Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/Nac2U8w9-JkxdjzZv8OJhfy7aBQ.roa
File: Nac2U8w9-JkxdjzZv8OJhfy7aBQ.roa (raw, json)
Hash identifier: C+u+n4NsiTDmJrgVHMbNrjGleCenaHS2PlcGG7RW1f4=
Subject key identifier: 35:A7:36:53:CC:3D:F8:99:31:76:3C:D9:BF:C3:89:85:FC:BB:68:14
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 04AD
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/Nac2U8w9-JkxdjzZv8OJhfy7aBQ.roa
Signing time: Tue 13 May 2025 07:37:57 +0000
ROA not before: Tue 13 May 2025 07:37:57 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1197 (0x4ad)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 13 07:37:57 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=35A73653CC3DF89931763CD9BFC38985FCBB6814
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:3e:a7:ee:9d:80:f7:19:00:ec:e8:9d:a7:e8:
42:d7:ec:a4:5e:72:55:57:81:36:92:b0:54:c7:49:
73:74:d4:0e:5b:d0:41:07:2a:37:98:f8:83:bd:b5:
10:e6:cb:78:78:fa:32:89:db:04:0f:d1:b5:cf:77:
f6:ee:1a:f5:57:1f:1e:3b:03:63:9e:50:8b:e1:e5:
31:9b:47:a0:3a:17:d8:83:4e:dd:c3:bc:38:c5:6f:
48:b2:ed:17:e2:7d:fc:0f:b9:79:9b:d2:94:0c:ef:
de:97:35:01:b6:5a:df:12:55:6f:28:1e:bd:1e:5c:
72:a8:93:04:66:61:f7:40:6b:13:41:fe:9a:f2:ab:
b0:e3:a3:30:04:67:e4:b7:99:37:fd:00:4e:80:34:
cd:f4:d0:e9:7e:09:4f:4d:ca:05:44:94:b0:66:fa:
f3:7f:d9:7a:58:0c:9e:eb:21:48:a8:92:0a:cf:78:
d9:73:5a:b9:e8:a9:41:00:ed:38:7c:fa:97:a4:01:
e8:97:89:89:c5:04:29:fb:e3:71:62:4f:7c:be:64:
0d:f4:f3:7c:94:c7:5a:c6:2a:99:f8:d6:37:2d:48:
2f:fd:78:7f:4d:63:55:25:08:62:ce:82:60:a5:c0:
dd:fc:52:68:07:c8:ad:bf:1a:55:df:28:c8:43:3e:
31:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:A7:36:53:CC:3D:F8:99:31:76:3C:D9:BF:C3:89:85:FC:BB:68:14
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/Nac2U8w9-JkxdjzZv8OJhfy7aBQ.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
55:56:9e:17:34:15:dc:d5:79:13:de:3b:a8:58:d7:d8:a8:81:
9b:f0:54:24:47:a2:f0:0a:39:71:0d:c0:4d:f3:b4:61:e4:17:
b2:04:12:84:ce:e0:ad:93:b5:86:99:f7:ab:82:d0:53:73:52:
35:1b:03:2f:ab:fb:e0:75:67:37:7a:64:ce:3d:66:7f:62:89:
33:fc:dd:01:87:c2:55:ee:c0:33:45:e4:e9:09:f0:ff:30:dc:
fa:50:4a:fe:4c:69:17:ea:f3:b9:92:a7:b6:0c:41:22:e0:64:
82:27:43:e2:91:a4:01:c7:97:1e:97:aa:bc:46:50:74:b9:01:
3d:13:1d:c9:e4:2e:7b:b5:0a:73:c9:48:2b:75:0d:54:cf:a6:
2f:bb:22:d1:2e:22:ac:08:d0:31:a1:ef:47:8f:79:03:7d:5d:
7a:7b:89:9b:af:e8:88:d9:dc:fa:7f:b2:68:1b:40:80:96:7f:
2a:2d:cf:67:09:b3:03:ad:99:27:03:cd:5d:76:77:ea:99:c8:
ab:a4:ea:d9:d5:f9:e1:3d:c9:de:cb:99:61:96:0f:63:bf:47:
1f:2a:65:7c:e5:7b:f2:f0:9e:33:06:61:e2:2f:75:c6:a2:32:
98:ae:69:8e:5c:3d:ed:27:5c:26:3b:23:84:62:f6:33:57:55:
37:22:bf:32
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICBK0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTMw
NzM3NTdaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDM1QTczNjUzQ0MzREY4
OTkzMTc2M0NEOUJGQzM4OTg1RkNCQjY4MTQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCZPqfunYD3GQDs6J2n6ELX7KReclVXgTaSsFTHSXN01A5b0EEH
KjeY+IO9tRDmy3h4+jKJ2wQP0bXPd/buGvVXHx47A2OeUIvh5TGbR6A6F9iDTt3D
vDjFb0iy7RfiffwPuXmb0pQM796XNQG2Wt8SVW8oHr0eXHKokwRmYfdAaxNB/pry
q7DjozAEZ+S3mTf9AE6ANM300Ol+CU9NygVElLBm+vN/2XpYDJ7rIUiokgrPeNlz
WrnoqUEA7Th8+pekAeiXiYnFBCn743FiT3y+ZA3083yUx1rGKpn41jctSC/9eH9N
Y1UlCGLOgmClwN38UmgHyK2/GlXfKMhDPjG3AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUNac2U8w9+JkxdjzZv8OJhfy7aBQwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9OYWMyVTh3OS1Ka3hkanpa
djhPSmhmeTdhQlEucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBAFVWnhc0FdzVeRPeO6hY19iogZvwVCRHovAK
OXENwE3ztGHkF7IEEoTO4K2TtYaZ96uC0FNzUjUbAy+r++B1Zzd6ZM49Zn9iiTP8
3QGHwlXuwDNF5OkJ8P8w3PpQSv5MaRfq87mSp7YMQSLgZIInQ+KRpAHHlx6XqrxG
UHS5AT0THcnkLnu1CnPJSCt1DVTPpi+7ItEuIqwI0DGh70ePeQN9XXp7iZuv6IjZ
3Pp/smgbQICWfyotz2cJswOtmScDzV12d+qZyKuk6tnV+eE9yd7LmWGWD2O/Rx8q
ZXzle/LwnjMGYeIvdcaiMpiuaY5cPe0nXCY7I4Ri9jNXVTcivzI=
-----END CERTIFICATE-----
Generated at Sun Jun 22 02:08:00 2025 by rpki-client