Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1663/6srBkRMxmXHEtFz_2rvPueLDD-E.roa
File: 6srBkRMxmXHEtFz_2rvPueLDD-E.roa (raw, json)
Hash identifier: WZwZ14bXC63VEgxliOoR7oPxsbOMaZjH5wu/d11wwEY=
Subject key identifier: EA:CA:C1:91:13:31:99:71:C4:B4:5C:FF:DA:BB:CF:B9:E2:C3:0F:E1
Certificate issuer: /CN=8AE4CF78B49DF0B2C1D29D32E48A943AE4F41ACC
Certificate serial: 460C
Authority key identifier: 8A:E4:CF:78:B4:9D:F0:B2:C1:D2:9D:32:E4:8A:94:3A:E4:F4:1A:CC
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1663/6srBkRMxmXHEtFz_2rvPueLDD-E.roa
Signing time: Sat 23 Aug 2025 18:32:36 +0000
ROA not before: Sat 23 Aug 2025 18:32:36 +0000
ROA not after: Mon 03 Aug 2026 08:44:40 +0000
asID: 134762
IP address blocks: 43.226.49.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17932 (0x460c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8AE4CF78B49DF0B2C1D29D32E48A943AE4F41ACC
Validity
Not Before: Aug 23 18:32:36 2025 GMT
Not After : Aug 3 08:44:40 2026 GMT
Subject: CN=EACAC19113319971C4B45CFFDABBCFB9E2C30FE1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:35:43:61:5d:0b:c4:3b:d7:80:ea:be:e4:67:
dd:18:90:ad:5d:a2:5c:cf:e4:a1:61:d4:28:6c:d5:
5a:a2:47:8b:72:e4:16:7f:00:5f:d2:c7:9d:9c:bd:
fa:e7:ef:e9:6c:c1:2d:c5:6b:00:34:1c:12:b0:65:
05:01:6b:33:f7:7e:a5:77:8a:72:5c:b3:ba:c2:8b:
ac:e0:81:ca:51:c7:a0:89:38:96:a6:ca:26:b0:8a:
7a:a7:87:64:07:ed:51:b2:ad:3e:a5:b8:12:61:08:
0d:cd:9d:72:aa:1f:83:f3:e6:c3:64:52:82:fb:62:
f9:67:8a:75:25:a8:0d:f2:90:df:77:33:6d:79:3d:
a1:d9:8d:50:b2:2d:38:6f:66:b5:f2:cd:e2:2a:c7:
49:5f:74:45:b6:1a:36:d7:d3:96:97:3e:d8:e1:60:
7a:bd:86:5f:9f:bb:b9:ea:77:df:eb:30:47:8d:2a:
44:15:c6:e7:9a:30:76:27:a6:8f:42:54:1d:14:f5:
06:51:92:28:bf:e4:ee:f9:d3:4e:dd:8c:38:dc:06:
b5:db:5a:4e:dd:c6:47:2a:fb:8b:2b:9e:24:55:78:
be:4f:dd:f8:20:68:cb:1d:52:96:4e:2b:90:0d:9a:
0d:1e:50:01:1a:5c:1b:1e:6c:b6:fe:cc:b2:72:1c:
b0:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:CA:C1:91:13:31:99:71:C4:B4:5C:FF:DA:BB:CF:B9:E2:C3:0F:E1
X509v3 Authority Key Identifier:
keyid:8A:E4:CF:78:B4:9D:F0:B2:C1:D2:9D:32:E4:8A:94:3A:E4:F4:1A:CC
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1663/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1663/6srBkRMxmXHEtFz_2rvPueLDD-E.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.226.49.0/24
Signature Algorithm: sha256WithRSAEncryption
08:8f:66:dd:ef:5a:f8:81:74:b5:3b:0b:81:2d:46:97:88:b2:
de:e6:65:e2:8a:b5:47:60:97:ae:31:37:2c:47:53:ff:e7:87:
92:51:ba:17:44:8c:6a:e0:6f:39:af:51:86:80:71:ac:d5:de:
5d:8c:42:9e:14:3a:72:26:03:7c:a8:bd:df:e2:13:a8:6a:b8:
41:b6:94:56:d4:23:1c:56:3a:9e:4a:ba:0b:d3:95:c1:b1:21:
bc:f6:54:32:d2:a5:b8:d7:ad:df:9f:cc:44:8c:b2:ec:2a:4c:
5f:63:6a:35:ca:db:b9:d2:0d:a7:34:25:fc:4d:7b:14:fc:ed:
fc:9b:25:62:60:a2:20:74:d2:fa:e8:95:82:2d:ad:4c:2b:7d:
19:20:f1:4e:c6:ad:28:92:0c:72:ba:1a:b6:da:34:e4:d7:71:
50:30:06:34:7a:b1:64:75:fe:76:be:9f:63:39:da:25:75:9c:
e8:44:b3:c4:69:62:a9:85:c1:67:86:55:92:41:60:9d:79:90:
69:42:d5:4d:ff:2b:3c:b9:0e:6a:e3:f5:94:85:8e:aa:d9:cc:
33:36:49:53:2d:ea:c9:b4:16:40:f3:8c:b5:97:32:7b:d5:52:
b3:fc:84:db:31:4b:75:51:1d:a9:c8:ce:a5:0b:1a:b8:25:35:
25:51:23:80
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICRgwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOEFF
NENGNzhCNDlERjBCMkMxRDI5RDMyRTQ4QTk0M0FFNEY0MUFDQzAeFw0yNTA4MjMx
ODMyMzZaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKEVBQ0FDMTkxMTMzMTk5
NzFDNEI0NUNGRkRBQkJDRkI5RTJDMzBGRTEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC3NUNhXQvEO9eA6r7kZ90YkK1dolzP5KFh1Chs1VqiR4ty5BZ/
AF/Sx52cvfrn7+lswS3FawA0HBKwZQUBazP3fqV3inJcs7rCi6zggcpRx6CJOJam
yiawinqnh2QH7VGyrT6luBJhCA3NnXKqH4Pz5sNkUoL7YvlninUlqA3ykN93M215
PaHZjVCyLThvZrXyzeIqx0lfdEW2GjbX05aXPtjhYHq9hl+fu7nqd9/rMEeNKkQV
xueaMHYnpo9CVB0U9QZRkii/5O75007djDjcBrXbWk7dxkcq+4srniRVeL5P3fgg
aMsdUpZOK5ANmg0eUAEaXBsebLb+zLJyHLCFAgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQU6srBkRMxmXHEtFz/2rvPueLDD+EwHwYDVR0jBBgwFoAUiuTPeLSd8LLB0p0y
5IqUOuT0GswwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTY2
My9pdVRQZUxTZDhMTEIwcDB5NUlxVU91VDBHc3cuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL2l1VFBlTFNkOExMQjBwMHk1SXFVT3VUMEdzdy5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzE2NjMvNnNyQmtSTXhtWEhF
dEZ6XzJydlB1ZUxERC1FLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEACviMTANBgkqhkiG9w0BAQsFAAOCAQEACI9m3e9a+IF0tTsLgS1Gl4iy3uZl
4oq1R2CXrjE3LEdT/+eHklG6F0SMauBvOa9RhoBxrNXeXYxCnhQ6ciYDfKi93+IT
qGq4QbaUVtQjHFY6nkq6C9OVwbEhvPZUMtKluNet35/MRIyy7CpMX2NqNcrbudIN
pzQl/E17FPzt/JslYmCiIHTS+uiVgi2tTCt9GSDxTsatKJIMcroatto05NdxUDAG
NHqxZHX+dr6fYznaJXWc6ESzxGliqYXBZ4ZVkkFgnXmQaULVTf8rPLkOauP1lIWO
qtnMMzZJUy3qybQWQPOMtZcye9VSs/yE2zFLdVEdqcjOpQsauCU1JVEjgA==
-----END CERTIFICATE-----
Generated at Sun Aug 24 02:44:51 2025 by rpki-client