Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/5p8j25VozusRH95VYhj9CygACaU.roa
File: 5p8j25VozusRH95VYhj9CygACaU.roa (raw, json)
Hash identifier: S57pf25RAjXZoxhh+hMhZDCi2nZA10HfkFBeUkn4gWs=
Subject key identifier: E6:9F:23:DB:95:68:CE:EB:11:1F:DE:55:62:18:FD:0B:28:00:09:A5
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 6E44
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/5p8j25VozusRH95VYhj9CygACaU.roa
Signing time: Sat 21 Jun 2025 14:44:05 +0000
ROA not before: Sat 21 Jun 2025 14:44:05 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 24426
IP address blocks: 43.239.48.0/22 maxlen: 22
43.246.0.0/22 maxlen: 22
43.246.4.0/22 maxlen: 22
43.246.12.0/22 maxlen: 22
43.246.16.0/22 maxlen: 22
43.246.20.0/22 maxlen: 22
43.246.24.0/22 maxlen: 22
43.246.28.0/22 maxlen: 22
43.246.32.0/22 maxlen: 22
43.246.36.0/22 maxlen: 22
43.246.40.0/22 maxlen: 22
43.246.44.0/22 maxlen: 22
43.246.52.0/22 maxlen: 22
43.246.56.0/22 maxlen: 22
43.246.60.0/22 maxlen: 22
43.246.64.0/22 maxlen: 22
43.246.68.0/22 maxlen: 22
43.246.72.0/22 maxlen: 22
43.246.76.0/22 maxlen: 22
43.246.80.0/22 maxlen: 22
43.246.84.0/22 maxlen: 22
43.246.88.0/22 maxlen: 22
43.246.92.0/22 maxlen: 22
43.246.96.0/22 maxlen: 22
103.35.48.0/22 maxlen: 22
103.236.0.0/22 maxlen: 22
103.236.4.0/22 maxlen: 22
103.236.8.0/22 maxlen: 22
103.236.12.0/22 maxlen: 22
103.236.16.0/22 maxlen: 22
103.236.20.0/22 maxlen: 22
103.236.28.0/22 maxlen: 22
103.236.32.0/22 maxlen: 22
103.236.36.0/22 maxlen: 22
103.236.40.0/22 maxlen: 22
103.236.44.0/22 maxlen: 22
103.236.48.0/22 maxlen: 22
103.236.52.0/22 maxlen: 22
103.236.56.0/22 maxlen: 22
103.236.60.0/22 maxlen: 22
103.236.64.0/22 maxlen: 22
103.236.68.0/22 maxlen: 22
103.236.72.0/22 maxlen: 22
103.236.76.0/22 maxlen: 22
103.236.80.0/22 maxlen: 22
103.236.84.0/22 maxlen: 22
103.236.88.0/22 maxlen: 22
103.236.92.0/22 maxlen: 22
103.236.96.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 28228 (0x6e44)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Jun 21 14:44:05 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=E69F23DB9568CEEB111FDE556218FD0B280009A5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:3d:75:98:e9:a3:ab:cf:28:14:62:2c:39:47:
af:20:cc:ee:a6:6d:e9:a1:54:84:83:8c:4a:cf:c0:
2c:04:c7:92:7a:97:80:56:7c:05:54:71:04:3a:78:
2f:3c:40:f3:53:70:25:21:8b:85:24:11:eb:62:00:
af:d6:49:68:4a:ca:03:10:d8:a9:ff:9e:71:be:10:
47:69:91:ef:7a:6e:d7:96:5b:a7:cf:59:6e:bc:ae:
47:33:f3:68:0e:da:de:d9:93:1b:fc:7a:13:72:0b:
29:43:f3:a3:d6:d8:fc:fc:a1:39:80:dd:6f:3f:bc:
1b:a4:34:9c:80:b2:7a:17:d8:e0:28:8b:22:93:cb:
c3:70:e9:77:6b:5b:23:d9:75:d9:d5:3e:79:bd:aa:
85:66:59:a0:0a:fb:76:ac:60:44:5e:b0:6f:89:98:
fb:d6:b5:4d:fe:3f:ee:2d:3f:f7:0c:cb:10:17:2e:
b4:67:b5:28:be:c1:56:9b:71:8b:e3:78:10:5a:6b:
dc:bb:3c:22:bc:ae:96:cb:25:19:d6:38:2f:4d:e8:
e1:48:26:6d:af:25:50:d9:95:e9:83:e3:5e:43:60:
b3:0e:a4:38:da:a3:43:b0:99:da:96:84:76:c1:fc:
18:28:20:e7:55:88:4f:82:cd:57:20:a8:55:49:f1:
34:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:9F:23:DB:95:68:CE:EB:11:1F:DE:55:62:18:FD:0B:28:00:09:A5
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/5p8j25VozusRH95VYhj9CygACaU.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.48.0/22
43.246.0.0/21
43.246.12.0-43.246.47.255
43.246.52.0-43.246.99.255
103.35.48.0/22
103.236.0.0-103.236.23.255
103.236.28.0-103.236.99.255
Signature Algorithm: sha256WithRSAEncryption
80:f9:31:88:4c:95:55:20:11:e2:49:50:59:6d:3e:ba:9c:ef:
ff:24:1a:91:24:1a:c1:e5:6a:6e:de:42:b0:c3:f9:5e:ec:8f:
3e:3a:12:af:99:61:62:e8:ae:2c:47:e2:f3:59:af:3f:41:03:
3f:d2:48:c6:d4:1c:8f:af:ae:72:c7:2c:1d:22:62:b3:b7:e3:
dd:13:dd:16:08:1e:20:14:d9:d3:b6:c8:8b:8f:a5:ef:ae:54:
9d:f6:17:cb:59:03:89:1f:50:73:f6:a6:0e:9d:b3:89:f2:a9:
8b:8e:3e:02:bf:63:b2:a9:f9:e7:26:45:0c:17:2c:ea:e0:56:
d7:18:15:9e:36:07:70:3c:a6:52:89:23:d7:c3:c0:57:b3:3e:
c7:d2:7d:94:ac:63:5b:05:d6:74:22:8a:e4:81:c7:bd:d2:1e:
a8:cd:f5:3c:d9:03:af:dd:bf:62:1a:02:e3:77:b9:86:af:60:
30:6f:ec:56:3c:b9:82:35:43:88:d2:44:36:13:46:5e:c3:d3:
88:c7:fc:19:a3:9a:b6:1e:01:df:a9:7f:56:8f:39:a5:08:42:
66:3f:d0:a5:1d:16:1f:33:01:37:9e:38:60:42:b1:69:52:3b:
c3:ab:34:69:7e:e3:ed:45:71:2e:9f:4b:c3:88:6b:be:ff:c5:
42:44:2a:ec
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgICbkQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNTA2MjEx
NDQ0MDVaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKEU2OUYyM0RCOTU2OENF
RUIxMTFGREU1NTYyMThGRDBCMjgwMDA5QTUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCuPXWY6aOrzygUYiw5R68gzO6mbemhVISDjErPwCwEx5J6l4BW
fAVUcQQ6eC88QPNTcCUhi4UkEetiAK/WSWhKygMQ2Kn/nnG+EEdpke96bteWW6fP
WW68rkcz82gO2t7Zkxv8ehNyCylD86PW2Pz8oTmA3W8/vBukNJyAsnoX2OAoiyKT
y8Nw6XdrWyPZddnVPnm9qoVmWaAK+3asYEResG+JmPvWtU3+P+4tP/cMyxAXLrRn
tSi+wVabcYvjeBBaa9y7PCK8rpbLJRnWOC9N6OFIJm2vJVDZlemD415DYLMOpDja
o0OwmdqWhHbB/BgoIOdViE+CzVcgqFVJ8TQ/AgMBAAGjggI0MIICMDAdBgNVHQ4E
FgQU5p8j25VozusRH95VYhj9CygACaUwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzVwOGoyNVZvenVzUkg5
NVZZaGo5Q3lnQUNhVS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwYgYIKwYBBQUHAQcBAf8EUzBRME8EAgABMEkD
BAIr7zADBAMr9gAwDAMEAiv2DAMEBCv2IDAMAwQCK/Y0AwQCK/ZgAwQCZyMwMAsD
AwJn7AMEA2fsEDAMAwQCZ+wcAwQCZ+xgMA0GCSqGSIb3DQEBCwUAA4IBAQCA+TGI
TJVVIBHiSVBZbT66nO//JBqRJBrB5Wpu3kKww/le7I8+OhKvmWFi6K4sR+LzWa8/
QQM/0kjG1ByPr65yxywdImKzt+PdE90WCB4gFNnTtsiLj6XvrlSd9hfLWQOJH1Bz
9qYOnbOJ8qmLjj4Cv2OyqfnnJkUMFyzq4FbXGBWeNgdwPKZSiSPXw8BXsz7H0n2U
rGNbBdZ0Iorkgce90h6ozfU82QOv3b9iGgLjd7mGr2Awb+xWPLmCNUOI0kQ2E0Ze
w9OIx/wZo5q2HgHfqX9WjzmlCEJmP9ClHRYfMwE3njhgQrFpUjvDqzRpfuPtRXEu
n0vDiGu+/8VCRCrs
-----END CERTIFICATE-----
Generated at Mon Jul 21 03:02:34 2025 by rpki-client