Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/-SNRkaKPRqux6vIBMcgsBef4URY.roa
File: -SNRkaKPRqux6vIBMcgsBef4URY.roa (raw, json)
Hash identifier: Hub+O9wOey1liNa/Yse6Um54792aNl7sXzCSjCS2N64=
Subject key identifier: F9:23:51:91:A2:8F:46:AB:B1:EA:F2:01:31:C8:2C:05:E7:F8:51:16
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 61CA
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/-SNRkaKPRqux6vIBMcgsBef4URY.roa
Signing time: Sun 18 May 2025 20:40:33 +0000
ROA not before: Sun 18 May 2025 20:40:33 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 24426
IP address blocks: 43.239.48.0/22 maxlen: 22
43.246.0.0/22 maxlen: 22
43.246.4.0/22 maxlen: 22
43.246.12.0/22 maxlen: 22
43.246.16.0/22 maxlen: 22
43.246.20.0/22 maxlen: 22
43.246.24.0/22 maxlen: 22
43.246.28.0/22 maxlen: 22
43.246.32.0/22 maxlen: 22
43.246.36.0/22 maxlen: 22
43.246.40.0/22 maxlen: 22
43.246.44.0/22 maxlen: 22
43.246.52.0/22 maxlen: 22
43.246.56.0/22 maxlen: 22
43.246.60.0/22 maxlen: 22
43.246.64.0/22 maxlen: 22
43.246.68.0/22 maxlen: 22
43.246.72.0/22 maxlen: 22
43.246.76.0/22 maxlen: 22
43.246.80.0/22 maxlen: 22
43.246.84.0/22 maxlen: 22
43.246.88.0/22 maxlen: 22
43.246.92.0/22 maxlen: 22
43.246.96.0/22 maxlen: 22
103.35.48.0/22 maxlen: 22
103.236.0.0/22 maxlen: 22
103.236.4.0/22 maxlen: 22
103.236.8.0/22 maxlen: 22
103.236.12.0/22 maxlen: 22
103.236.16.0/22 maxlen: 22
103.236.20.0/22 maxlen: 22
103.236.28.0/22 maxlen: 22
103.236.32.0/22 maxlen: 22
103.236.36.0/22 maxlen: 22
103.236.40.0/22 maxlen: 22
103.236.44.0/22 maxlen: 22
103.236.48.0/22 maxlen: 22
103.236.52.0/22 maxlen: 22
103.236.56.0/22 maxlen: 22
103.236.60.0/22 maxlen: 22
103.236.64.0/22 maxlen: 22
103.236.68.0/22 maxlen: 22
103.236.72.0/22 maxlen: 22
103.236.76.0/22 maxlen: 22
103.236.80.0/22 maxlen: 22
103.236.84.0/22 maxlen: 22
103.236.88.0/22 maxlen: 22
103.236.92.0/22 maxlen: 22
103.236.96.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 25034 (0x61ca)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 18 20:40:33 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=F9235191A28F46ABB1EAF20131C82C05E7F85116
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:02:42:f8:30:08:ea:e4:65:29:13:0a:10:fe:
76:c3:e2:90:a9:1c:0f:8a:65:2e:78:56:fc:49:1d:
1e:1e:11:02:2b:96:cb:6b:8e:bc:30:72:b1:9f:ad:
12:e0:0e:f4:bb:3c:83:fb:cd:1a:69:73:9e:4c:9c:
de:a0:f3:ba:e1:ce:26:54:65:02:13:93:aa:af:d9:
f5:aa:18:0f:67:f7:71:bd:85:9d:ad:db:51:44:4c:
2c:ab:6c:40:da:6b:80:ce:24:8b:9f:fe:45:82:54:
46:30:71:a2:51:d0:c7:82:d5:48:69:99:3f:cc:b6:
a1:1d:ab:f4:00:20:99:72:d7:24:86:6d:d4:5e:f4:
3b:ef:12:71:df:20:f9:2b:ec:9e:a1:fb:8b:39:fd:
0d:6b:42:06:79:f7:49:5f:e9:3e:82:08:16:12:81:
d2:fd:ff:b7:6d:f8:9a:14:bc:03:fd:e7:97:f6:bd:
6e:27:37:44:d7:45:88:14:6c:12:50:b3:87:ff:ef:
11:7c:87:6a:c9:da:94:c5:c2:72:9c:8d:89:3e:10:
03:60:bc:40:e3:f0:51:27:7d:5d:63:27:9d:86:a9:
fd:e9:ef:72:2a:40:2c:35:ec:66:03:66:63:7c:09:
4c:78:75:ad:03:d6:ef:a7:ca:d1:6a:96:d1:b0:21:
78:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:23:51:91:A2:8F:46:AB:B1:EA:F2:01:31:C8:2C:05:E7:F8:51:16
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/-SNRkaKPRqux6vIBMcgsBef4URY.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.48.0/22
43.246.0.0/21
43.246.12.0-43.246.47.255
43.246.52.0-43.246.99.255
103.35.48.0/22
103.236.0.0-103.236.23.255
103.236.28.0-103.236.99.255
Signature Algorithm: sha256WithRSAEncryption
04:80:49:23:f4:5c:03:aa:4e:94:62:c9:d3:6c:f4:5e:ef:3e:
75:64:0d:4c:fd:2a:43:99:5b:a2:42:ec:c7:54:3d:5e:d5:2e:
0e:94:a1:1c:22:67:4d:69:2b:8f:50:23:79:80:28:0c:b4:f9:
0c:c5:24:86:d7:61:5d:9c:7b:50:4b:9a:fb:fe:04:fb:6d:63:
6c:7d:b7:e3:99:3c:ba:a9:a2:3c:93:f6:d7:14:11:0d:59:22:
91:1f:ad:cd:5d:50:26:da:03:50:7a:9e:b9:00:e2:0a:fa:1c:
18:b7:73:4d:b9:ca:2e:a2:47:7c:eb:03:87:6e:be:9c:2a:a9:
20:15:ba:a6:4f:93:f4:57:4e:63:d5:0b:a8:6a:b4:e5:b5:cf:
42:f5:19:36:b5:1c:31:d5:78:e6:15:eb:44:c1:32:f9:87:15:
4b:8b:ff:ad:c3:76:91:33:e8:b7:7b:82:5a:02:20:0c:2f:cf:
91:43:e5:44:bb:ac:f6:5a:99:f9:97:c3:aa:e4:70:9c:c9:9e:
33:80:cb:9d:e9:f6:d2:de:ca:d1:05:47:0b:67:df:92:55:7b:
c3:f2:08:b9:46:4e:af:11:45:b0:cf:0b:e4:da:f1:2c:e4:20:
ec:b5:85:a6:55:9a:eb:9b:85:7f:8b:a1:9d:49:00:2c:c4:5c:
ba:91:1f:61
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgICYcowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNTA1MTgy
MDQwMzNaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKEY5MjM1MTkxQTI4RjQ2
QUJCMUVBRjIwMTMxQzgyQzA1RTdGODUxMTYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDaAkL4MAjq5GUpEwoQ/nbD4pCpHA+KZS54VvxJHR4eEQIrlstr
jrwwcrGfrRLgDvS7PIP7zRppc55MnN6g87rhziZUZQITk6qv2fWqGA9n93G9hZ2t
21FETCyrbEDaa4DOJIuf/kWCVEYwcaJR0MeC1UhpmT/MtqEdq/QAIJly1ySGbdRe
9DvvEnHfIPkr7J6h+4s5/Q1rQgZ590lf6T6CCBYSgdL9/7dt+JoUvAP955f2vW4n
N0TXRYgUbBJQs4f/7xF8h2rJ2pTFwnKcjYk+EANgvEDj8FEnfV1jJ52Gqf3p73Iq
QCw17GYDZmN8CUx4da0D1u+nytFqltGwIXiBAgMBAAGjggI0MIICMDAdBgNVHQ4E
FgQU+SNRkaKPRqux6vIBMcgsBef4URYwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3Ly1TTlJrYUtQUnF1eDZ2
SUJNY2dzQmVmNFVSWS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwYgYIKwYBBQUHAQcBAf8EUzBRME8EAgABMEkD
BAIr7zADBAMr9gAwDAMEAiv2DAMEBCv2IDAMAwQCK/Y0AwQCK/ZgAwQCZyMwMAsD
AwJn7AMEA2fsEDAMAwQCZ+wcAwQCZ+xgMA0GCSqGSIb3DQEBCwUAA4IBAQAEgEkj
9FwDqk6UYsnTbPRe7z51ZA1M/SpDmVuiQuzHVD1e1S4OlKEcImdNaSuPUCN5gCgM
tPkMxSSG12FdnHtQS5r7/gT7bWNsfbfjmTy6qaI8k/bXFBENWSKRH63NXVAm2gNQ
ep65AOIK+hwYt3NNucouokd86wOHbr6cKqkgFbqmT5P0V05j1QuoarTltc9C9Rk2
tRwx1XjmFetEwTL5hxVLi/+tw3aRM+i3e4JaAiAML8+RQ+VEu6z2Wpn5l8Oq5HCc
yZ4zgMud6fbS3srRBUcLZ9+SVXvD8gi5Rk6vEUWwzwvk2vEs5CDstYWmVZrrm4V/
i6GdSQAsxFy6kR9h
-----END CERTIFICATE-----
Generated at Wed Jun 4 02:10:20 2025 by rpki-client