Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1663/JhZF6AuQEOuB8GjaXjankk0DljQ.roa
File: JhZF6AuQEOuB8GjaXjankk0DljQ.roa (raw, json)
Hash identifier: scLEIBaljF9J/rvGMYhys3RwKVJ/QPY9DR7qT0S63uE=
Subject key identifier: 26:16:45:E8:0B:90:10:EB:81:F0:68:DA:5E:36:A7:92:4D:03:96:34
Certificate issuer: /CN=8AE4CF78B49DF0B2C1D29D32E48A943AE4F41ACC
Certificate serial: 5764
Authority key identifier: 8A:E4:CF:78:B4:9D:F0:B2:C1:D2:9D:32:E4:8A:94:3A:E4:F4:1A:CC
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1663/JhZF6AuQEOuB8GjaXjankk0DljQ.roa
Signing time: Mon 08 Sep 2025 04:33:24 +0000
ROA not before: Mon 08 Sep 2025 04:33:24 +0000
ROA not after: Mon 03 Aug 2026 08:44:40 +0000
asID: 134762
IP address blocks: 43.226.49.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 22372 (0x5764)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8AE4CF78B49DF0B2C1D29D32E48A943AE4F41ACC
Validity
Not Before: Sep 8 04:33:24 2025 GMT
Not After : Aug 3 08:44:40 2026 GMT
Subject: CN=261645E80B9010EB81F068DA5E36A7924D039634
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:70:5b:44:3b:f0:ee:93:09:2e:89:73:14:f6:
fd:eb:1b:6d:d2:f7:7a:8f:7b:ea:e5:90:08:3e:7a:
6c:0b:71:2a:de:3b:28:a5:43:51:07:a9:85:bc:76:
36:2f:f2:d5:4a:77:c0:97:ea:8f:6d:e1:78:6f:db:
d6:2f:56:0a:03:1a:4a:e0:ad:6f:17:9e:90:1e:00:
77:ce:59:9b:ab:11:a8:12:41:fb:a0:c1:ff:98:17:
88:77:84:54:11:1a:08:6a:03:75:3b:ae:87:b9:27:
d4:ce:18:0e:8e:01:10:9d:35:67:c6:2c:ce:f8:20:
f0:92:8f:5b:e3:08:69:c9:1a:61:66:e3:3e:c5:90:
c1:32:49:10:aa:f6:aa:6f:e1:28:fb:a6:82:02:c4:
b7:58:05:17:54:b1:6e:a4:61:7a:33:76:9f:01:91:
67:11:00:4e:bc:51:58:b0:f4:70:73:d1:39:cb:72:
44:9f:ca:0e:b1:c6:fb:2f:3f:45:a3:5c:91:0d:b7:
db:f9:a9:79:a9:9b:71:0c:38:cf:11:69:d9:83:bf:
0e:32:46:52:c5:75:5c:4a:7b:df:79:59:56:4c:06:
22:78:a6:a1:f3:8d:74:80:1a:4b:72:b3:04:d3:cb:
5f:32:22:61:d3:9b:55:04:5c:9c:54:0d:f9:c3:a4:
e8:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:16:45:E8:0B:90:10:EB:81:F0:68:DA:5E:36:A7:92:4D:03:96:34
X509v3 Authority Key Identifier:
keyid:8A:E4:CF:78:B4:9D:F0:B2:C1:D2:9D:32:E4:8A:94:3A:E4:F4:1A:CC
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1663/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1663/JhZF6AuQEOuB8GjaXjankk0DljQ.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.226.49.0/24
Signature Algorithm: sha256WithRSAEncryption
0a:4e:e0:f0:14:ed:cf:9c:f9:61:23:2f:bf:00:4a:39:6c:36:
b3:91:2d:da:dd:b6:7b:e1:15:0c:91:e7:8a:83:55:07:cd:03:
bd:89:e8:b2:f6:e1:14:a0:d1:e7:13:53:9c:6f:65:82:c3:24:
16:c4:19:25:67:c8:79:41:7a:53:e0:ab:17:5c:15:ab:dd:81:
da:c9:22:7f:bc:d1:ba:57:e8:f9:8d:ca:ea:6a:0c:cc:d9:ea:
5b:f6:77:8c:34:f3:91:19:f2:c8:c8:71:0f:be:cf:ff:19:f1:
a5:5b:83:24:ef:22:e5:75:e8:11:b4:cf:d2:89:b1:ca:26:c4:
bc:66:51:08:0f:cd:cf:f2:08:a3:b5:a5:4d:12:2d:43:dd:76:
18:a2:d7:bb:28:c4:b6:cc:97:a5:99:f6:89:3b:46:d6:08:07:
ac:64:73:74:0e:fa:bf:6c:20:2d:1c:72:91:a6:bc:90:a0:67:
bb:8e:7d:a4:8a:3b:d6:fc:66:e9:35:e8:69:c9:9d:5b:01:03:
b9:e5:36:a2:e5:25:56:95:37:b3:1d:6d:5f:17:08:d2:59:1f:
fe:b3:b7:0e:ef:74:9e:24:84:87:e3:9a:ea:a8:e9:db:08:53:
5b:8b:85:5e:9e:9a:d6:e1:f5:f1:26:e4:f3:35:62:94:bd:e1:
ae:4f:2f:0b
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICV2QwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOEFF
NENGNzhCNDlERjBCMkMxRDI5RDMyRTQ4QTk0M0FFNEY0MUFDQzAeFw0yNTA5MDgw
NDMzMjRaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDI2MTY0NUU4MEI5MDEw
RUI4MUYwNjhEQTVFMzZBNzkyNEQwMzk2MzQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDgcFtEO/DukwkuiXMU9v3rG23S93qPe+rlkAg+emwLcSreOyil
Q1EHqYW8djYv8tVKd8CX6o9t4Xhv29YvVgoDGkrgrW8XnpAeAHfOWZurEagSQfug
wf+YF4h3hFQRGghqA3U7roe5J9TOGA6OARCdNWfGLM74IPCSj1vjCGnJGmFm4z7F
kMEySRCq9qpv4Sj7poICxLdYBRdUsW6kYXozdp8BkWcRAE68UViw9HBz0TnLckSf
yg6xxvsvP0WjXJENt9v5qXmpm3EMOM8RadmDvw4yRlLFdVxKe995WVZMBiJ4pqHz
jXSAGktyswTTy18yImHTm1UEXJxUDfnDpOjTAgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQUJhZF6AuQEOuB8GjaXjankk0DljQwHwYDVR0jBBgwFoAUiuTPeLSd8LLB0p0y
5IqUOuT0GswwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTY2
My9pdVRQZUxTZDhMTEIwcDB5NUlxVU91VDBHc3cuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL2l1VFBlTFNkOExMQjBwMHk1SXFVT3VUMEdzdy5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzE2NjMvSmhaRjZBdVFFT3VC
OEdqYVhqYW5razBEbGpRLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEACviMTANBgkqhkiG9w0BAQsFAAOCAQEACk7g8BTtz5z5YSMvvwBKOWw2s5Et
2t22e+EVDJHnioNVB80DvYnosvbhFKDR5xNTnG9lgsMkFsQZJWfIeUF6U+CrF1wV
q92B2skif7zRulfo+Y3K6moMzNnqW/Z3jDTzkRnyyMhxD77P/xnxpVuDJO8i5XXo
EbTP0omxyibEvGZRCA/Nz/IIo7WlTRItQ912GKLXuyjEtsyXpZn2iTtG1ggHrGRz
dA76v2wgLRxykaa8kKBnu459pIo71vxm6TXoacmdWwEDueU2ouUlVpU3sx1tXxcI
0lkf/rO3Du90niSEh+Oa6qjp2whTW4uFXp6a1uH18Sbk8zVilL3hrk8vCw==
-----END CERTIFICATE-----
Generated at Tue Sep 9 03:35:17 2025 by rpki-client