Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1663/6h4mbWxcg-u1pvpIBnUMQZbQ72E.roa
File: 6h4mbWxcg-u1pvpIBnUMQZbQ72E.roa (raw, json)
Hash identifier: PIQMiT6fwQI6urOBmV/eOgbIkQnTAvKJua3whJvZqfU=
Subject key identifier: EA:1E:26:6D:6C:5C:83:EB:B5:A6:FA:48:06:75:0C:41:96:D0:EF:61
Certificate issuer: /CN=8AE4CF78B49DF0B2C1D29D32E48A943AE4F41ACC
Certificate serial: 467A
Authority key identifier: 8A:E4:CF:78:B4:9D:F0:B2:C1:D2:9D:32:E4:8A:94:3A:E4:F4:1A:CC
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1663/6h4mbWxcg-u1pvpIBnUMQZbQ72E.roa
Signing time: Sun 24 Aug 2025 03:32:42 +0000
ROA not before: Sun 24 Aug 2025 03:32:42 +0000
ROA not after: Mon 03 Aug 2026 08:44:40 +0000
asID: 63612
IP address blocks: 103.45.128.0/19 maxlen: 19
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18042 (0x467a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8AE4CF78B49DF0B2C1D29D32E48A943AE4F41ACC
Validity
Not Before: Aug 24 03:32:42 2025 GMT
Not After : Aug 3 08:44:40 2026 GMT
Subject: CN=EA1E266D6C5C83EBB5A6FA4806750C4196D0EF61
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:09:5d:cb:91:ae:5b:c5:f4:3d:9c:8e:c9:a8:
06:5f:eb:41:0e:04:99:63:66:4f:ec:a3:e6:be:b5:
98:28:22:b6:44:5f:35:41:4f:03:89:f0:59:0d:d6:
03:87:9c:e7:54:c3:93:7e:61:60:76:87:79:ff:3b:
cb:de:21:b0:88:e5:a7:6a:b4:e0:31:17:82:f7:7d:
f1:98:85:66:83:20:62:d8:ed:a1:fc:af:9d:29:6f:
1b:6b:db:14:93:77:b9:f8:27:15:a0:8f:af:5f:aa:
06:d6:84:d1:ff:ae:af:62:03:d6:2f:68:11:2d:79:
99:ea:50:9b:b8:53:a0:0d:4d:4a:13:82:01:fe:82:
cf:f5:21:fe:6b:1f:e8:c8:a4:77:37:0d:4e:3e:72:
f8:3a:95:cb:ea:d0:cc:9b:ec:76:bf:33:ba:b5:ff:
e6:db:07:c3:e8:3f:ad:cc:ee:7a:ca:f7:f9:c8:16:
f5:f1:b5:c6:56:3d:e3:68:04:5a:e8:ac:5f:4e:c8:
ba:82:68:63:12:4a:c4:8d:ea:49:42:33:32:2e:6b:
0b:79:ca:46:61:3d:a6:fe:07:a3:2b:0d:ce:55:67:
6a:16:fe:d1:d4:94:ef:08:44:9c:de:94:f1:d6:44:
01:fa:00:14:da:28:11:d0:25:b6:57:1e:d1:b2:e0:
ca:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:1E:26:6D:6C:5C:83:EB:B5:A6:FA:48:06:75:0C:41:96:D0:EF:61
X509v3 Authority Key Identifier:
keyid:8A:E4:CF:78:B4:9D:F0:B2:C1:D2:9D:32:E4:8A:94:3A:E4:F4:1A:CC
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1663/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1663/6h4mbWxcg-u1pvpIBnUMQZbQ72E.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.45.128.0/19
Signature Algorithm: sha256WithRSAEncryption
57:df:b8:e0:8d:cc:85:88:b8:73:ae:d3:5c:e4:35:5a:43:b5:
29:86:ad:92:3f:18:21:47:db:f6:15:56:41:2d:e0:f1:d8:e9:
eb:ca:50:f2:7a:92:f3:8a:c3:c7:d9:89:fb:cd:3f:5d:3c:54:
50:a5:a6:f2:71:4c:2e:47:35:d4:d8:59:0e:36:f9:63:64:7c:
1e:9f:9d:c7:2e:86:9b:87:49:c1:4a:50:1e:33:93:7e:4e:24:
b2:cf:85:40:b9:f5:35:32:1d:95:04:d0:68:26:8c:79:0d:fd:
e2:8f:4e:34:5e:29:10:af:44:d5:e6:1d:e4:35:fc:29:df:07:
9a:6e:58:fc:70:39:55:86:b3:3a:f0:a8:33:20:ea:bc:3a:e0:
69:75:ff:3c:77:36:ac:9b:77:84:c3:6f:18:b0:25:1e:4b:da:
ba:70:c1:77:d4:d9:e3:38:6b:f7:c8:22:3e:95:71:80:f6:ad:
e5:3d:78:74:d8:31:f9:c9:42:d8:02:40:e3:1e:1c:f8:dd:05:
9c:cc:80:a7:ea:10:6c:0e:95:a3:d5:fc:11:2e:98:c3:55:8b:
55:28:57:f5:e2:5a:02:73:61:5d:be:89:d2:59:00:36:18:9b:
6f:4e:3e:e8:71:33:76:17:70:2e:b4:f4:97:cc:33:fc:ab:e3:
8b:2f:1a:97
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICRnowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOEFF
NENGNzhCNDlERjBCMkMxRDI5RDMyRTQ4QTk0M0FFNEY0MUFDQzAeFw0yNTA4MjQw
MzMyNDJaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKEVBMUUyNjZENkM1Qzgz
RUJCNUE2RkE0ODA2NzUwQzQxOTZEMEVGNjEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCqCV3Lka5bxfQ9nI7JqAZf60EOBJljZk/so+a+tZgoIrZEXzVB
TwOJ8FkN1gOHnOdUw5N+YWB2h3n/O8veIbCI5adqtOAxF4L3ffGYhWaDIGLY7aH8
r50pbxtr2xSTd7n4JxWgj69fqgbWhNH/rq9iA9YvaBEteZnqUJu4U6ANTUoTggH+
gs/1If5rH+jIpHc3DU4+cvg6lcvq0Myb7Ha/M7q1/+bbB8PoP63M7nrK9/nIFvXx
tcZWPeNoBFrorF9OyLqCaGMSSsSN6klCMzIuawt5ykZhPab+B6MrDc5VZ2oW/tHU
lO8IRJzelPHWRAH6ABTaKBHQJbZXHtGy4MrNAgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQU6h4mbWxcg+u1pvpIBnUMQZbQ72EwHwYDVR0jBBgwFoAUiuTPeLSd8LLB0p0y
5IqUOuT0GswwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTY2
My9pdVRQZUxTZDhMTEIwcDB5NUlxVU91VDBHc3cuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL2l1VFBlTFNkOExMQjBwMHk1SXFVT3VUMEdzdy5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzE2NjMvNmg0bWJXeGNnLXUx
cHZwSUJuVU1RWmJRNzJFLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEBWctgDANBgkqhkiG9w0BAQsFAAOCAQEAV9+44I3MhYi4c67TXOQ1WkO1KYat
kj8YIUfb9hVWQS3g8djp68pQ8nqS84rDx9mJ+80/XTxUUKWm8nFMLkc11NhZDjb5
Y2R8Hp+dxy6Gm4dJwUpQHjOTfk4kss+FQLn1NTIdlQTQaCaMeQ394o9ONF4pEK9E
1eYd5DX8Kd8Hmm5Y/HA5VYazOvCoMyDqvDrgaXX/PHc2rJt3hMNvGLAlHkvaunDB
d9TZ4zhr98giPpVxgPat5T14dNgx+clC2AJA4x4c+N0FnMyAp+oQbA6Vo9X8ES6Y
w1WLVShX9eJaAnNhXb6J0lkANhibb04+6HEzdhdwLrT0l8wz/Kvjiy8alw==
-----END CERTIFICATE-----
Generated at Sun Aug 24 11:43:57 2025 by rpki-client