Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/4ZL023xN4MUYMeFSMf3b8G1BxKA.roa
File: 4ZL023xN4MUYMeFSMf3b8G1BxKA.roa (raw, json)
Hash identifier: ENKHJYJufIi/PAlvJVUDH9dci5JyF7iC77voqaYqbK0=
Subject key identifier: E1:92:F4:DB:7C:4D:E0:C5:18:31:E1:52:31:FD:DB:F0:6D:41:C4:A0
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 75EA
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/4ZL023xN4MUYMeFSMf3b8G1BxKA.roa
Signing time: Fri 11 Jul 2025 18:41:41 +0000
ROA not before: Fri 11 Jul 2025 18:41:41 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 24426
IP address blocks: 43.239.48.0/22 maxlen: 22
43.246.0.0/22 maxlen: 22
43.246.4.0/22 maxlen: 22
43.246.12.0/22 maxlen: 22
43.246.16.0/22 maxlen: 22
43.246.20.0/22 maxlen: 22
43.246.24.0/22 maxlen: 22
43.246.28.0/22 maxlen: 22
43.246.32.0/22 maxlen: 22
43.246.36.0/22 maxlen: 22
43.246.40.0/22 maxlen: 22
43.246.44.0/22 maxlen: 22
43.246.52.0/22 maxlen: 22
43.246.56.0/22 maxlen: 22
43.246.60.0/22 maxlen: 22
43.246.64.0/22 maxlen: 22
43.246.68.0/22 maxlen: 22
43.246.72.0/22 maxlen: 22
43.246.76.0/22 maxlen: 22
43.246.80.0/22 maxlen: 22
43.246.84.0/22 maxlen: 22
43.246.88.0/22 maxlen: 22
43.246.92.0/22 maxlen: 22
43.246.96.0/22 maxlen: 22
103.35.48.0/22 maxlen: 22
103.236.0.0/22 maxlen: 22
103.236.4.0/22 maxlen: 22
103.236.8.0/22 maxlen: 22
103.236.12.0/22 maxlen: 22
103.236.16.0/22 maxlen: 22
103.236.20.0/22 maxlen: 22
103.236.28.0/22 maxlen: 22
103.236.32.0/22 maxlen: 22
103.236.36.0/22 maxlen: 22
103.236.40.0/22 maxlen: 22
103.236.44.0/22 maxlen: 22
103.236.48.0/22 maxlen: 22
103.236.52.0/22 maxlen: 22
103.236.56.0/22 maxlen: 22
103.236.60.0/22 maxlen: 22
103.236.64.0/22 maxlen: 22
103.236.68.0/22 maxlen: 22
103.236.72.0/22 maxlen: 22
103.236.76.0/22 maxlen: 22
103.236.80.0/22 maxlen: 22
103.236.84.0/22 maxlen: 22
103.236.88.0/22 maxlen: 22
103.236.92.0/22 maxlen: 22
103.236.96.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 30186 (0x75ea)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Jul 11 18:41:41 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=E192F4DB7C4DE0C51831E15231FDDBF06D41C4A0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:9a:10:88:60:8f:f9:00:28:7e:fb:da:a2:75:
7a:64:ea:d1:3f:ca:2c:64:c9:dd:a4:53:43:7d:c8:
b9:d4:85:65:fb:5c:8c:af:bf:bc:c7:48:1f:c6:f4:
43:5c:14:78:2d:8f:d8:02:c0:c6:8f:13:21:76:10:
1c:2e:e7:7c:33:36:24:2c:ae:13:80:04:0b:70:d9:
71:db:58:45:32:6c:22:be:8d:65:16:35:4e:b0:ef:
56:7e:51:99:59:4a:7e:5f:c8:04:01:f2:eb:81:51:
5f:cd:ab:f3:1e:cc:c6:bf:6a:61:b6:49:f9:a8:c0:
9f:d8:cc:9d:07:13:e2:8a:85:04:ea:60:fb:d1:e0:
c1:49:e7:6c:09:f0:08:f5:f5:fd:db:22:d9:9f:7e:
60:a2:48:ed:78:3e:1b:18:62:48:1c:0c:86:41:d2:
37:32:9d:b4:49:57:05:f3:91:fd:90:7d:8b:84:72:
1c:c8:66:14:4e:6b:50:0e:79:1e:88:f5:75:59:96:
c9:5c:04:f8:24:b1:19:55:b5:81:1e:0c:b9:14:84:
cd:03:c1:ad:f0:60:e1:48:0f:6f:11:36:f9:f4:b3:
83:c0:2d:9f:19:ae:70:b0:5b:88:91:95:d6:85:bc:
e1:2b:b6:f2:70:e6:08:91:63:f4:f2:a7:43:4c:2c:
85:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:92:F4:DB:7C:4D:E0:C5:18:31:E1:52:31:FD:DB:F0:6D:41:C4:A0
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/4ZL023xN4MUYMeFSMf3b8G1BxKA.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.48.0/22
43.246.0.0/21
43.246.12.0-43.246.47.255
43.246.52.0-43.246.99.255
103.35.48.0/22
103.236.0.0-103.236.23.255
103.236.28.0-103.236.99.255
Signature Algorithm: sha256WithRSAEncryption
51:6b:5e:4d:d3:6b:0f:9d:1e:8e:be:e5:e9:bd:e7:93:5c:83:
3e:46:f8:0e:88:9b:98:d1:e4:ff:04:3c:f9:83:2c:d5:5f:b6:
0e:ae:7c:26:d6:68:b6:af:c8:a7:c1:f4:ca:4a:17:3d:95:43:
25:57:05:8a:5e:d0:28:f5:8b:96:5e:d3:94:9d:10:08:89:56:
50:4b:e9:0c:b3:52:11:4e:16:19:11:77:be:42:4b:bc:d5:9e:
60:6a:e9:63:49:7c:d7:1b:89:e8:ff:f3:1e:30:77:e9:89:40:
17:2e:cc:10:35:ad:e3:3e:57:9b:ad:96:0d:a8:ad:c3:49:a7:
de:c9:34:26:3e:6c:f0:5c:71:b7:cd:46:3d:34:84:35:eb:af:
e8:9f:ff:31:15:72:5a:14:08:b4:69:5b:94:82:14:d6:00:c4:
df:c3:53:14:07:b8:d8:38:02:8e:f5:7c:84:51:a1:2b:d6:74:
08:2c:f3:a5:75:7b:f9:88:1d:bd:6f:66:50:80:25:df:af:6b:
c1:ba:95:f8:43:f1:5a:44:b1:a7:63:12:7f:fd:7e:04:41:20:
bc:47:67:cb:41:26:95:68:77:7b:a7:c7:6d:af:90:12:7a:c9:
45:98:ba:b9:69:66:eb:22:4f:06:0a:8f:01:8b:b5:4d:bf:c4:
ba:d1:38:01
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgICdeowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNTA3MTEx
ODQxNDFaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKEUxOTJGNERCN0M0REUw
QzUxODMxRTE1MjMxRkREQkYwNkQ0MUM0QTAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC0mhCIYI/5ACh++9qidXpk6tE/yixkyd2kU0N9yLnUhWX7XIyv
v7zHSB/G9ENcFHgtj9gCwMaPEyF2EBwu53wzNiQsrhOABAtw2XHbWEUybCK+jWUW
NU6w71Z+UZlZSn5fyAQB8uuBUV/Nq/MezMa/amG2SfmowJ/YzJ0HE+KKhQTqYPvR
4MFJ52wJ8Aj19f3bItmffmCiSO14PhsYYkgcDIZB0jcynbRJVwXzkf2QfYuEchzI
ZhROa1AOeR6I9XVZlslcBPgksRlVtYEeDLkUhM0Dwa3wYOFID28RNvn0s4PALZ8Z
rnCwW4iRldaFvOErtvJw5giRY/Typ0NMLIVVAgMBAAGjggI0MIICMDAdBgNVHQ4E
FgQU4ZL023xN4MUYMeFSMf3b8G1BxKAwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzRaTDAyM3hONE1VWU1l
RlNNZjNiOEcxQnhLQS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwYgYIKwYBBQUHAQcBAf8EUzBRME8EAgABMEkD
BAIr7zADBAMr9gAwDAMEAiv2DAMEBCv2IDAMAwQCK/Y0AwQCK/ZgAwQCZyMwMAsD
AwJn7AMEA2fsEDAMAwQCZ+wcAwQCZ+xgMA0GCSqGSIb3DQEBCwUAA4IBAQBRa15N
02sPnR6OvuXpveeTXIM+RvgOiJuY0eT/BDz5gyzVX7YOrnwm1mi2r8inwfTKShc9
lUMlVwWKXtAo9YuWXtOUnRAIiVZQS+kMs1IRThYZEXe+Qku81Z5gauljSXzXG4no
//MeMHfpiUAXLswQNa3jPlebrZYNqK3DSafeyTQmPmzwXHG3zUY9NIQ166/on/8x
FXJaFAi0aVuUghTWAMTfw1MUB7jYOAKO9XyEUaEr1nQILPOldXv5iB29b2ZQgCXf
r2vBupX4Q/FaRLGnYxJ//X4EQSC8R2fLQSaVaHd7p8dtr5ASeslFmLq5aWbrIk8G
Co8Bi7VNv8S60TgB
-----END CERTIFICATE-----
Generated at Sun Jul 20 12:39:22 2025 by rpki-client