Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/4PL3naHwin7sRaXuuTn2BGMEOfM.roa
File: 4PL3naHwin7sRaXuuTn2BGMEOfM.roa (raw, json)
Hash identifier: SXVEdNZ86rAsXJ82GbTzxrLMb89NemPiCRg4+bHSzxs=
Subject key identifier: E0:F2:F7:9D:A1:F0:8A:7E:EC:45:A5:EE:B9:39:F6:04:63:04:39:F3
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 7642
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/4PL3naHwin7sRaXuuTn2BGMEOfM.roa
Signing time: Sat 12 Jul 2025 16:41:41 +0000
ROA not before: Sat 12 Jul 2025 16:41:41 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 24426
IP address blocks: 43.239.48.0/22 maxlen: 22
43.246.0.0/22 maxlen: 22
43.246.4.0/22 maxlen: 22
43.246.12.0/22 maxlen: 22
43.246.16.0/22 maxlen: 22
43.246.20.0/22 maxlen: 22
43.246.24.0/22 maxlen: 22
43.246.28.0/22 maxlen: 22
43.246.32.0/22 maxlen: 22
43.246.36.0/22 maxlen: 22
43.246.40.0/22 maxlen: 22
43.246.44.0/22 maxlen: 22
43.246.52.0/22 maxlen: 22
43.246.56.0/22 maxlen: 22
43.246.60.0/22 maxlen: 22
43.246.64.0/22 maxlen: 22
43.246.68.0/22 maxlen: 22
43.246.72.0/22 maxlen: 22
43.246.76.0/22 maxlen: 22
43.246.80.0/22 maxlen: 22
43.246.84.0/22 maxlen: 22
43.246.88.0/22 maxlen: 22
43.246.92.0/22 maxlen: 22
43.246.96.0/22 maxlen: 22
103.35.48.0/22 maxlen: 22
103.236.0.0/22 maxlen: 22
103.236.4.0/22 maxlen: 22
103.236.8.0/22 maxlen: 22
103.236.12.0/22 maxlen: 22
103.236.16.0/22 maxlen: 22
103.236.20.0/22 maxlen: 22
103.236.28.0/22 maxlen: 22
103.236.32.0/22 maxlen: 22
103.236.36.0/22 maxlen: 22
103.236.40.0/22 maxlen: 22
103.236.44.0/22 maxlen: 22
103.236.48.0/22 maxlen: 22
103.236.52.0/22 maxlen: 22
103.236.56.0/22 maxlen: 22
103.236.60.0/22 maxlen: 22
103.236.64.0/22 maxlen: 22
103.236.68.0/22 maxlen: 22
103.236.72.0/22 maxlen: 22
103.236.76.0/22 maxlen: 22
103.236.80.0/22 maxlen: 22
103.236.84.0/22 maxlen: 22
103.236.88.0/22 maxlen: 22
103.236.92.0/22 maxlen: 22
103.236.96.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 30274 (0x7642)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Jul 12 16:41:41 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=E0F2F79DA1F08A7EEC45A5EEB939F604630439F3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:66:7b:a4:84:ee:2a:d5:90:0e:ab:5d:4d:0a:
3e:86:72:f4:ae:ca:c7:52:f5:1f:05:27:10:b9:a5:
29:b0:6b:b2:4f:e0:55:18:9b:fd:79:4b:7d:79:96:
f9:df:d7:c1:67:99:38:6a:be:f2:0b:e1:2e:b7:7e:
a2:15:08:37:76:5e:2f:f4:09:cc:2a:b7:e7:ea:28:
39:d3:73:97:51:b8:b2:b8:4f:50:da:c3:db:25:78:
20:87:25:79:c8:42:a2:39:72:3f:4a:63:52:1a:55:
83:43:7d:de:4f:dc:10:46:c0:ab:65:ec:02:69:66:
b0:a5:4d:a6:5f:d4:7b:a8:4e:0f:98:fe:d9:76:21:
1b:a9:3d:34:80:d1:f6:56:d5:34:b3:64:8a:40:14:
09:f7:42:a2:49:99:d0:c3:6c:26:54:f2:57:e9:f9:
f6:bc:0b:d7:51:cd:bb:33:a6:28:5d:1f:ee:08:bf:
84:07:1f:c9:02:2f:3d:04:04:9e:66:ea:fc:b7:b9:
07:26:da:58:b4:c8:44:c1:53:75:38:55:db:01:e4:
1b:9e:23:fd:de:fb:86:fc:4b:0b:99:2c:0d:31:2d:
45:c8:43:59:7c:f5:51:9e:8a:12:85:ac:43:33:de:
02:53:20:23:2e:e6:5d:e6:ca:d5:ef:ac:da:4a:cf:
d4:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:F2:F7:9D:A1:F0:8A:7E:EC:45:A5:EE:B9:39:F6:04:63:04:39:F3
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/4PL3naHwin7sRaXuuTn2BGMEOfM.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.48.0/22
43.246.0.0/21
43.246.12.0-43.246.47.255
43.246.52.0-43.246.99.255
103.35.48.0/22
103.236.0.0-103.236.23.255
103.236.28.0-103.236.99.255
Signature Algorithm: sha256WithRSAEncryption
29:49:70:38:f1:9f:81:71:6c:e3:06:d4:17:66:e9:24:eb:05:
bd:ed:3e:ea:a6:bb:df:54:c1:6d:5a:59:b4:5c:bf:a1:9b:c6:
f5:bd:8a:15:6d:06:ee:74:14:c1:38:40:11:b3:ba:54:aa:d8:
56:79:c6:d9:91:ff:f4:ca:77:06:53:46:7f:72:8d:03:e4:04:
2f:5e:4e:e3:d1:cc:6d:b3:8c:f3:8b:c7:ae:44:5c:13:07:cb:
84:20:ed:7f:f8:20:f8:13:2c:85:ec:da:cc:d8:dd:b7:19:2b:
7b:bd:67:bd:e4:c5:67:ed:a8:46:94:7c:c1:d2:88:b6:60:19:
33:95:9a:c1:b0:46:26:9c:a6:9a:df:82:ee:39:e8:0c:fd:43:
b8:d2:83:27:d7:80:8e:56:0c:69:e6:11:31:29:d8:85:e6:87:
bb:f6:dc:47:6d:2a:ca:cb:96:50:02:16:63:54:d0:01:3f:75:
04:3f:78:f9:cf:99:b4:33:8c:d5:81:a6:3d:e6:df:11:b4:ce:
00:6e:d2:ed:5f:21:7b:ca:11:60:78:6e:8a:1b:ee:89:69:40:
27:28:07:39:dd:2e:c2:93:45:a1:38:9c:e1:d9:05:a5:bd:a3:
1e:6b:4f:ef:9d:11:a3:c2:92:ea:b7:31:0f:0c:54:6f:3f:ab:
d7:f5:d9:2d
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgICdkIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNTA3MTIx
NjQxNDFaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKEUwRjJGNzlEQTFGMDhB
N0VFQzQ1QTVFRUI5MzlGNjA0NjMwNDM5RjMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDfZnukhO4q1ZAOq11NCj6GcvSuysdS9R8FJxC5pSmwa7JP4FUY
m/15S315lvnf18FnmThqvvIL4S63fqIVCDd2Xi/0Ccwqt+fqKDnTc5dRuLK4T1Da
w9sleCCHJXnIQqI5cj9KY1IaVYNDfd5P3BBGwKtl7AJpZrClTaZf1HuoTg+Y/tl2
IRupPTSA0fZW1TSzZIpAFAn3QqJJmdDDbCZU8lfp+fa8C9dRzbszpihdH+4Iv4QH
H8kCLz0EBJ5m6vy3uQcm2li0yETBU3U4VdsB5BueI/3e+4b8SwuZLA0xLUXIQ1l8
9VGeihKFrEMz3gJTICMu5l3mytXvrNpKz9RlAgMBAAGjggI0MIICMDAdBgNVHQ4E
FgQU4PL3naHwin7sRaXuuTn2BGMEOfMwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzRQTDNuYUh3aW43c1Jh
WHV1VG4yQkdNRU9mTS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwYgYIKwYBBQUHAQcBAf8EUzBRME8EAgABMEkD
BAIr7zADBAMr9gAwDAMEAiv2DAMEBCv2IDAMAwQCK/Y0AwQCK/ZgAwQCZyMwMAsD
AwJn7AMEA2fsEDAMAwQCZ+wcAwQCZ+xgMA0GCSqGSIb3DQEBCwUAA4IBAQApSXA4
8Z+BcWzjBtQXZukk6wW97T7qprvfVMFtWlm0XL+hm8b1vYoVbQbudBTBOEARs7pU
qthWecbZkf/0yncGU0Z/co0D5AQvXk7j0cxts4zzi8euRFwTB8uEIO1/+CD4EyyF
7NrM2N23GSt7vWe95MVn7ahGlHzB0oi2YBkzlZrBsEYmnKaa34LuOegM/UO40oMn
14COVgxp5hExKdiF5oe79txHbSrKy5ZQAhZjVNABP3UEP3j5z5m0M4zVgaY95t8R
tM4AbtLtXyF7yhFgeG6KG+6JaUAnKAc53S7Ck0WhOJzh2QWlvaMea0/vnRGjwpLq
tzEPDFRvP6vX9dkt
-----END CERTIFICATE-----
Generated at Sun Jul 20 12:57:35 2025 by rpki-client