Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/5dS-MiF3gsfzmCT7Z7dvI-FGr6Y.roa
File: 5dS-MiF3gsfzmCT7Z7dvI-FGr6Y.roa (raw, json)
Hash identifier: pYjYA72Ufjihx37NS06ZN96g5acKa8gBubbjo7WWAWo=
Subject key identifier: E5:D4:BE:32:21:77:82:C7:F3:98:24:FB:67:B7:6F:23:E1:46:AF:A6
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 6D66
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/5dS-MiF3gsfzmCT7Z7dvI-FGr6Y.roa
Signing time: Wed 18 Jun 2025 22:46:57 +0000
ROA not before: Wed 18 Jun 2025 22:46:57 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 24426
IP address blocks: 43.239.48.0/22 maxlen: 22
43.246.0.0/22 maxlen: 22
43.246.4.0/22 maxlen: 22
43.246.12.0/22 maxlen: 22
43.246.16.0/22 maxlen: 22
43.246.20.0/22 maxlen: 22
43.246.24.0/22 maxlen: 22
43.246.28.0/22 maxlen: 22
43.246.32.0/22 maxlen: 22
43.246.36.0/22 maxlen: 22
43.246.40.0/22 maxlen: 22
43.246.44.0/22 maxlen: 22
43.246.52.0/22 maxlen: 22
43.246.56.0/22 maxlen: 22
43.246.60.0/22 maxlen: 22
43.246.64.0/22 maxlen: 22
43.246.68.0/22 maxlen: 22
43.246.72.0/22 maxlen: 22
43.246.76.0/22 maxlen: 22
43.246.80.0/22 maxlen: 22
43.246.84.0/22 maxlen: 22
43.246.88.0/22 maxlen: 22
43.246.92.0/22 maxlen: 22
43.246.96.0/22 maxlen: 22
103.35.48.0/22 maxlen: 22
103.236.0.0/22 maxlen: 22
103.236.4.0/22 maxlen: 22
103.236.8.0/22 maxlen: 22
103.236.12.0/22 maxlen: 22
103.236.16.0/22 maxlen: 22
103.236.20.0/22 maxlen: 22
103.236.28.0/22 maxlen: 22
103.236.32.0/22 maxlen: 22
103.236.36.0/22 maxlen: 22
103.236.40.0/22 maxlen: 22
103.236.44.0/22 maxlen: 22
103.236.48.0/22 maxlen: 22
103.236.52.0/22 maxlen: 22
103.236.56.0/22 maxlen: 22
103.236.60.0/22 maxlen: 22
103.236.64.0/22 maxlen: 22
103.236.68.0/22 maxlen: 22
103.236.72.0/22 maxlen: 22
103.236.76.0/22 maxlen: 22
103.236.80.0/22 maxlen: 22
103.236.84.0/22 maxlen: 22
103.236.88.0/22 maxlen: 22
103.236.92.0/22 maxlen: 22
103.236.96.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 28006 (0x6d66)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Jun 18 22:46:57 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=E5D4BE32217782C7F39824FB67B76F23E146AFA6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:28:04:7f:88:9b:0f:81:67:55:9c:6e:d5:49:
90:4b:72:d6:ec:e1:3b:01:04:6d:0b:10:5b:38:48:
d0:3f:52:77:9b:91:1d:b7:c3:90:2c:56:de:01:f3:
cf:c5:00:2c:a9:12:e7:5f:43:88:db:81:bb:fa:0e:
55:48:69:69:76:89:3b:e9:eb:92:73:d3:3c:f0:49:
44:92:e3:13:a8:d3:14:5b:6f:7f:f9:60:97:78:e7:
66:fe:4c:58:3c:ca:15:00:34:8a:44:70:67:0b:aa:
6e:8d:6f:c6:b6:69:22:0f:fe:0a:25:8d:3b:3e:92:
1a:07:0b:56:1d:29:bf:be:48:c0:c7:fc:b1:f6:ec:
65:9b:97:27:5c:80:0b:77:15:ab:37:cc:1d:90:29:
02:63:54:19:d6:73:1e:54:72:e4:2b:d6:32:e3:d7:
2c:22:e1:26:f7:74:e4:f2:c3:dc:eb:2e:1f:a1:69:
95:d6:39:d4:ca:29:53:16:15:70:13:6f:87:da:41:
c4:37:55:7a:95:b0:fe:98:eb:79:8b:ae:2a:91:56:
2b:18:f6:f2:f6:73:bb:b6:be:35:d7:84:0b:49:bb:
67:bf:3e:e8:82:04:0f:2e:15:1d:57:84:36:d8:29:
2c:62:2e:c8:04:7e:3c:23:8d:80:e6:ee:71:4d:37:
51:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:D4:BE:32:21:77:82:C7:F3:98:24:FB:67:B7:6F:23:E1:46:AF:A6
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/5dS-MiF3gsfzmCT7Z7dvI-FGr6Y.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.48.0/22
43.246.0.0/21
43.246.12.0-43.246.47.255
43.246.52.0-43.246.99.255
103.35.48.0/22
103.236.0.0-103.236.23.255
103.236.28.0-103.236.99.255
Signature Algorithm: sha256WithRSAEncryption
53:b5:cb:72:51:5a:0d:17:cf:fb:1d:d8:46:98:92:4e:d5:96:
fe:ee:79:60:4f:96:37:d4:50:72:a8:a4:0a:0b:ff:d1:ae:90:
2e:63:ba:f5:f0:b2:60:02:29:10:23:12:60:1f:75:78:7a:df:
8e:0d:7d:b0:13:75:06:ca:b7:c5:4a:c8:d9:00:1a:74:de:63:
84:56:db:e5:2f:e2:b9:fb:82:9c:6c:e7:61:84:d2:de:06:93:
11:4e:d2:78:2d:0e:c7:95:0c:52:e0:1f:6b:0d:9c:bb:c6:9a:
c2:f3:dc:e0:ee:fd:b1:d3:4e:3d:40:c8:e9:83:98:b0:9b:7c:
08:24:35:30:d3:95:ae:c1:d9:1f:ad:76:ca:29:2d:bd:a4:9d:
76:25:31:48:ff:06:d4:d5:f1:13:37:4e:ec:06:26:93:09:09:
87:6e:9f:dc:15:14:ec:7b:d1:82:eb:68:cb:11:68:ec:cb:82:
e7:e5:67:19:45:25:f3:5e:e7:75:66:ed:53:b0:c6:e9:99:4f:
2e:38:8e:58:7d:d0:64:a0:26:f7:30:d0:3e:49:d7:61:f8:f5:
9e:c6:14:17:aa:62:0c:cb:17:0e:e6:44:78:72:35:2b:af:b6:
21:76:7c:db:15:8c:75:0a:fb:56:14:73:94:08:5b:ed:f2:b7:
ee:ad:bd:7c
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgICbWYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNTA2MTgy
MjQ2NTdaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKEU1RDRCRTMyMjE3Nzgy
QzdGMzk4MjRGQjY3Qjc2RjIzRTE0NkFGQTYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDkKAR/iJsPgWdVnG7VSZBLctbs4TsBBG0LEFs4SNA/UnebkR23
w5AsVt4B88/FACypEudfQ4jbgbv6DlVIaWl2iTvp65Jz0zzwSUSS4xOo0xRbb3/5
YJd452b+TFg8yhUANIpEcGcLqm6Nb8a2aSIP/goljTs+khoHC1YdKb++SMDH/LH2
7GWblydcgAt3Fas3zB2QKQJjVBnWcx5UcuQr1jLj1ywi4Sb3dOTyw9zrLh+haZXW
OdTKKVMWFXATb4faQcQ3VXqVsP6Y63mLriqRVisY9vL2c7u2vjXXhAtJu2e/PuiC
BA8uFR1XhDbYKSxiLsgEfjwjjYDm7nFNN1G5AgMBAAGjggI0MIICMDAdBgNVHQ4E
FgQU5dS+MiF3gsfzmCT7Z7dvI+FGr6YwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzVkUy1NaUYzZ3Nmem1D
VDdaN2R2SS1GR3I2WS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwYgYIKwYBBQUHAQcBAf8EUzBRME8EAgABMEkD
BAIr7zADBAMr9gAwDAMEAiv2DAMEBCv2IDAMAwQCK/Y0AwQCK/ZgAwQCZyMwMAsD
AwJn7AMEA2fsEDAMAwQCZ+wcAwQCZ+xgMA0GCSqGSIb3DQEBCwUAA4IBAQBTtcty
UVoNF8/7HdhGmJJO1Zb+7nlgT5Y31FByqKQKC//RrpAuY7r18LJgAikQIxJgH3V4
et+ODX2wE3UGyrfFSsjZABp03mOEVtvlL+K5+4KcbOdhhNLeBpMRTtJ4LQ7HlQxS
4B9rDZy7xprC89zg7v2x0049QMjpg5iwm3wIJDUw05WuwdkfrXbKKS29pJ12JTFI
/wbU1fETN07sBiaTCQmHbp/cFRTse9GC62jLEWjsy4Ln5WcZRSXzXud1Zu1TsMbp
mU8uOI5YfdBkoCb3MNA+Sddh+PWexhQXqmIMyxcO5kR4cjUrr7YhdnzbFYx1CvtW
FHOUCFvt8rfurb18
-----END CERTIFICATE-----
Generated at Sun Jul 20 12:51:45 2025 by rpki-client