12:0b:06:24:cb:a8:5c:b4:d7:c4:
4f:d2:bb:fa:78:64:e3:a8:9f:bf:4d:d6:da:53:34:84:b9:1d:
33:e8:46:b0:55:af:d7:c3:67:f0:e1:d5:79:b7:13:48:a9:b2:
d7:be:8e:cb:60:df:57:2f:a5:38:5a:92:01:15:75:34:20:37:
13:ba:cc:e8:91:5c:74:68:02:61:2f:91:a9:c8:db:32:40:be:
c4:f9:7c:1d:8d:e6:94:13:2a:1a:e6:b4:14:b7:07:fd:18:3f:
a0:70:b2:4c
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICHR0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MTQy
MTQxMDdaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDA5REIxQ0IzOEZDQUI1
MEIzOTc0MjgzRjdENjIyNzE1QUNBMDZFQzkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDqV0n/ztrvjeyUMLgnGS+DnBR8ccQcRWe7eoaDNItMWKd/PuxH
pqKavOHgrRMzH7PyZ5/6uvVPBCxhjNNU5Iyfv+JB5aJrInJbMh2hpBsbdY3w35KM
cSwOw1DW+RxUBQadIfBlVi9AoapTybRY7K/n4Q9wN7R9YGBMNIrmeuUFKf56qKEW
G3U6K8bQiRRYEwCidCg+GLns5W9aLypnOLLmh+EQduNYRV7gB6GabJ8KymgFTOpi
waXpeBYjBOW/oNUcmqT+QYtjUOWSslHVeC/XHoMFS37RQoelpEz+7/mBYvFwvUbK
uY4VLNLWYGLu0+kOFPcDQhRHM1/yhW/ukm3nAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUCdscs4/KtQs5dCg/fWInFaygbskwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9DZHNjczRfS3RRczVkQ2df
ZldJbkZheWdic2sucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBACT+Cp1ycj4Y4ghxBcMZQBva2x3TOTf97v0R
yuCqRED9Zqypwh0+irQDQSITW2kNzFKs4aZuGth3BlR9Owk1T1RXVLrlLOz2xb2g
FgAQNIKqgwFd+kFtR886v1Du9dxra6IC4lhDl8A5q9H8S0Q5fS4CQmO/l2MNdM6i
oZB7YgaEJkpHUXM46nGIaETNVwKj+nTRGNMDmv8zEgsGJMuoXLTXxE/Su/p4ZOOo
n79N1tpTNIS5HTPoRrBVr9fDZ/Dh1Xm3E0ipste+jstg31cvpThakgEVdTQgNxO6
zOiRXHRoAmEvkanI2zJAvsT5fB2N5pQTKhrmtBS3B/0YP6Bwskw=
-----END CERTIFICATE-----
Generated at Sat Jun 21 12:43:19 2025 by rpki-client