Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/naPUcksrZoN6DYueuXNaVQ6dvss.roa
File: naPUcksrZoN6DYueuXNaVQ6dvss.roa (raw, json)
Hash identifier: wKmjSivzGjbN4EJXhX8LNONTPEwnmZIn0kgd6M1iNyA=
Subject key identifier: 9D:A3:D4:72:4B:2B:66:83:7A:0D:8B:9E:B9:73:5A:55:0E:9D:BE:CB
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0BFD
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/naPUcksrZoN6DYueuXNaVQ6dvss.roa
Signing time: Fri 23 May 2025 01:38:43 +0000
ROA not before: Fri 23 May 2025 01:38:43 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3069 (0xbfd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 23 01:38:43 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=9DA3D4724B2B66837A0D8B9EB9735A550E9DBECB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:6f:ed:c8:10:b4:95:5d:54:34:75:11:99:64:
52:82:6b:cb:28:5e:f8:53:d1:c6:3b:88:fd:8c:8d:
77:85:b2:10:b4:40:00:a3:5b:58:60:61:63:d6:d9:
c3:0e:dc:86:98:27:aa:cc:42:36:12:cc:e5:68:cd:
32:3d:7b:92:cb:c3:86:13:16:32:dc:da:06:56:7c:
37:d5:0e:1d:a4:48:f4:84:cd:45:ec:aa:f0:dd:43:
02:b0:ad:ff:9a:24:f0:23:28:0c:a4:a7:8c:69:79:
ce:36:86:9f:b5:d3:c2:b6:01:11:c1:de:c0:29:ba:
6c:cc:6b:42:cc:51:d5:e9:71:02:21:db:e5:48:67:
05:3d:23:11:61:11:5c:16:fc:c7:d5:9d:c8:1f:62:
23:47:89:9e:d2:17:f8:d5:a0:cc:73:e5:34:dc:85:
f8:66:75:e5:dd:6a:f6:c2:46:80:91:ee:a1:3d:05:
ca:68:df:0f:c4:5f:75:ef:ac:92:0c:01:ca:b2:b8:
a1:c5:18:a4:55:1a:b0:db:79:f7:b0:63:14:5d:63:
ae:fb:a0:6f:76:7a:d0:a4:38:60:e4:e8:01:b7:41:
b6:80:32:7e:32:b8:74:08:dd:85:33:b2:45:bb:80:
82:fa:dd:79:87:1a:3f:53:73:d7:a5:e0:89:9c:f1:
19:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:A3:D4:72:4B:2B:66:83:7A:0D:8B:9E:B9:73:5A:55:0E:9D:BE:CB
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/naPUcksrZoN6DYueuXNaVQ6dvss.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
64:c9:f2:3a:3b:ee:e8:c4:c0:0e:c9:b7:46:7f:05:ad:75:43:
54:78:7d:d1:d9:48:5d:71:b8:d9:41:a3:a0:f0:f9:9e:83:2c:
8c:44:ea:c6:ac:13:56:0d:a6:64:6d:0c:6b:45:73:16:50:a5:
19:cc:f4:62:bf:75:98:e5:20:f2:ff:69:4d:17:48:df:4b:b1:
23:8e:b2:f2:32:f1:f6:aa:03:04:2f:4d:49:55:4c:3b:52:38:
ca:a7:7e:c2:4e:b5:a4:86:7b:ca:f5:76:66:55:48:e5:5b:b7:
cc:86:8d:d4:b1:46:66:6e:39:9d:0f:78:ad:cd:ed:25:d7:d0:
47:77:57:c9:1e:e1:24:d4:aa:a9:e5:9b:5e:07:0c:41:7d:dc:
8f:27:5d:d7:9f:c3:44:1f:7c:0a:63:20:e8:34:e9:48:e2:66:
67:89:9c:d7:2b:ac:b9:f4:de:a5:10:d6:4f:1f:e5:df:7a:65:
e0:84:9e:08:14:5d:45:5f:c6:1f:1f:2e:e3:81:d3:b2:8c:81:
33:ba:54:4b:61:72:df:33:ec:13:b3:ac:55:ea:89:c0:f3:9b:
34:57:f5:76:80:e6:23:f4:87:95:13:1a:11:65:d7:84:ea:c4:
8f:ec:7a:0d:1f:e7:80:84:e7:17:92:5a:2b:e0:93:9f:d1:8b:
8a:21:95:52
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICC/0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MjMw
MTM4NDNaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDlEQTNENDcyNEIyQjY2
ODM3QTBEOEI5RUI5NzM1QTU1MEU5REJFQ0IwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDkb+3IELSVXVQ0dRGZZFKCa8soXvhT0cY7iP2MjXeFshC0QACj
W1hgYWPW2cMO3IaYJ6rMQjYSzOVozTI9e5LLw4YTFjLc2gZWfDfVDh2kSPSEzUXs
qvDdQwKwrf+aJPAjKAykp4xpec42hp+108K2ARHB3sApumzMa0LMUdXpcQIh2+VI
ZwU9IxFhEVwW/MfVncgfYiNHiZ7SF/jVoMxz5TTchfhmdeXdavbCRoCR7qE9Bcpo
3w/EX3XvrJIMAcqyuKHFGKRVGrDbefewYxRdY677oG92etCkOGDk6AG3QbaAMn4y
uHQI3YUzskW7gIL63XmHGj9Tc9el4Imc8Rl7AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUnaPUcksrZoN6DYueuXNaVQ6dvsswHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9uYVBVY2tzclpvTjZEWXVl
dVhOYVZRNmR2c3Mucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBAGTJ8jo77ujEwA7Jt0Z/Ba11Q1R4fdHZSF1x
uNlBo6Dw+Z6DLIxE6sasE1YNpmRtDGtFcxZQpRnM9GK/dZjlIPL/aU0XSN9LsSOO
svIy8faqAwQvTUlVTDtSOMqnfsJOtaSGe8r1dmZVSOVbt8yGjdSxRmZuOZ0PeK3N
7SXX0Ed3V8ke4STUqqnlm14HDEF93I8nXdefw0QffApjIOg06UjiZmeJnNcrrLn0
3qUQ1k8f5d96ZeCEnggUXUVfxh8fLuOB07KMgTO6VEthct8z7BOzrFXqicDzmzRX
9XaA5iP0h5UTGhFl14TqxI/seg0f54CE5xeSWivgk5/Ri4ohlVI=
-----END CERTIFICATE-----
Generated at Sat Jun 21 18:31:13 2025 by rpki-client