Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/Oujk2b2J6S7MXkKjXm4p4rRECiM.roa
File: Oujk2b2J6S7MXkKjXm4p4rRECiM.roa (raw, json)
Hash identifier: xH9ITAYT1QKsbOP9rZjmCfb1Ch7ZJE6EMhN/uWqeb2Y=
Subject key identifier: 3A:E8:E4:D9:BD:89:E9:2E:CC:5E:42:A3:5E:6E:29:E2:B4:44:0A:23
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0441
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/Oujk2b2J6S7MXkKjXm4p4rRECiM.roa
Signing time: Mon 12 May 2025 18:07:56 +0000
ROA not before: Mon 12 May 2025 18:07:56 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1089 (0x441)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 12 18:07:56 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=3AE8E4D9BD89E92ECC5E42A35E6E29E2B4440A23
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:39:2f:fc:1c:11:66:4d:54:a6:9a:03:29:b9:
25:44:a8:5b:c2:a4:ba:25:bd:66:91:f6:e2:b8:10:
a4:9b:86:f1:f9:c0:83:92:c6:32:ce:05:f2:56:eb:
5b:46:08:3f:f3:9e:5a:fa:8e:b2:9a:40:84:4c:c7:
92:99:78:57:ec:5a:34:83:83:0a:16:9d:90:97:43:
27:b6:e4:ac:ec:21:3e:07:1f:a5:d7:ac:9e:3b:91:
cc:41:67:d0:93:8a:b1:32:ee:60:73:0a:da:c0:18:
60:43:9f:fc:ac:61:b9:83:88:5b:70:13:02:18:c3:
cc:54:b8:90:37:50:30:e5:80:97:9b:0e:03:ae:85:
e9:97:34:d7:8d:10:3c:d4:be:4b:72:ac:32:88:15:
09:cd:6b:b5:02:90:b3:bc:f1:fd:58:a1:14:74:b3:
67:06:20:6c:72:c7:24:5e:74:40:15:9b:cd:24:e5:
ca:de:b9:18:be:ae:58:0f:be:04:5e:13:43:17:4f:
1d:99:1b:06:9b:91:b3:3d:c7:6b:98:33:66:3c:cc:
6c:90:a3:02:d0:72:e2:0a:4a:60:e1:dc:a4:30:93:
a3:1a:9f:f1:46:52:e6:7f:1c:3a:2f:1f:86:89:bf:
b4:0d:25:d4:c7:31:8c:f5:55:0a:62:31:ce:77:ae:
39:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:E8:E4:D9:BD:89:E9:2E:CC:5E:42:A3:5E:6E:29:E2:B4:44:0A:23
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/Oujk2b2J6S7MXkKjXm4p4rRECiM.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
72:23:d5:9b:88:5c:34:bc:8c:f5:d0:d5:f0:7a:fd:88:02:d3:
88:9b:ff:34:30:90:6b:b1:84:27:10:03:3b:4c:32:a2:73:a6:
b7:9f:0c:3d:86:92:38:2b:76:bb:23:47:85:6a:5e:78:48:47:
9f:95:b4:7e:94:b4:fe:02:88:e0:ab:78:b5:bb:25:27:84:3b:
6f:0b:91:51:3b:f5:93:c6:a0:2b:18:63:8c:ce:d3:c7:fe:53:
8b:13:fe:38:97:43:25:49:39:25:52:ea:13:a7:ed:5c:3e:4c:
d3:c4:f9:fe:b3:41:5d:52:f7:3b:ed:1c:a2:6e:56:93:52:d7:
28:ee:de:3e:4a:6c:b1:3a:dc:bf:78:23:87:dc:17:2a:67:6e:
55:f8:d4:f5:01:74:6b:2e:d7:b6:1f:3a:1b:f2:fa:ea:e8:12:
c5:cf:68:14:fa:6e:20:40:c9:96:db:a7:ac:f4:b7:1d:d3:61:
24:e7:1d:b6:ef:27:3a:9d:34:0a:36:d5:b5:8f:cb:ab:5c:2e:
45:1e:4e:d5:81:3e:af:84:60:8b:bf:8f:d6:7e:fb:4f:70:ae:
50:db:84:e2:da:9f:53:a3:c1:f3:29:dc:8b:aa:6c:fd:77:6b:
b7:5a:57:81:72:80:d7:62:ca:da:74:81:27:df:7c:7d:ad:39:
a1:8a:f8:4d
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICBEEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTIx
ODA3NTZaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDNBRThFNEQ5QkQ4OUU5
MkVDQzVFNDJBMzVFNkUyOUUyQjQ0NDBBMjMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCpOS/8HBFmTVSmmgMpuSVEqFvCpLolvWaR9uK4EKSbhvH5wIOS
xjLOBfJW61tGCD/znlr6jrKaQIRMx5KZeFfsWjSDgwoWnZCXQye25KzsIT4HH6XX
rJ47kcxBZ9CTirEy7mBzCtrAGGBDn/ysYbmDiFtwEwIYw8xUuJA3UDDlgJebDgOu
hemXNNeNEDzUvktyrDKIFQnNa7UCkLO88f1YoRR0s2cGIGxyxyRedEAVm80k5cre
uRi+rlgPvgReE0MXTx2ZGwabkbM9x2uYM2Y8zGyQowLQcuIKSmDh3KQwk6Man/FG
UuZ/HDovH4aJv7QNJdTHMYz1VQpiMc53rjn5AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUOujk2b2J6S7MXkKjXm4p4rRECiMwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9PdWprMmIySjZTN01Ya0tq
WG00cDRyUkVDaU0ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBAHIj1ZuIXDS8jPXQ1fB6/YgC04ib/zQwkGux
hCcQAztMMqJzprefDD2GkjgrdrsjR4VqXnhIR5+VtH6UtP4CiOCreLW7JSeEO28L
kVE79ZPGoCsYY4zO08f+U4sT/jiXQyVJOSVS6hOn7Vw+TNPE+f6zQV1S9zvtHKJu
VpNS1yju3j5KbLE63L94I4fcFypnblX41PUBdGsu17YfOhvy+uroEsXPaBT6biBA
yZbbp6z0tx3TYSTnHbbvJzqdNAo21bWPy6tcLkUeTtWBPq+EYIu/j9Z++09wrlDb
hOLan1OjwfMp3IuqbP13a7daV4FygNdiytp0gSfffH2tOaGK+E0=
-----END CERTIFICATE-----
Generated at Sat Jun 21 21:36:29 2025 by rpki-client