Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1663/sy_W5etql-BohH4Dck8XinjO0fw.roa
File: sy_W5etql-BohH4Dck8XinjO0fw.roa (raw, json)
Hash identifier: gdmNlw52whZUd4pEW49OlCYXKV+8VLwYPzoqvRJ0ZHY=
Subject key identifier: B3:2F:D6:E5:EB:6A:97:E0:68:84:7E:03:72:4F:17:8A:78:CE:D1:FC
Certificate issuer: /CN=8AE4CF78B49DF0B2C1D29D32E48A943AE4F41ACC
Certificate serial: 5766
Authority key identifier: 8A:E4:CF:78:B4:9D:F0:B2:C1:D2:9D:32:E4:8A:94:3A:E4:F4:1A:CC
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1663/sy_W5etql-BohH4Dck8XinjO0fw.roa
Signing time: Mon 08 Sep 2025 04:33:24 +0000
ROA not before: Mon 08 Sep 2025 04:33:24 +0000
ROA not after: Mon 03 Aug 2026 08:44:40 +0000
asID: 63612
IP address blocks: 103.45.128.0/19 maxlen: 19
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 22374 (0x5766)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8AE4CF78B49DF0B2C1D29D32E48A943AE4F41ACC
Validity
Not Before: Sep 8 04:33:24 2025 GMT
Not After : Aug 3 08:44:40 2026 GMT
Subject: CN=B32FD6E5EB6A97E068847E03724F178A78CED1FC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:13:3f:48:cb:33:25:74:9c:0d:55:d1:c9:26:
e1:ff:55:32:39:42:72:b4:da:f7:04:76:67:b5:42:
26:d4:b0:7a:5b:75:c2:b2:27:65:67:e8:63:65:f1:
8c:3c:7e:87:4f:13:c4:80:c4:1d:cd:b2:4a:72:5e:
db:d4:d0:11:e8:9f:b8:b7:0c:2e:a1:34:35:e0:9b:
96:e3:ec:39:37:56:d2:8f:0c:de:f6:34:61:06:a3:
81:d5:92:f3:c6:3a:d1:1a:e3:48:ae:bc:0f:ab:ad:
5d:b6:e5:a0:22:9d:89:31:d9:d8:d7:f1:27:1f:94:
29:2c:9b:ef:a3:0a:92:98:18:00:87:c9:93:ab:dc:
b3:a4:88:35:e1:a7:e3:0c:91:40:e8:ff:b1:46:6e:
d3:c6:32:b2:78:32:82:f9:6f:28:d6:dc:db:23:44:
81:91:18:70:37:5a:2e:04:1a:ff:f4:b2:74:83:25:
b2:d1:c0:0d:f0:a3:65:7d:56:37:4a:71:00:1d:7f:
98:95:eb:ca:19:4c:b6:08:e5:3d:62:23:b3:43:58:
b6:9c:db:0c:61:4d:21:4d:fe:74:7e:9f:7a:76:ac:
a9:b7:6d:4f:fd:81:25:42:f1:53:7a:ef:65:8e:a9:
9a:c4:df:a2:2f:67:0d:70:37:03:fe:fe:20:31:c9:
e5:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:2F:D6:E5:EB:6A:97:E0:68:84:7E:03:72:4F:17:8A:78:CE:D1:FC
X509v3 Authority Key Identifier:
keyid:8A:E4:CF:78:B4:9D:F0:B2:C1:D2:9D:32:E4:8A:94:3A:E4:F4:1A:CC
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1663/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1663/sy_W5etql-BohH4Dck8XinjO0fw.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.45.128.0/19
Signature Algorithm: sha256WithRSAEncryption
36:26:b9:0d:15:1a:6a:90:07:70:fa:93:00:c1:9b:06:d0:83:
38:ef:08:f5:bc:08:bd:e8:ec:68:34:52:a9:ce:4c:8a:e5:09:
ac:1a:57:6a:b4:95:1c:e7:64:42:bb:25:57:d4:88:ff:e4:0d:
3d:d4:f8:7f:2b:c1:03:5e:8f:51:7c:ed:24:5a:8a:2e:41:32:
2a:14:ec:a9:52:b9:6d:6a:b3:04:ee:53:70:6e:6f:c3:85:f4:
d0:34:d8:de:e1:85:96:b9:cf:b6:ee:7b:8a:13:ac:14:4f:a5:
a5:0e:86:dc:94:ec:c9:4b:ad:4d:ac:7c:37:79:af:dd:e3:f7:
c3:61:f2:f4:11:92:e7:b4:98:87:40:e9:84:97:09:40:fc:b7:
34:fc:6c:21:c1:66:90:c8:ee:d2:3c:f5:bb:53:25:d2:f2:d2:
d1:c4:64:85:a3:5d:84:85:18:7c:df:57:e9:fe:27:b8:75:c6:
2e:94:7e:0f:57:17:fb:5b:53:11:f7:2b:d6:4e:14:13:c7:87:
90:74:5c:92:b3:6c:90:0d:fd:0b:66:48:07:4d:35:e4:94:58:
6c:0b:bb:30:22:a9:73:96:cd:b4:ad:d6:89:60:2b:b8:dc:e8:
e3:7b:55:ee:f3:03:50:86:da:44:7a:f1:72:fc:cd:9d:db:53:
8e:05:1d:97
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICV2YwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOEFF
NENGNzhCNDlERjBCMkMxRDI5RDMyRTQ4QTk0M0FFNEY0MUFDQzAeFw0yNTA5MDgw
NDMzMjRaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKEIzMkZENkU1RUI2QTk3
RTA2ODg0N0UwMzcyNEYxNzhBNzhDRUQxRkMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDGEz9IyzMldJwNVdHJJuH/VTI5QnK02vcEdme1QibUsHpbdcKy
J2Vn6GNl8Yw8fodPE8SAxB3NskpyXtvU0BHon7i3DC6hNDXgm5bj7Dk3VtKPDN72
NGEGo4HVkvPGOtEa40iuvA+rrV225aAinYkx2djX8ScflCksm++jCpKYGACHyZOr
3LOkiDXhp+MMkUDo/7FGbtPGMrJ4MoL5byjW3NsjRIGRGHA3Wi4EGv/0snSDJbLR
wA3wo2V9VjdKcQAdf5iV68oZTLYI5T1iI7NDWLac2wxhTSFN/nR+n3p2rKm3bU/9
gSVC8VN672WOqZrE36IvZw1wNwP+/iAxyeU/AgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQUsy/W5etql+BohH4Dck8XinjO0fwwHwYDVR0jBBgwFoAUiuTPeLSd8LLB0p0y
5IqUOuT0GswwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTY2
My9pdVRQZUxTZDhMTEIwcDB5NUlxVU91VDBHc3cuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL2l1VFBlTFNkOExMQjBwMHk1SXFVT3VUMEdzdy5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzE2NjMvc3lfVzVldHFsLUJv
aEg0RGNrOFhpbmpPMGZ3LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEBWctgDANBgkqhkiG9w0BAQsFAAOCAQEANia5DRUaapAHcPqTAMGbBtCDOO8I
9bwIvejsaDRSqc5MiuUJrBpXarSVHOdkQrslV9SI/+QNPdT4fyvBA16PUXztJFqK
LkEyKhTsqVK5bWqzBO5TcG5vw4X00DTY3uGFlrnPtu57ihOsFE+lpQ6G3JTsyUut
Tax8N3mv3eP3w2Hy9BGS57SYh0DphJcJQPy3NPxsIcFmkMju0jz1u1Ml0vLS0cRk
haNdhIUYfN9X6f4nuHXGLpR+D1cX+1tTEfcr1k4UE8eHkHRckrNskA39C2ZIB001
5JRYbAu7MCKpc5bNtK3WiWAruNzo43tV7vMDUIbaRHrxcvzNndtTjgUdlw==
-----END CERTIFICATE-----
Generated at Mon Sep 8 22:16:50 2025 by rpki-client