Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/OFohDAvOAbkEBclft72lVVn8PW0.roa
File: OFohDAvOAbkEBclft72lVVn8PW0.roa (raw, json)
Hash identifier: kIwQm17pACDAeH/P3Sq76KczPqHutI10/Angh/4CewM=
Subject key identifier: 38:5A:21:0C:0B:CE:01:B9:04:05:C9:5F:B7:BD:A5:55:59:FC:3D:6D
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 08C1
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/OFohDAvOAbkEBclft72lVVn8PW0.roa
Signing time: Sun 18 May 2025 18:08:54 +0000
ROA not before: Sun 18 May 2025 18:08:54 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2241 (0x8c1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 18 18:08:54 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=385A210C0BCE01B90405C95FB7BDA55559FC3D6D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:a0:7f:3a:f9:4a:17:30:8c:62:1b:9d:7d:6a:
30:66:e2:d1:ff:77:72:8d:76:12:ef:ad:c0:86:d7:
b2:72:da:f8:4c:47:d3:5d:1f:35:20:85:bf:d8:ef:
da:65:8c:fd:54:a7:d5:e9:f2:d9:8e:78:e9:c7:85:
2a:f1:56:92:b7:43:37:ba:9e:24:6c:01:3a:36:4f:
a4:e5:cd:8a:91:c7:1d:60:1a:03:ae:46:de:3b:a8:
6b:87:42:d8:5c:9e:71:00:55:73:2d:ca:03:62:c7:
02:3e:4b:ae:b3:4d:d8:b6:21:d5:fd:04:42:9f:90:
4c:a6:e8:80:88:2d:73:bd:58:ee:61:ea:33:ed:8c:
0c:e1:ad:dc:fe:e7:79:c7:f0:a7:01:02:17:9b:41:
90:6e:fd:e4:b6:4d:b0:59:b6:6d:05:f8:05:b0:c7:
b8:e5:c4:01:79:e8:49:4b:3c:50:5c:3f:29:7d:57:
56:b8:43:aa:4c:26:c1:70:75:2d:8b:e5:d2:29:6a:
d7:1c:f4:82:7c:e8:dc:6a:fc:cc:7b:7d:58:b0:80:
c3:27:36:56:f8:ea:de:dd:98:14:42:78:39:78:e0:
7c:a9:88:85:d3:fa:9f:92:d9:15:ba:fa:8c:c7:f2:
7f:1a:b1:b4:a4:c7:64:db:fd:ea:9f:88:5b:4b:6e:
ac:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:5A:21:0C:0B:CE:01:B9:04:05:C9:5F:B7:BD:A5:55:59:FC:3D:6D
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/OFohDAvOAbkEBclft72lVVn8PW0.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
74:9f:69:db:25:b1:3d:f5:d8:b7:46:c7:4e:51:b5:cf:6d:16:
31:3f:23:9b:c4:17:d5:65:ba:f2:c7:91:1b:41:79:41:7d:fa:
69:fd:cc:cd:02:1b:44:67:52:5e:40:dd:37:5d:74:16:59:e1:
fe:20:7e:93:49:c8:65:f3:aa:1c:b6:42:e2:61:ce:6c:66:52:
31:a7:b9:e3:df:3c:d2:da:4d:f7:c3:fe:13:8b:0b:21:07:3e:
74:70:d6:87:60:ab:c6:dc:78:a1:67:d8:2b:12:87:61:12:74:
99:7f:64:ac:c6:76:3e:3c:0b:48:f0:49:f8:7d:b3:ec:73:9a:
be:8f:09:c7:4a:d8:9f:37:79:9b:7d:a9:cc:08:a4:bd:65:95:
54:d2:5c:23:18:80:0c:42:aa:a6:4c:e7:19:b0:2e:e9:3c:a8:
c9:86:77:f8:bb:52:ff:cf:7e:d1:f8:dd:94:13:be:e8:5d:5a:
45:21:cc:3a:59:fe:ba:c8:de:e6:bc:b8:5b:68:4a:86:0f:83:
4f:92:81:c5:c4:6f:17:96:60:52:81:e4:49:d0:35:94:79:fb:
55:0f:3e:77:0f:f0:b6:bd:c1:09:36:ea:e3:83:c9:39:f9:8e:
0d:5a:77:4a:d8:da:99:c0:4c:bb:09:08:4c:3a:e1:dd:96:22:
48:80:b3:41
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICCMEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTgx
ODA4NTRaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDM4NUEyMTBDMEJDRTAx
QjkwNDA1Qzk1RkI3QkRBNTU1NTlGQzNENkQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDHoH86+UoXMIxiG519ajBm4tH/d3KNdhLvrcCG17Jy2vhMR9Nd
HzUghb/Y79pljP1Up9Xp8tmOeOnHhSrxVpK3Qze6niRsATo2T6TlzYqRxx1gGgOu
Rt47qGuHQthcnnEAVXMtygNixwI+S66zTdi2IdX9BEKfkEym6ICILXO9WO5h6jPt
jAzhrdz+53nH8KcBAhebQZBu/eS2TbBZtm0F+AWwx7jlxAF56ElLPFBcPyl9V1a4
Q6pMJsFwdS2L5dIpatcc9IJ86Nxq/Mx7fViwgMMnNlb46t7dmBRCeDl44HypiIXT
+p+S2RW6+ozH8n8asbSkx2Tb/eqfiFtLbqwPAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUOFohDAvOAbkEBclft72lVVn8PW0wHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9PRm9oREF2T0Fia0VCY2xm
dDcybFZWbjhQVzAucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBAHSfadslsT312LdGx05Rtc9tFjE/I5vEF9Vl
uvLHkRtBeUF9+mn9zM0CG0RnUl5A3TdddBZZ4f4gfpNJyGXzqhy2QuJhzmxmUjGn
uePfPNLaTffD/hOLCyEHPnRw1odgq8bceKFn2CsSh2ESdJl/ZKzGdj48C0jwSfh9
s+xzmr6PCcdK2J83eZt9qcwIpL1llVTSXCMYgAxCqqZM5xmwLuk8qMmGd/i7Uv/P
ftH43ZQTvuhdWkUhzDpZ/rrI3ua8uFtoSoYPg0+SgcXEbxeWYFKB5EnQNZR5+1UP
PncP8La9wQk26uODyTn5jg1ad0rY2pnATLsJCEw64d2WIkiAs0E=
-----END CERTIFICATE-----
Generated at Fri Jun 20 19:15:15 2025 by rpki-client