Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/4V6tCCZrpKwgQUBJ-hfI3QX6FBw.roa
File: 4V6tCCZrpKwgQUBJ-hfI3QX6FBw.roa (raw, json)
Hash identifier: Z0Xb8z4TJDiigdgRxsqSL0TCMlH8TlRjBO2Ufi5FL84=
Subject key identifier: E1:5E:AD:08:26:6B:A4:AC:20:41:40:49:FA:17:C8:DD:05:FA:14:1C
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 7630
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/4V6tCCZrpKwgQUBJ-hfI3QX6FBw.roa
Signing time: Sat 12 Jul 2025 12:11:37 +0000
ROA not before: Sat 12 Jul 2025 12:11:37 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 24426
IP address blocks: 43.239.48.0/22 maxlen: 22
43.246.0.0/22 maxlen: 22
43.246.4.0/22 maxlen: 22
43.246.12.0/22 maxlen: 22
43.246.16.0/22 maxlen: 22
43.246.20.0/22 maxlen: 22
43.246.24.0/22 maxlen: 22
43.246.28.0/22 maxlen: 22
43.246.32.0/22 maxlen: 22
43.246.36.0/22 maxlen: 22
43.246.40.0/22 maxlen: 22
43.246.44.0/22 maxlen: 22
43.246.52.0/22 maxlen: 22
43.246.56.0/22 maxlen: 22
43.246.60.0/22 maxlen: 22
43.246.64.0/22 maxlen: 22
43.246.68.0/22 maxlen: 22
43.246.72.0/22 maxlen: 22
43.246.76.0/22 maxlen: 22
43.246.80.0/22 maxlen: 22
43.246.84.0/22 maxlen: 22
43.246.88.0/22 maxlen: 22
43.246.92.0/22 maxlen: 22
43.246.96.0/22 maxlen: 22
103.35.48.0/22 maxlen: 22
103.236.0.0/22 maxlen: 22
103.236.4.0/22 maxlen: 22
103.236.8.0/22 maxlen: 22
103.236.12.0/22 maxlen: 22
103.236.16.0/22 maxlen: 22
103.236.20.0/22 maxlen: 22
103.236.28.0/22 maxlen: 22
103.236.32.0/22 maxlen: 22
103.236.36.0/22 maxlen: 22
103.236.40.0/22 maxlen: 22
103.236.44.0/22 maxlen: 22
103.236.48.0/22 maxlen: 22
103.236.52.0/22 maxlen: 22
103.236.56.0/22 maxlen: 22
103.236.60.0/22 maxlen: 22
103.236.64.0/22 maxlen: 22
103.236.68.0/22 maxlen: 22
103.236.72.0/22 maxlen: 22
103.236.76.0/22 maxlen: 22
103.236.80.0/22 maxlen: 22
103.236.84.0/22 maxlen: 22
103.236.88.0/22 maxlen: 22
103.236.92.0/22 maxlen: 22
103.236.96.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 30256 (0x7630)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Jul 12 12:11:37 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=E15EAD08266BA4AC20414049FA17C8DD05FA141C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:85:56:69:b5:28:da:5a:6d:15:3d:f5:0c:24:
8f:87:d8:53:f1:23:4a:3a:68:a8:27:a0:b5:fc:1e:
30:c9:8c:06:80:a2:5b:84:37:8c:45:49:29:23:d8:
f9:f9:65:76:e1:9e:49:23:36:53:f8:45:50:7b:7d:
86:3b:72:2f:5f:d7:1e:9f:d7:ec:75:94:85:e5:dc:
f0:6a:37:cc:e3:21:22:2b:45:ae:2a:37:12:f4:29:
34:68:22:0b:a8:c9:60:8e:80:20:f8:8d:97:6e:7e:
e2:ff:d0:35:a5:2e:55:d4:11:61:21:50:de:85:62:
2b:c5:4f:b8:6b:a5:23:e0:11:60:f0:e0:f4:5c:d1:
fe:47:91:8e:2f:be:64:fa:02:50:15:1a:22:51:f9:
00:44:04:16:a6:4e:fc:89:c7:d4:ab:87:b9:d6:42:
83:ce:dc:6f:44:10:55:1f:1f:05:05:63:20:d2:93:
af:35:0b:24:01:0c:27:1e:6d:ae:8a:6b:92:eb:64:
1a:3e:51:4c:7a:eb:0d:bb:f0:dd:ed:8c:1b:00:3b:
2c:66:9a:99:3c:51:1d:d5:c4:bc:72:a0:67:d7:41:
dd:75:bd:77:4d:aa:d9:c2:01:08:73:c3:73:4f:66:
27:12:f1:e3:7a:bc:d7:3f:b4:73:43:f6:a5:80:9f:
fd:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:5E:AD:08:26:6B:A4:AC:20:41:40:49:FA:17:C8:DD:05:FA:14:1C
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/4V6tCCZrpKwgQUBJ-hfI3QX6FBw.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.48.0/22
43.246.0.0/21
43.246.12.0-43.246.47.255
43.246.52.0-43.246.99.255
103.35.48.0/22
103.236.0.0-103.236.23.255
103.236.28.0-103.236.99.255
Signature Algorithm: sha256WithRSAEncryption
59:e8:9d:e3:48:18:21:62:80:12:41:c0:82:99:b0:38:93:3d:
87:a2:62:2c:3e:9f:d4:63:c1:f6:eb:4a:06:e2:58:64:d6:24:
ef:a1:2c:bf:ba:a1:15:e6:f6:30:c3:03:40:8e:6d:f8:da:1f:
6d:69:a5:7f:e1:01:d2:9b:c0:99:9a:00:68:e1:45:f3:50:9e:
17:88:4d:c9:9d:1a:24:e1:74:ce:98:fb:ac:06:38:7d:e7:48:
5c:77:12:ea:cb:15:44:eb:60:df:06:06:e5:00:7b:c8:ed:8b:
18:2f:0a:f0:40:55:78:1f:a1:92:f8:4d:08:6f:b9:80:eb:70:
41:77:29:64:25:c6:fc:fd:ea:f1:77:ab:30:47:a9:00:a9:b0:
fd:06:0d:1e:ae:af:1e:16:91:2e:48:96:e1:2e:5a:04:85:b0:
96:16:81:f4:c5:34:a1:88:1c:39:59:06:07:f7:70:63:33:e8:
8a:42:a6:49:91:29:80:dc:24:ce:e4:54:cd:f0:a4:79:8c:65:
65:29:b0:3a:f3:e3:66:de:8f:80:d0:9e:69:57:9c:42:6c:42:
21:f4:1a:b3:e4:cf:ba:8f:28:fe:54:df:60:07:21:3e:b7:62:
d6:31:9a:b1:41:83:ce:86:de:0d:05:1d:6c:89:cf:ad:d7:03:
ce:5a:b6:5a
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgICdjAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNTA3MTIx
MjExMzdaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKEUxNUVBRDA4MjY2QkE0
QUMyMDQxNDA0OUZBMTdDOEREMDVGQTE0MUMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDJhVZptSjaWm0VPfUMJI+H2FPxI0o6aKgnoLX8HjDJjAaAoluE
N4xFSSkj2Pn5ZXbhnkkjNlP4RVB7fYY7ci9f1x6f1+x1lIXl3PBqN8zjISIrRa4q
NxL0KTRoIguoyWCOgCD4jZdufuL/0DWlLlXUEWEhUN6FYivFT7hrpSPgEWDw4PRc
0f5HkY4vvmT6AlAVGiJR+QBEBBamTvyJx9Srh7nWQoPO3G9EEFUfHwUFYyDSk681
CyQBDCceba6Ka5LrZBo+UUx66w278N3tjBsAOyxmmpk8UR3VxLxyoGfXQd11vXdN
qtnCAQhzw3NPZicS8eN6vNc/tHND9qWAn/2HAgMBAAGjggI0MIICMDAdBgNVHQ4E
FgQU4V6tCCZrpKwgQUBJ+hfI3QX6FBwwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzRWNnRDQ1pycEt3Z1FV
QkotaGZJM1FYNkZCdy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwYgYIKwYBBQUHAQcBAf8EUzBRME8EAgABMEkD
BAIr7zADBAMr9gAwDAMEAiv2DAMEBCv2IDAMAwQCK/Y0AwQCK/ZgAwQCZyMwMAsD
AwJn7AMEA2fsEDAMAwQCZ+wcAwQCZ+xgMA0GCSqGSIb3DQEBCwUAA4IBAQBZ6J3j
SBghYoASQcCCmbA4kz2HomIsPp/UY8H260oG4lhk1iTvoSy/uqEV5vYwwwNAjm34
2h9taaV/4QHSm8CZmgBo4UXzUJ4XiE3JnRok4XTOmPusBjh950hcdxLqyxVE62Df
BgblAHvI7YsYLwrwQFV4H6GS+E0Ib7mA63BBdylkJcb8/erxd6swR6kAqbD9Bg0e
rq8eFpEuSJbhLloEhbCWFoH0xTShiBw5WQYH93BjM+iKQqZJkSmA3CTO5FTN8KR5
jGVlKbA68+Nm3o+A0J5pV5xCbEIh9Bqz5M+6jyj+VN9gByE+t2LWMZqxQYPOht4N
BR1sic+t1wPOWrZa
-----END CERTIFICATE-----
Generated at Sun Jul 20 12:34:56 2025 by rpki-client