Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1663/VwO4FYrWxJGVUV-jLEEl5DMU554.roa
File: VwO4FYrWxJGVUV-jLEEl5DMU554.roa (raw, json)
Hash identifier: HtznbkVSvA3Itn+YZktLy+QOtTZZnkUHbl4iKPy2cT0=
Subject key identifier: 57:03:B8:15:8A:D6:C4:91:95:51:5F:A3:2C:41:25:E4:33:14:E7:9E
Certificate issuer: /CN=8AE4CF78B49DF0B2C1D29D32E48A943AE4F41ACC
Certificate serial: 99C0
Authority key identifier: 8A:E4:CF:78:B4:9D:F0:B2:C1:D2:9D:32:E4:8A:94:3A:E4:F4:1A:CC
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1663/VwO4FYrWxJGVUV-jLEEl5DMU554.roa
Signing time: Thu 06 Nov 2025 01:42:15 +0000
ROA not before: Thu 06 Nov 2025 01:42:15 +0000
ROA not after: Fri 23 Oct 2026 03:01:03 +0000
asID: 134762
IP address blocks: 43.226.72.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 39360 (0x99c0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8AE4CF78B49DF0B2C1D29D32E48A943AE4F41ACC
Validity
Not Before: Nov 6 01:42:15 2025 GMT
Not After : Oct 23 03:01:03 2026 GMT
Subject: CN=5703B8158AD6C49195515FA32C4125E43314E79E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:ab:b1:a0:f2:a4:2f:fe:60:9e:d6:f7:31:c7:
33:6d:ff:f8:a6:2b:9f:31:06:d8:02:5b:f9:60:d0:
1d:7c:ee:c9:77:a8:be:3e:e5:8a:87:b0:03:50:9b:
c7:2a:24:5b:fc:88:79:5d:02:98:ec:80:43:69:da:
03:a3:55:2a:6d:c4:2f:cf:1c:e9:85:ed:25:05:ec:
d7:2f:bc:7a:70:00:73:d7:59:f3:66:f5:6b:f8:50:
63:b5:52:12:04:9e:6d:35:0d:12:19:63:58:ad:91:
2e:0f:cc:05:d3:d7:76:f0:b7:85:74:06:b4:80:52:
b8:d1:40:c7:a9:25:d9:33:76:a5:4a:2d:e0:d4:e9:
42:83:d3:28:dd:ae:74:f8:8f:b9:b3:6e:a9:6e:45:
57:ee:54:af:d6:95:08:4f:f2:bf:ab:cb:a3:9d:74:
f5:75:a2:c6:65:ab:bb:e7:bf:33:a0:ff:87:e6:30:
ac:cd:a4:79:1f:48:fd:a9:b1:1e:46:8a:f1:79:79:
d0:90:63:fa:9a:1b:89:63:3b:26:02:6a:8e:34:28:
18:d3:a2:1c:2a:2e:9a:2c:be:5e:3b:86:ec:d9:8c:
f0:3f:39:c7:8f:d7:aa:89:5f:de:cc:5c:cb:b3:52:
3e:5e:a4:38:c6:a9:8a:32:28:78:73:a5:06:6e:53:
dc:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:03:B8:15:8A:D6:C4:91:95:51:5F:A3:2C:41:25:E4:33:14:E7:9E
X509v3 Authority Key Identifier:
keyid:8A:E4:CF:78:B4:9D:F0:B2:C1:D2:9D:32:E4:8A:94:3A:E4:F4:1A:CC
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1663/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1663/VwO4FYrWxJGVUV-jLEEl5DMU554.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.226.72.0/22
Signature Algorithm: sha256WithRSAEncryption
b3:f7:49:c5:86:0e:bd:83:33:c1:c1:5c:c1:38:6c:2b:b9:a2:
91:55:7f:a2:f6:d7:95:87:a7:6b:30:2d:d5:c1:b6:8f:32:bf:
5f:e6:2c:9e:47:53:21:7e:fc:54:02:12:65:e7:bb:37:6e:f6:
47:1a:e3:a1:68:7d:8a:7e:c3:38:8c:d3:df:14:7c:1e:0c:85:
49:13:f0:20:dc:21:9b:87:15:9d:f8:4a:6b:34:21:84:6b:25:
0c:55:d8:13:c6:a7:52:ef:ab:43:48:2e:7a:1b:17:58:28:df:
5d:6b:54:52:0b:9c:dd:fb:de:05:d0:fa:5a:e6:63:14:f9:03:
c8:74:5b:7f:90:f6:d6:83:54:ea:1f:dc:c0:8e:7c:e2:cf:08:
12:2b:4f:dc:fe:8d:74:4a:42:0a:ac:51:22:85:1e:07:05:1c:
31:0a:6c:74:bc:95:6f:fb:94:77:4b:45:20:bc:9a:cc:21:c8:
d5:9e:7e:f5:fc:c6:4a:5b:9b:c2:80:da:2d:5b:c2:c9:2e:92:
a8:8b:4d:e7:ff:c2:21:69:f2:75:26:91:74:f6:5d:3b:fa:7d:
68:71:b7:2a:a0:52:26:a2:8b:bb:6a:f2:f2:7c:35:e1:98:61:
eb:a3:f9:1e:d7:e9:ec:9d:70:50:af:53:60:ea:30:28:dd:20:
57:b3:17:22
-----BEGIN CERTIFICATE-----
MIIE2DCCA8CgAwIBAgIDAJnAMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDhB
RTRDRjc4QjQ5REYwQjJDMUQyOUQzMkU0OEE5NDNBRTRGNDFBQ0MwHhcNMjUxMTA2
MDE0MjE1WhcNMjYxMDIzMDMwMTAzWjAzMTEwLwYDVQQDEyg1NzAzQjgxNThBRDZD
NDkxOTU1MTVGQTMyQzQxMjVFNDMzMTRFNzlFMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAsKuxoPKkL/5gntb3Mcczbf/4piufMQbYAlv5YNAdfO7Jd6i+
PuWKh7ADUJvHKiRb/Ih5XQKY7IBDadoDo1UqbcQvzxzphe0lBezXL7x6cABz11nz
ZvVr+FBjtVISBJ5tNQ0SGWNYrZEuD8wF09d28LeFdAa0gFK40UDHqSXZM3alSi3g
1OlCg9Mo3a50+I+5s26pbkVX7lSv1pUIT/K/q8ujnXT1daLGZau7578zoP+H5jCs
zaR5H0j9qbEeRorxeXnQkGP6mhuJYzsmAmqONCgY06IcKi6aLL5eO4bs2YzwPznH
j9eqiV/ezFzLs1I+XqQ4xqmKMih4c6UGblPcNwIDAQABo4IB8zCCAe8wHQYDVR0O
BBYEFFcDuBWK1sSRlVFfoyxBJeQzFOeeMB8GA1UdIwQYMBaAFIrkz3i0nfCywdKd
MuSKlDrk9BrMMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwXQYDVR0fBFYwVDBS
oFCgToZMcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzE2
NjMvaXVUUGVMU2Q4TExCMHAweTVJcVVPdVQwR3N3LmNybDBjBggrBgEFBQcBAQRX
MFUwUwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYy
RTNEMDAwMC9pdVRQZUxTZDhMTEIwcDB5NUlxVU91VDBHc3cuY2VyMA4GA1UdDwEB
/wQEAwIHgDCBnQYIKwYBBQUHAQsEgZAwgY0wWAYIKwYBBQUHMAuGTHJzeW5jOi8v
cnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8xNjYzL1Z3TzRGWXJXeEpH
VlVWLWpMRUVsNURNVTU1NC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5j
bm5pYy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAIr4kgwDQYJKoZIhvcNAQELBQADggEBALP3ScWGDr2DM8HBXME4bCu5opFV
f6L215WHp2swLdXBto8yv1/mLJ5HUyF+/FQCEmXnuzdu9kca46FofYp+wziM098U
fB4MhUkT8CDcIZuHFZ34Sms0IYRrJQxV2BPGp1Lvq0NILnobF1go311rVFILnN37
3gXQ+lrmYxT5A8h0W3+Q9taDVOof3MCOfOLPCBIrT9z+jXRKQgqsUSKFHgcFHDEK
bHS8lW/7lHdLRSC8mswhyNWefvX8xkpbm8KA2i1bwskukqiLTef/wiFp8nUmkXT2
XTv6fWhxtyqgUiaii7tq8vJ8NeGYYeuj+R7X6eydcFCvU2DqMCjdIFezFyI=
-----END CERTIFICATE-----
Generated at Thu Nov 6 04:40:58 2025 by rpki-client