Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/DMAqv_gmezV0ZyQc2dSMikebUag.roa
File: DMAqv_gmezV0ZyQc2dSMikebUag.roa (raw, json)
Hash identifier: vcRYwSP/vGFY/LPAwCZh0lmnV71PaqW3a+XAg0lKtrg=
Subject key identifier: 0C:C0:2A:BF:F8:26:7B:35:74:67:24:1C:D9:D4:8C:8A:47:9B:51:A8
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 1609
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/DMAqv_gmezV0ZyQc2dSMikebUag.roa
Signing time: Thu 05 Jun 2025 11:09:22 +0000
ROA not before: Thu 05 Jun 2025 11:09:22 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5641 (0x1609)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 5 11:09:22 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=0CC02ABFF8267B357467241CD9D48C8A479B51A8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:17:6d:49:02:2b:48:28:e8:a5:3a:db:b4:18:
e5:1e:80:80:f0:ac:a8:78:aa:dc:ff:6c:39:37:60:
3c:0c:2f:ff:a2:02:56:34:97:e3:29:ba:37:be:24:
21:75:e8:5e:d0:27:db:81:2d:a4:6a:e8:2b:53:b0:
c0:ca:a1:9f:4b:88:a5:1a:8b:c9:21:46:cc:eb:19:
30:4f:36:8e:50:98:90:33:d3:d8:72:95:b0:1f:fd:
74:ac:e5:8b:1d:8a:ef:17:72:b1:5e:6e:37:b3:3a:
16:21:07:1c:c7:55:1c:b7:d4:da:5f:23:b4:7b:44:
49:4d:4f:6c:14:07:21:a2:a5:1f:2d:84:6b:9b:2e:
74:4a:e8:b3:e9:80:1b:61:72:35:6d:0c:04:98:17:
09:47:52:65:dc:f9:5b:f4:a0:3a:75:eb:a2:c8:66:
57:29:01:9e:6b:2f:cf:4e:5a:71:6f:0b:16:55:ea:
8f:5d:63:3e:0d:35:b0:fe:e4:88:4a:08:fe:8a:a9:
e0:7d:76:a6:01:d4:4d:7c:29:02:4a:14:f7:90:2e:
03:7c:8a:99:b2:a2:4c:9f:08:3c:2e:cb:fc:0f:b7:
c2:ca:dd:c3:30:c8:7f:21:f1:0a:18:01:0a:76:d2:
11:32:c0:81:79:15:d6:97:17:06:50:5e:37:2d:aa:
12:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:C0:2A:BF:F8:26:7B:35:74:67:24:1C:D9:D4:8C:8A:47:9B:51:A8
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/DMAqv_gmezV0ZyQc2dSMikebUag.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
63:9f:98:39:f5:05:cb:f4:26:e8:7c:6d:c5:03:cf:27:24:42:
17:cf:36:1d:e4:2f:d9:a6:2a:d2:c5:1d:c4:03:cd:12:40:22:
d9:79:b0:c5:87:94:f7:f1:f5:43:ee:e4:2e:c0:b4:89:98:97:
e2:f9:dd:ef:9c:7f:61:ac:4e:26:3c:66:25:43:72:61:e9:32:
23:a8:49:2a:19:f0:f4:3c:e6:e6:71:24:22:dd:16:29:3a:39:
06:3f:c7:63:4a:81:da:fb:4a:98:29:c1:a1:2e:49:ab:54:bc:
6a:66:80:6f:39:6a:26:d6:1c:21:a6:af:4a:05:d3:2f:65:20:
4b:5e:cc:f1:ee:01:5d:29:13:23:24:61:20:1e:2e:52:aa:40:
9c:50:4a:f6:e8:8a:5c:72:1b:ed:c3:18:04:bb:0b:51:83:72:
3f:f7:0a:e2:d3:a2:e4:e2:72:8d:04:e5:c9:ad:39:c4:a9:3a:
84:70:77:2f:13:08:23:98:b2:d0:21:5b:24:d5:f6:df:c7:19:
26:34:d7:47:52:a7:67:e4:c5:01:fe:fa:06:b3:09:7f:9c:d0:
4a:31:e5:50:ec:2b:29:f8:40:a1:b3:47:fa:85:1c:42:76:1a:
c5:5f:b2:a7:f0:c7:a0:5d:fd:e6:21:97:2f:70:d5:ba:e4:99:
5a:51:27:a5
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICFgkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MDUx
MTA5MjJaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDBDQzAyQUJGRjgyNjdC
MzU3NDY3MjQxQ0Q5RDQ4QzhBNDc5QjUxQTgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQClF21JAitIKOilOtu0GOUegIDwrKh4qtz/bDk3YDwML/+iAlY0
l+Mpuje+JCF16F7QJ9uBLaRq6CtTsMDKoZ9LiKUai8khRszrGTBPNo5QmJAz09hy
lbAf/XSs5Ysdiu8XcrFebjezOhYhBxzHVRy31NpfI7R7RElNT2wUByGipR8thGub
LnRK6LPpgBthcjVtDASYFwlHUmXc+Vv0oDp166LIZlcpAZ5rL89OWnFvCxZV6o9d
Yz4NNbD+5IhKCP6KqeB9dqYB1E18KQJKFPeQLgN8ipmyokyfCDwuy/wPt8LK3cMw
yH8h8QoYAQp20hEywIF5FdaXFwZQXjctqhI/AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUDMAqv/gmezV0ZyQc2dSMikebUagwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9ETUFxdl9nbWV6VjBaeVFj
MmRTTWlrZWJVYWcucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBAGOfmDn1Bcv0Juh8bcUDzyckQhfPNh3kL9mm
KtLFHcQDzRJAItl5sMWHlPfx9UPu5C7AtImYl+L53e+cf2GsTiY8ZiVDcmHpMiOo
SSoZ8PQ85uZxJCLdFik6OQY/x2NKgdr7SpgpwaEuSatUvGpmgG85aibWHCGmr0oF
0y9lIEtezPHuAV0pEyMkYSAeLlKqQJxQSvboilxyG+3DGAS7C1GDcj/3CuLTouTi
co0E5cmtOcSpOoRwdy8TCCOYstAhWyTV9t/HGSY010dSp2fkxQH++gazCX+c0Eox
5VDsKyn4QKGzR/qFHEJ2GsVfsqfwx6Bd/eYhly9w1brkmVpRJ6U=
-----END CERTIFICATE-----
Generated at Sun Jun 22 13:33:31 2025 by rpki-client