Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/5fJ41Ym89U8AGUtYf4TELBrK_hc.roa
File: 5fJ41Ym89U8AGUtYf4TELBrK_hc.roa (raw, json)
Hash identifier: Yo7dQ3YgkOc9JKzntwXdjc6f8PLO594Zf9C8yMrpxc0=
Subject key identifier: E5:F2:78:D5:89:BC:F5:4F:00:19:4B:58:7F:84:C4:2C:1A:CA:FE:17
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 637C
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/5fJ41Ym89U8AGUtYf4TELBrK_hc.roa
Signing time: Fri 23 May 2025 09:13:18 +0000
ROA not before: Fri 23 May 2025 09:13:18 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 24426
IP address blocks: 43.239.48.0/22 maxlen: 22
43.246.0.0/22 maxlen: 22
43.246.4.0/22 maxlen: 22
43.246.12.0/22 maxlen: 22
43.246.16.0/22 maxlen: 22
43.246.20.0/22 maxlen: 22
43.246.24.0/22 maxlen: 22
43.246.28.0/22 maxlen: 22
43.246.32.0/22 maxlen: 22
43.246.36.0/22 maxlen: 22
43.246.40.0/22 maxlen: 22
43.246.44.0/22 maxlen: 22
43.246.52.0/22 maxlen: 22
43.246.56.0/22 maxlen: 22
43.246.60.0/22 maxlen: 22
43.246.64.0/22 maxlen: 22
43.246.68.0/22 maxlen: 22
43.246.72.0/22 maxlen: 22
43.246.76.0/22 maxlen: 22
43.246.80.0/22 maxlen: 22
43.246.84.0/22 maxlen: 22
43.246.88.0/22 maxlen: 22
43.246.92.0/22 maxlen: 22
43.246.96.0/22 maxlen: 22
103.35.48.0/22 maxlen: 22
103.236.0.0/22 maxlen: 22
103.236.4.0/22 maxlen: 22
103.236.8.0/22 maxlen: 22
103.236.12.0/22 maxlen: 22
103.236.16.0/22 maxlen: 22
103.236.20.0/22 maxlen: 22
103.236.28.0/22 maxlen: 22
103.236.32.0/22 maxlen: 22
103.236.36.0/22 maxlen: 22
103.236.40.0/22 maxlen: 22
103.236.44.0/22 maxlen: 22
103.236.48.0/22 maxlen: 22
103.236.52.0/22 maxlen: 22
103.236.56.0/22 maxlen: 22
103.236.60.0/22 maxlen: 22
103.236.64.0/22 maxlen: 22
103.236.68.0/22 maxlen: 22
103.236.72.0/22 maxlen: 22
103.236.76.0/22 maxlen: 22
103.236.80.0/22 maxlen: 22
103.236.84.0/22 maxlen: 22
103.236.88.0/22 maxlen: 22
103.236.92.0/22 maxlen: 22
103.236.96.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 25468 (0x637c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 23 09:13:18 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=E5F278D589BCF54F00194B587F84C42C1ACAFE17
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:86:5f:fc:e3:ae:64:cd:83:f0:7c:81:89:4f:
64:f9:05:8a:5c:bc:cd:bb:16:dc:25:b7:bf:83:a7:
67:0a:b1:b3:73:b3:8b:a8:91:95:91:a5:1f:be:b9:
73:29:1f:ce:3b:c6:55:d3:17:8b:65:bd:dc:17:a0:
6b:d0:2e:d6:32:25:50:77:11:71:a8:92:2f:58:7a:
f2:85:6e:bc:cc:fd:af:fe:a5:7f:31:1b:0a:58:52:
10:14:e9:75:46:7d:ca:21:df:e9:04:36:86:5c:ea:
3e:1e:6b:de:35:b0:db:94:78:9e:2e:67:48:ac:c0:
d3:4b:5d:94:0b:42:75:ed:ee:e1:c1:37:0b:78:54:
79:c0:4f:07:7b:09:82:e6:bb:e7:03:68:6a:96:db:
56:a8:fa:5c:69:c8:75:04:41:cd:c7:77:fe:d2:5d:
97:f6:62:44:15:fa:e9:19:c2:7a:7e:2d:48:02:c7:
6d:f5:ba:a5:21:c0:bf:b0:89:a8:2a:48:4a:d1:c0:
37:2c:88:d8:5f:09:4d:58:2d:5b:dc:82:32:2e:1d:
da:13:5a:fa:b5:89:70:cd:5e:17:b9:ec:3a:89:2f:
49:32:5a:54:ce:96:59:1f:1d:05:07:ea:1e:7e:ab:
52:f6:9d:03:de:2b:29:e7:d3:c6:32:e5:ec:4e:e2:
79:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:F2:78:D5:89:BC:F5:4F:00:19:4B:58:7F:84:C4:2C:1A:CA:FE:17
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/5fJ41Ym89U8AGUtYf4TELBrK_hc.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.48.0/22
43.246.0.0/21
43.246.12.0-43.246.47.255
43.246.52.0-43.246.99.255
103.35.48.0/22
103.236.0.0-103.236.23.255
103.236.28.0-103.236.99.255
Signature Algorithm: sha256WithRSAEncryption
0d:9e:af:12:1f:75:62:36:db:16:4d:a4:13:d7:2d:ee:ba:cd:
6b:9f:84:2c:8d:76:a4:12:31:3f:6e:1a:a6:62:6a:1a:a0:37:
e8:d7:c1:7f:44:af:0e:61:23:ef:5d:81:db:97:48:f3:f2:e7:
6a:13:98:fd:56:a3:84:d8:25:9e:f7:9e:0a:d6:f9:04:49:40:
59:c6:ec:a8:7d:42:ee:f1:37:ad:51:48:ed:23:5a:a6:d7:b9:
8d:3d:65:94:67:5e:47:68:43:98:ae:18:13:21:ea:06:63:c4:
94:93:ea:16:49:a8:b7:be:a8:f5:6a:0f:f7:93:1d:5a:ae:82:
67:c8:5f:4e:6b:3c:f2:26:ef:a7:25:59:4a:0a:a8:e0:4b:e8:
a1:60:66:96:b0:77:d5:9f:2c:cb:15:0f:be:6b:86:f6:bd:f4:
d8:8e:37:4c:c3:59:8f:45:f3:a9:60:db:d6:f0:6b:2f:9b:66:
8b:fd:64:de:c5:22:e1:68:67:5d:ad:55:2b:f9:82:a2:21:a6:
ab:9c:f7:ab:e8:7a:c7:13:21:47:5a:09:51:1a:9d:88:67:bb:
5f:8c:e0:fb:88:06:01:15:d9:be:1a:4e:43:dc:b4:ac:71:1b:
08:67:ab:92:be:2d:78:00:35:9c:47:1f:31:2c:d3:21:90:60:
b6:a8:67:83
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgICY3wwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNTA1MjMw
OTEzMThaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKEU1RjI3OEQ1ODlCQ0Y1
NEYwMDE5NEI1ODdGODRDNDJDMUFDQUZFMTcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC7hl/8465kzYPwfIGJT2T5BYpcvM27Ftwlt7+Dp2cKsbNzs4uo
kZWRpR++uXMpH847xlXTF4tlvdwXoGvQLtYyJVB3EXGoki9YevKFbrzM/a/+pX8x
GwpYUhAU6XVGfcoh3+kENoZc6j4ea941sNuUeJ4uZ0iswNNLXZQLQnXt7uHBNwt4
VHnATwd7CYLmu+cDaGqW21ao+lxpyHUEQc3Hd/7SXZf2YkQV+ukZwnp+LUgCx231
uqUhwL+wiagqSErRwDcsiNhfCU1YLVvcgjIuHdoTWvq1iXDNXhe57DqJL0kyWlTO
llkfHQUH6h5+q1L2nQPeKynn08Yy5exO4nkXAgMBAAGjggI0MIICMDAdBgNVHQ4E
FgQU5fJ41Ym89U8AGUtYf4TELBrK/hcwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzVmSjQxWW04OVU4QUdV
dFlmNFRFTEJyS19oYy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwYgYIKwYBBQUHAQcBAf8EUzBRME8EAgABMEkD
BAIr7zADBAMr9gAwDAMEAiv2DAMEBCv2IDAMAwQCK/Y0AwQCK/ZgAwQCZyMwMAsD
AwJn7AMEA2fsEDAMAwQCZ+wcAwQCZ+xgMA0GCSqGSIb3DQEBCwUAA4IBAQANnq8S
H3ViNtsWTaQT1y3uus1rn4QsjXakEjE/bhqmYmoaoDfo18F/RK8OYSPvXYHbl0jz
8udqE5j9VqOE2CWe954K1vkESUBZxuyofULu8TetUUjtI1qm17mNPWWUZ15HaEOY
rhgTIeoGY8SUk+oWSai3vqj1ag/3kx1aroJnyF9OazzyJu+nJVlKCqjgS+ihYGaW
sHfVnyzLFQ++a4b2vfTYjjdMw1mPRfOpYNvW8Gsvm2aL/WTexSLhaGddrVUr+YKi
IaarnPer6HrHEyFHWglRGp2IZ7tfjOD7iAYBFdm+Gk5D3LSscRsIZ6uSvi14ADWc
Rx8xLNMhkGC2qGeD
-----END CERTIFICATE-----
Generated at Thu Jun 5 19:16:18 2025 by rpki-client