
Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/446u72kCb34qfXFitrZwGby8gAM.roa
File: 446u72kCb34qfXFitrZwGby8gAM.roa (raw, json)
Hash identifier: 5YG1iUtK/xfZ13N8bJ+yP6QxZ34FDwbcad4Hf7wEcRw=
Subject key identifier: E3:8E:AE:EF:69:02:6F:7E:2A:7D:71:62:B6:B6:70:19:BC:BC:80:03
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 6D02
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/446u72kCb34qfXFitrZwGby8gAM.roa
Signing time: Tue 17 Jun 2025 18:46:19 +0000
ROA not before: Tue 17 Jun 2025 18:46:19 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 24426
IP address blocks: 43.239.48.0/22 maxlen: 22
43.246.0.0/22 maxlen: 22
43.246.4.0/22 maxlen: 22
43.246.12.0/22 maxlen: 22
43.246.16.0/22 maxlen: 22
43.246.20.0/22 maxlen: 22
43.246.24.0/22 maxlen: 22
43.246.28.0/22 maxlen: 22
43.246.32.0/22 maxlen: 22
43.246.36.0/22 maxlen: 22
43.246.40.0/22 maxlen: 22
43.246.44.0/22 maxlen: 22
43.246.52.0/22 maxlen: 22
43.246.56.0/22 maxlen: 22
43.246.60.0/22 maxlen: 22
43.246.64.0/22 maxlen: 22
43.246.68.0/22 maxlen: 22
43.246.72.0/22 maxlen: 22
43.246.76.0/22 maxlen: 22
43.246.80.0/22 maxlen: 22
43.246.84.0/22 maxlen: 22
43.246.88.0/22 maxlen: 22
43.246.92.0/22 maxlen: 22
43.246.96.0/22 maxlen: 22
103.35.48.0/22 maxlen: 22
103.236.0.0/22 maxlen: 22
103.236.4.0/22 maxlen: 22
103.236.8.0/22 maxlen: 22
103.236.12.0/22 maxlen: 22
103.236.16.0/22 maxlen: 22
103.236.20.0/22 maxlen: 22
103.236.28.0/22 maxlen: 22
103.236.32.0/22 maxlen: 22
103.236.36.0/22 maxlen: 22
103.236.40.0/22 maxlen: 22
103.236.44.0/22 maxlen: 22
103.236.48.0/22 maxlen: 22
103.236.52.0/22 maxlen: 22
103.236.56.0/22 maxlen: 22
103.236.60.0/22 maxlen: 22
103.236.64.0/22 maxlen: 22
103.236.68.0/22 maxlen: 22
103.236.72.0/22 maxlen: 22
103.236.76.0/22 maxlen: 22
103.236.80.0/22 maxlen: 22
103.236.84.0/22 maxlen: 22
103.236.88.0/22 maxlen: 22
103.236.92.0/22 maxlen: 22
103.236.96.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 27906 (0x6d02)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Jun 17 18:46:19 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=E38EAEEF69026F7E2A7D7162B6B67019BCBC8003
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:7f:77:53:f8:4f:78:28:b0:61:30:1c:bc:75:
a2:34:10:4b:da:ff:79:48:21:cd:63:1d:6a:a2:79:
ff:d4:51:e0:ea:f2:24:65:36:6d:73:57:e7:6b:6d:
8b:7e:c6:0d:22:6e:56:f7:10:04:86:df:d7:eb:09:
3d:a0:de:5f:8f:2c:ed:a9:bd:7f:10:a4:48:9a:4f:
ab:3f:11:d8:8e:9c:08:62:b8:96:04:3e:5f:a8:3f:
d3:6e:8f:46:14:22:9e:6c:d5:b3:7e:e7:8c:28:93:
12:8d:9f:b4:ac:f9:31:83:d8:a4:84:38:26:84:91:
b3:97:80:67:e3:b4:55:a4:1d:16:4d:1e:9b:53:d4:
35:3c:9a:2c:79:3c:c9:ce:46:a9:37:69:d4:04:0d:
4c:83:db:81:27:68:5b:de:33:8e:1c:7f:b3:94:42:
79:25:37:50:33:6d:50:5b:a8:86:49:48:e3:86:95:
18:c9:fd:17:32:b0:57:13:bb:ce:1d:9b:28:63:65:
f3:d8:b2:18:b8:25:ca:39:e5:3f:b9:70:70:c5:6b:
35:1f:00:30:de:10:ac:84:4a:50:55:78:83:a2:b6:
49:38:f7:d0:83:5e:19:4f:54:fb:bb:8a:bc:9c:35:
df:0b:58:45:6e:6b:92:f9:ba:16:cf:ae:ee:68:0a:
ea:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:8E:AE:EF:69:02:6F:7E:2A:7D:71:62:B6:B6:70:19:BC:BC:80:03
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/446u72kCb34qfXFitrZwGby8gAM.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.48.0/22
43.246.0.0/21
43.246.12.0-43.246.47.255
43.246.52.0-43.246.99.255
103.35.48.0/22
103.236.0.0-103.236.23.255
103.236.28.0-103.236.99.255
Signature Algorithm: sha256WithRSAEncryption
3c:fd:7f:f8:98:b1:6b:c9:0f:f5:e8:cb:62:0e:80:ae:04:b3:
44:be:3a:05:27:da:b1:e4:56:c0:d3:4e:61:95:52:f2:60:86:
bf:e0:0c:a7:15:b2:b2:dc:ed:0a:53:2c:69:d5:c9:6f:80:37:
e3:ae:28:e9:86:24:42:63:73:5d:66:08:eb:e4:55:83:27:cb:
03:73:b9:5c:36:54:04:46:fe:57:77:29:46:71:57:4d:72:f2:
7b:8d:54:45:81:3b:0e:2f:7e:a9:f5:3a:bb:7c:26:f9:4a:f4:
22:f9:32:0d:07:81:bd:2a:6f:6e:e4:9b:f7:ff:1c:21:ae:60:
be:d2:9a:55:0f:40:b0:1d:d8:87:27:38:60:29:78:fe:a9:0b:
65:34:7d:26:3f:40:38:da:26:ec:35:6d:c6:df:c5:dc:90:e1:
41:30:eb:0d:0f:14:46:8b:c7:29:e6:be:02:26:69:f3:22:72:
95:0f:e2:0a:53:cf:f0:df:bf:19:83:1b:7e:c2:f9:13:ae:b8:
5c:be:14:ca:80:0a:f4:b6:bb:9b:51:ba:1b:79:41:1f:a2:d5:
bc:98:bf:20:4c:0e:81:77:89:b8:da:26:26:50:e7:82:58:d9:
2d:87:92:af:65:3f:ab:4a:a6:33:19:5c:0a:69:58:4d:c1:63:
97:6b:3b:42
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgICbQIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNTA2MTcx
ODQ2MTlaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKEUzOEVBRUVGNjkwMjZG
N0UyQTdENzE2MkI2QjY3MDE5QkNCQzgwMDMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC+f3dT+E94KLBhMBy8daI0EEva/3lIIc1jHWqief/UUeDq8iRl
Nm1zV+drbYt+xg0iblb3EASG39frCT2g3l+PLO2pvX8QpEiaT6s/EdiOnAhiuJYE
Pl+oP9Nuj0YUIp5s1bN+54wokxKNn7Ss+TGD2KSEOCaEkbOXgGfjtFWkHRZNHptT
1DU8mix5PMnORqk3adQEDUyD24EnaFveM44cf7OUQnklN1AzbVBbqIZJSOOGlRjJ
/RcysFcTu84dmyhjZfPYshi4Jco55T+5cHDFazUfADDeEKyESlBVeIOitkk499CD
XhlPVPu7irycNd8LWEVua5L5uhbPru5oCupZAgMBAAGjggI0MIICMDAdBgNVHQ4E
FgQU446u72kCb34qfXFitrZwGby8gAMwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzQ0NnU3MmtDYjM0cWZY
Rml0clp3R2J5OGdBTS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwYgYIKwYBBQUHAQcBAf8EUzBRME8EAgABMEkD
BAIr7zADBAMr9gAwDAMEAiv2DAMEBCv2IDAMAwQCK/Y0AwQCK/ZgAwQCZyMwMAsD
AwJn7AMEA2fsEDAMAwQCZ+wcAwQCZ+xgMA0GCSqGSIb3DQEBCwUAA4IBAQA8/X/4
mLFryQ/16MtiDoCuBLNEvjoFJ9qx5FbA005hlVLyYIa/4AynFbKy3O0KUyxp1clv
gDfjrijphiRCY3NdZgjr5FWDJ8sDc7lcNlQERv5XdylGcVdNcvJ7jVRFgTsOL36p
9Tq7fCb5SvQi+TINB4G9Km9u5Jv3/xwhrmC+0ppVD0CwHdiHJzhgKXj+qQtlNH0m
P0A42ibsNW3G38XckOFBMOsNDxRGi8cp5r4CJmnzInKVD+IKU8/w378Zgxt+wvkT
rrhcvhTKgAr0trubUbobeUEfotW8mL8gTA6Bd4m42iYmUOeCWNkth5KvZT+rSqYz
GVwKaVhNwWOXaztC
-----END CERTIFICATE-----
Generated at Sun Jul 20 16:38:22 2025 by rpki-client