Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/4R5jE54rdvLw1Y-B4pwKaeqq7S4.roa
File: 4R5jE54rdvLw1Y-B4pwKaeqq7S4.roa (raw, json)
Hash identifier: hokBhN9pbpMS5m4Ag1ZLSqiXNY4KE6v6nEbcCEgD2Hs=
Subject key identifier: E1:1E:63:13:9E:2B:76:F2:F0:D5:8F:81:E2:9C:0A:69:EA:AA:ED:2E
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 6C9A
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/4R5jE54rdvLw1Y-B4pwKaeqq7S4.roa
Signing time: Mon 16 Jun 2025 16:57:30 +0000
ROA not before: Mon 16 Jun 2025 16:57:30 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 24426
IP address blocks: 43.239.48.0/22 maxlen: 22
43.246.0.0/22 maxlen: 22
43.246.4.0/22 maxlen: 22
43.246.12.0/22 maxlen: 22
43.246.16.0/22 maxlen: 22
43.246.20.0/22 maxlen: 22
43.246.24.0/22 maxlen: 22
43.246.28.0/22 maxlen: 22
43.246.32.0/22 maxlen: 22
43.246.36.0/22 maxlen: 22
43.246.40.0/22 maxlen: 22
43.246.44.0/22 maxlen: 22
43.246.52.0/22 maxlen: 22
43.246.56.0/22 maxlen: 22
43.246.60.0/22 maxlen: 22
43.246.64.0/22 maxlen: 22
43.246.68.0/22 maxlen: 22
43.246.72.0/22 maxlen: 22
43.246.76.0/22 maxlen: 22
43.246.80.0/22 maxlen: 22
43.246.84.0/22 maxlen: 22
43.246.88.0/22 maxlen: 22
43.246.92.0/22 maxlen: 22
43.246.96.0/22 maxlen: 22
103.35.48.0/22 maxlen: 22
103.236.0.0/22 maxlen: 22
103.236.4.0/22 maxlen: 22
103.236.8.0/22 maxlen: 22
103.236.12.0/22 maxlen: 22
103.236.16.0/22 maxlen: 22
103.236.20.0/22 maxlen: 22
103.236.28.0/22 maxlen: 22
103.236.32.0/22 maxlen: 22
103.236.36.0/22 maxlen: 22
103.236.40.0/22 maxlen: 22
103.236.44.0/22 maxlen: 22
103.236.48.0/22 maxlen: 22
103.236.52.0/22 maxlen: 22
103.236.56.0/22 maxlen: 22
103.236.60.0/22 maxlen: 22
103.236.64.0/22 maxlen: 22
103.236.68.0/22 maxlen: 22
103.236.72.0/22 maxlen: 22
103.236.76.0/22 maxlen: 22
103.236.80.0/22 maxlen: 22
103.236.84.0/22 maxlen: 22
103.236.88.0/22 maxlen: 22
103.236.92.0/22 maxlen: 22
103.236.96.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 27802 (0x6c9a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Jun 16 16:57:30 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=E11E63139E2B76F2F0D58F81E29C0A69EAAAED2E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:7a:60:3a:52:bd:1b:5b:84:cc:92:f1:13:6c:
b9:94:93:64:5a:58:e5:24:f9:5c:ab:7b:97:6a:2b:
04:ef:18:4a:b0:38:f1:5e:1b:d1:44:71:36:1c:1e:
8c:a6:3c:72:56:a9:22:43:36:d6:26:21:4f:6b:0e:
53:7e:2f:a4:27:2c:01:2b:cb:87:1b:b0:67:29:5c:
f7:68:99:0e:6d:cb:20:a9:d3:11:5b:a6:94:c3:a6:
5d:b8:6c:10:19:48:77:4e:b0:5a:db:dd:a7:53:27:
8f:81:27:a4:8a:00:8f:b9:a6:d1:08:64:15:1d:4f:
69:d7:5d:6a:0b:dc:2f:1c:f3:4e:65:ba:46:0e:d3:
01:3a:bb:1d:1d:ff:cb:b6:24:26:26:4b:bb:d7:a2:
c8:6b:b2:a9:11:30:05:49:04:aa:32:c8:9a:38:16:
bf:73:1f:51:63:56:00:a8:4d:8e:e4:ca:89:b0:16:
01:03:13:b9:a3:91:f4:31:ce:e3:04:23:57:64:71:
2e:cc:5c:4c:64:02:ce:28:20:27:07:f7:30:4c:53:
d2:85:4e:6d:fe:07:6a:19:83:7d:e4:62:cf:c5:32:
aa:6e:3d:0a:2b:19:89:e8:b5:dc:60:80:52:d9:9d:
5d:9c:34:84:97:25:bb:56:02:ba:35:9c:76:22:e1:
3f:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:1E:63:13:9E:2B:76:F2:F0:D5:8F:81:E2:9C:0A:69:EA:AA:ED:2E
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/4R5jE54rdvLw1Y-B4pwKaeqq7S4.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.48.0/22
43.246.0.0/21
43.246.12.0-43.246.47.255
43.246.52.0-43.246.99.255
103.35.48.0/22
103.236.0.0-103.236.23.255
103.236.28.0-103.236.99.255
Signature Algorithm: sha256WithRSAEncryption
97:19:1d:0b:e6:62:f3:03:25:88:02:cd:d3:97:40:b7:0b:d9:
18:38:ad:40:8e:ce:91:67:02:6f:62:ee:8d:45:30:48:26:02:
c7:e7:6d:1b:35:5c:a0:a9:8d:c6:7f:92:12:01:b7:d2:39:6d:
a5:e1:3a:3b:66:1d:4d:80:55:ad:eb:70:88:4f:01:80:66:cb:
1f:b5:54:a4:55:d4:62:09:ab:11:b6:a8:bd:13:17:0e:cd:ea:
4c:49:b4:ba:29:ff:a1:bc:53:3e:64:a3:66:e8:7f:15:34:fd:
56:84:bb:2a:0e:c8:6d:57:d8:0d:e2:23:66:9e:f3:1f:f5:78:
fc:1f:26:f3:3f:ac:22:87:5d:43:3d:cd:cd:6b:c3:93:21:de:
3b:dd:1c:62:c9:30:0f:c5:95:cb:51:46:e9:65:06:0b:ce:f8:
35:a4:94:6c:50:98:94:d5:d9:e0:28:98:ae:a5:f5:07:c6:02:
94:8f:c9:cb:5b:9e:a6:b2:20:e1:7f:85:a3:51:f9:89:14:1e:
9c:38:75:50:0a:6c:44:bb:ad:a5:31:71:ec:2f:47:3d:21:cb:
cb:66:1e:7c:76:e2:c0:2b:6a:36:81:18:41:25:04:98:1b:74:
5c:57:8d:f8:c2:01:d4:df:b5:17:36:2e:0b:55:3b:68:62:40:
73:5a:9c:81
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgICbJowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNTA2MTYx
NjU3MzBaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKEUxMUU2MzEzOUUyQjc2
RjJGMEQ1OEY4MUUyOUMwQTY5RUFBQUVEMkUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC3emA6Ur0bW4TMkvETbLmUk2RaWOUk+Vyre5dqKwTvGEqwOPFe
G9FEcTYcHoymPHJWqSJDNtYmIU9rDlN+L6QnLAEry4cbsGcpXPdomQ5tyyCp0xFb
ppTDpl24bBAZSHdOsFrb3adTJ4+BJ6SKAI+5ptEIZBUdT2nXXWoL3C8c805lukYO
0wE6ux0d/8u2JCYmS7vXoshrsqkRMAVJBKoyyJo4Fr9zH1FjVgCoTY7kyomwFgED
E7mjkfQxzuMEI1dkcS7MXExkAs4oICcH9zBMU9KFTm3+B2oZg33kYs/FMqpuPQor
GYnotdxggFLZnV2cNISXJbtWAro1nHYi4T95AgMBAAGjggI0MIICMDAdBgNVHQ4E
FgQU4R5jE54rdvLw1Y+B4pwKaeqq7S4wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzRSNWpFNTRyZHZMdzFZ
LUI0cHdLYWVxcTdTNC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwYgYIKwYBBQUHAQcBAf8EUzBRME8EAgABMEkD
BAIr7zADBAMr9gAwDAMEAiv2DAMEBCv2IDAMAwQCK/Y0AwQCK/ZgAwQCZyMwMAsD
AwJn7AMEA2fsEDAMAwQCZ+wcAwQCZ+xgMA0GCSqGSIb3DQEBCwUAA4IBAQCXGR0L
5mLzAyWIAs3Tl0C3C9kYOK1Ajs6RZwJvYu6NRTBIJgLH520bNVygqY3Gf5ISAbfS
OW2l4To7Zh1NgFWt63CITwGAZssftVSkVdRiCasRtqi9ExcOzepMSbS6Kf+hvFM+
ZKNm6H8VNP1WhLsqDshtV9gN4iNmnvMf9Xj8HybzP6wih11DPc3Na8OTId473Rxi
yTAPxZXLUUbpZQYLzvg1pJRsUJiU1dngKJiupfUHxgKUj8nLW56msiDhf4WjUfmJ
FB6cOHVQCmxEu62lMXHsL0c9IcvLZh58duLAK2o2gRhBJQSYG3RcV434wgHU37UX
Ni4LVTtoYkBzWpyB
-----END CERTIFICATE-----
Generated at Sun Jul 20 12:51:37 2025 by rpki-client