Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/5qWtoWn22D5jjEinnOJZzRzgKIA.roa
File: 5qWtoWn22D5jjEinnOJZzRzgKIA.roa (raw, json)
Hash identifier: CeCuA9fktu2QSfHgkK6IY6p4d+VUBaEr2l/g2D6UdUE=
Subject key identifier: E6:A5:AD:A1:69:F6:D8:3E:63:8C:48:A7:9C:E2:59:CD:1C:E0:28:80
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 7578
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/5qWtoWn22D5jjEinnOJZzRzgKIA.roa
Signing time: Thu 10 Jul 2025 13:45:12 +0000
ROA not before: Thu 10 Jul 2025 13:45:12 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 24426
IP address blocks: 43.239.48.0/22 maxlen: 22
43.246.0.0/22 maxlen: 22
43.246.4.0/22 maxlen: 22
43.246.12.0/22 maxlen: 22
43.246.16.0/22 maxlen: 22
43.246.20.0/22 maxlen: 22
43.246.24.0/22 maxlen: 22
43.246.28.0/22 maxlen: 22
43.246.32.0/22 maxlen: 22
43.246.36.0/22 maxlen: 22
43.246.40.0/22 maxlen: 22
43.246.44.0/22 maxlen: 22
43.246.52.0/22 maxlen: 22
43.246.56.0/22 maxlen: 22
43.246.60.0/22 maxlen: 22
43.246.64.0/22 maxlen: 22
43.246.68.0/22 maxlen: 22
43.246.72.0/22 maxlen: 22
43.246.76.0/22 maxlen: 22
43.246.80.0/22 maxlen: 22
43.246.84.0/22 maxlen: 22
43.246.88.0/22 maxlen: 22
43.246.92.0/22 maxlen: 22
43.246.96.0/22 maxlen: 22
103.35.48.0/22 maxlen: 22
103.236.0.0/22 maxlen: 22
103.236.4.0/22 maxlen: 22
103.236.8.0/22 maxlen: 22
103.236.12.0/22 maxlen: 22
103.236.16.0/22 maxlen: 22
103.236.20.0/22 maxlen: 22
103.236.28.0/22 maxlen: 22
103.236.32.0/22 maxlen: 22
103.236.36.0/22 maxlen: 22
103.236.40.0/22 maxlen: 22
103.236.44.0/22 maxlen: 22
103.236.48.0/22 maxlen: 22
103.236.52.0/22 maxlen: 22
103.236.56.0/22 maxlen: 22
103.236.60.0/22 maxlen: 22
103.236.64.0/22 maxlen: 22
103.236.68.0/22 maxlen: 22
103.236.72.0/22 maxlen: 22
103.236.76.0/22 maxlen: 22
103.236.80.0/22 maxlen: 22
103.236.84.0/22 maxlen: 22
103.236.88.0/22 maxlen: 22
103.236.92.0/22 maxlen: 22
103.236.96.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 30072 (0x7578)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Jul 10 13:45:12 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=E6A5ADA169F6D83E638C48A79CE259CD1CE02880
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:b3:9a:ea:cc:40:98:31:04:d2:78:c9:84:55:
e1:7f:42:c4:fb:2b:6f:00:61:71:fb:85:27:0c:e1:
7b:ce:56:0d:b9:8f:ac:76:fa:05:51:ab:39:0a:d0:
b6:3a:ca:bc:89:e7:84:31:46:97:92:cc:27:66:34:
6a:ec:a1:85:0b:59:6e:d8:38:fe:aa:a5:22:4e:dc:
b4:02:aa:37:18:25:13:fb:51:84:36:d8:91:26:95:
69:bb:eb:e4:e1:bf:65:92:1f:bd:91:42:bc:29:6f:
1d:1e:d4:9e:73:5b:7a:b1:32:60:75:45:32:ba:6b:
62:e1:b1:63:3c:ea:8f:fc:29:63:f6:c6:68:e6:0d:
63:f4:35:98:ca:c4:84:f3:7b:d4:f0:2f:41:94:56:
1e:fe:c6:04:f2:c2:15:c8:a3:bd:31:e0:f0:16:12:
0a:b9:31:34:7b:59:3f:cc:87:ac:d5:30:81:6b:fc:
2b:22:38:6f:cf:d6:22:9e:60:80:d2:28:3e:24:31:
f7:ea:60:82:5c:62:0e:4c:92:ff:61:f8:0b:8c:78:
2b:fc:67:85:21:a7:9c:45:3f:58:0c:f6:09:b2:88:
44:39:8f:c4:8e:06:a1:7a:11:0f:db:d0:d1:d5:ea:
9c:af:40:c2:93:28:93:13:c0:fe:5d:c1:b4:81:90:
ea:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:A5:AD:A1:69:F6:D8:3E:63:8C:48:A7:9C:E2:59:CD:1C:E0:28:80
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/5qWtoWn22D5jjEinnOJZzRzgKIA.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.48.0/22
43.246.0.0/21
43.246.12.0-43.246.47.255
43.246.52.0-43.246.99.255
103.35.48.0/22
103.236.0.0-103.236.23.255
103.236.28.0-103.236.99.255
Signature Algorithm: sha256WithRSAEncryption
5c:1f:62:1c:ed:f2:23:a1:6d:46:54:56:8a:02:5b:01:97:d7:
87:b2:d5:4f:f6:f7:5f:38:03:99:0c:ce:16:d3:dd:87:75:fd:
1f:7c:07:be:e7:7c:7e:b6:d9:ed:38:4e:ca:6a:b6:99:43:ec:
ad:e3:da:23:a2:0a:ae:7a:c5:7b:4e:cd:60:e9:5b:90:d2:2d:
6c:d8:d3:d7:e4:71:0a:01:d8:da:66:40:37:fb:db:95:73:9e:
ba:8f:14:9f:c5:bd:a4:1f:5c:d2:8b:61:a7:87:e4:33:dc:4c:
f4:90:a1:ed:40:bb:f0:43:c7:27:e0:21:6d:70:63:47:db:e1:
0e:01:ef:e8:87:f9:02:dc:84:65:ee:a7:28:ba:10:91:c9:44:
ee:84:17:5c:62:fe:c1:9c:a8:5c:f3:be:21:a8:88:f6:d2:d3:
dd:b2:6b:f5:75:48:4b:7c:6b:c7:5a:1c:a6:2e:5c:38:e4:00:
29:c5:1c:a2:0d:1c:f0:b2:6c:bd:03:1d:4f:80:9b:15:c8:87:
28:f9:02:00:38:5c:c3:3a:b9:79:08:ea:a0:64:7e:e9:d1:b5:
43:17:d1:04:1f:cc:cb:fb:4d:c5:ce:e5:36:a3:c8:0d:e6:84:
2c:2a:7c:e4:27:2c:37:17:96:99:8d:47:5c:0c:fb:33:ee:46:
4c:f7:44:34
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgICdXgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNTA3MTAx
MzQ1MTJaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKEU2QTVBREExNjlGNkQ4
M0U2MzhDNDhBNzlDRTI1OUNEMUNFMDI4ODAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCis5rqzECYMQTSeMmEVeF/QsT7K28AYXH7hScM4XvOVg25j6x2
+gVRqzkK0LY6yryJ54QxRpeSzCdmNGrsoYULWW7YOP6qpSJO3LQCqjcYJRP7UYQ2
2JEmlWm76+Thv2WSH72RQrwpbx0e1J5zW3qxMmB1RTK6a2LhsWM86o/8KWP2xmjm
DWP0NZjKxITze9TwL0GUVh7+xgTywhXIo70x4PAWEgq5MTR7WT/Mh6zVMIFr/Csi
OG/P1iKeYIDSKD4kMffqYIJcYg5Mkv9h+AuMeCv8Z4Uhp5xFP1gM9gmyiEQ5j8SO
BqF6EQ/b0NHV6pyvQMKTKJMTwP5dwbSBkOobAgMBAAGjggI0MIICMDAdBgNVHQ4E
FgQU5qWtoWn22D5jjEinnOJZzRzgKIAwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzVxV3RvV24yMkQ1ampF
aW5uT0paelJ6Z0tJQS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwYgYIKwYBBQUHAQcBAf8EUzBRME8EAgABMEkD
BAIr7zADBAMr9gAwDAMEAiv2DAMEBCv2IDAMAwQCK/Y0AwQCK/ZgAwQCZyMwMAsD
AwJn7AMEA2fsEDAMAwQCZ+wcAwQCZ+xgMA0GCSqGSIb3DQEBCwUAA4IBAQBcH2Ic
7fIjoW1GVFaKAlsBl9eHstVP9vdfOAOZDM4W092Hdf0ffAe+53x+ttntOE7KaraZ
Q+yt49ojogquesV7Ts1g6VuQ0i1s2NPX5HEKAdjaZkA3+9uVc566jxSfxb2kH1zS
i2Gnh+Qz3Ez0kKHtQLvwQ8cn4CFtcGNH2+EOAe/oh/kC3IRl7qcouhCRyUTuhBdc
Yv7BnKhc874hqIj20tPdsmv1dUhLfGvHWhymLlw45AApxRyiDRzwsmy9Ax1PgJsV
yIco+QIAOFzDOrl5COqgZH7p0bVDF9EEH8zL+03FzuU2o8gN5oQsKnzkJyw3F5aZ
jUdcDPsz7kZM90Q0
-----END CERTIFICATE-----
Generated at Sun Jul 20 12:47:34 2025 by rpki-client