Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/6-4hHKv2XU_2eN4Tdxges6BCvHA.roa
File: 6-4hHKv2XU_2eN4Tdxges6BCvHA.roa (raw, json)
Hash identifier: z0fS2wcqxu5wj4BVLnbu08Ohup9ySLnIoF1lbG4y8Ms=
Subject key identifier: EB:EE:21:1C:AB:F6:5D:4F:F6:78:DE:13:77:18:1E:B3:A0:42:BC:70
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 627A
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/6-4hHKv2XU_2eN4Tdxges6BCvHA.roa
Signing time: Tue 20 May 2025 16:40:42 +0000
ROA not before: Tue 20 May 2025 16:40:42 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 24426
IP address blocks: 43.239.48.0/22 maxlen: 22
43.246.0.0/22 maxlen: 22
43.246.4.0/22 maxlen: 22
43.246.12.0/22 maxlen: 22
43.246.16.0/22 maxlen: 22
43.246.20.0/22 maxlen: 22
43.246.24.0/22 maxlen: 22
43.246.28.0/22 maxlen: 22
43.246.32.0/22 maxlen: 22
43.246.36.0/22 maxlen: 22
43.246.40.0/22 maxlen: 22
43.246.44.0/22 maxlen: 22
43.246.52.0/22 maxlen: 22
43.246.56.0/22 maxlen: 22
43.246.60.0/22 maxlen: 22
43.246.64.0/22 maxlen: 22
43.246.68.0/22 maxlen: 22
43.246.72.0/22 maxlen: 22
43.246.76.0/22 maxlen: 22
43.246.80.0/22 maxlen: 22
43.246.84.0/22 maxlen: 22
43.246.88.0/22 maxlen: 22
43.246.92.0/22 maxlen: 22
43.246.96.0/22 maxlen: 22
103.35.48.0/22 maxlen: 22
103.236.0.0/22 maxlen: 22
103.236.4.0/22 maxlen: 22
103.236.8.0/22 maxlen: 22
103.236.12.0/22 maxlen: 22
103.236.16.0/22 maxlen: 22
103.236.20.0/22 maxlen: 22
103.236.28.0/22 maxlen: 22
103.236.32.0/22 maxlen: 22
103.236.36.0/22 maxlen: 22
103.236.40.0/22 maxlen: 22
103.236.44.0/22 maxlen: 22
103.236.48.0/22 maxlen: 22
103.236.52.0/22 maxlen: 22
103.236.56.0/22 maxlen: 22
103.236.60.0/22 maxlen: 22
103.236.64.0/22 maxlen: 22
103.236.68.0/22 maxlen: 22
103.236.72.0/22 maxlen: 22
103.236.76.0/22 maxlen: 22
103.236.80.0/22 maxlen: 22
103.236.84.0/22 maxlen: 22
103.236.88.0/22 maxlen: 22
103.236.92.0/22 maxlen: 22
103.236.96.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 25210 (0x627a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 20 16:40:42 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=EBEE211CABF65D4FF678DE1377181EB3A042BC70
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:ff:dd:80:de:5f:88:8c:33:fe:62:98:d1:76:
13:ae:a1:93:ea:ea:c0:5d:ab:21:2c:21:0c:c6:9f:
9d:7b:bc:29:68:af:97:19:29:23:c7:4b:45:7b:a1:
7d:8d:f0:e2:c7:b2:72:a0:f7:87:2c:0c:ec:9d:a1:
d6:f3:53:d6:86:ef:f3:22:e6:7f:b6:9e:7a:a5:b7:
82:b2:d5:88:03:fd:b9:a4:a3:79:15:c0:e2:5d:89:
9d:7c:18:71:df:ab:ca:13:ba:ff:38:2e:9a:43:33:
e7:e3:5d:32:f0:ae:16:e8:2b:ba:f6:ba:a4:fd:6a:
76:ff:58:f1:1e:f1:e8:10:37:f7:c9:eb:55:4d:9c:
56:66:42:3a:19:83:f6:4b:36:e9:03:96:5e:4a:c0:
5f:3b:ff:2d:09:8f:10:70:36:6f:63:32:dc:1c:e4:
d9:6c:6b:d4:7c:22:11:45:69:99:8f:de:3c:1b:b1:
c9:4b:37:76:1e:75:21:e2:81:f3:52:ed:54:aa:a7:
3a:c5:cc:6c:6f:7b:53:4f:c0:c2:b5:c1:5d:83:77:
9e:83:56:6e:ce:e1:82:1a:db:9d:a7:af:ab:bd:14:
e7:01:68:cb:2c:ee:82:8e:36:c5:ed:31:39:42:22:
8a:8e:52:3f:a6:7b:0f:4f:c7:1d:bf:9c:1d:fe:00:
f9:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:EE:21:1C:AB:F6:5D:4F:F6:78:DE:13:77:18:1E:B3:A0:42:BC:70
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/6-4hHKv2XU_2eN4Tdxges6BCvHA.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.48.0/22
43.246.0.0/21
43.246.12.0-43.246.47.255
43.246.52.0-43.246.99.255
103.35.48.0/22
103.236.0.0-103.236.23.255
103.236.28.0-103.236.99.255
Signature Algorithm: sha256WithRSAEncryption
ab:eb:55:69:ee:c2:43:19:ef:1a:90:1a:76:04:05:cd:25:a5:
03:f8:47:c9:65:ef:86:4e:e2:f2:8e:20:17:e8:96:61:09:22:
51:16:40:5e:02:eb:1d:fe:f2:55:aa:b2:95:3e:16:22:bc:c2:
3d:52:02:cd:4b:d9:ce:97:dc:60:3a:bd:95:b0:42:2e:02:8c:
9d:8a:e5:72:48:2c:48:0b:73:35:99:8e:9a:62:60:2e:97:ec:
1d:01:56:10:f2:31:05:df:5d:a4:a7:38:35:ca:bd:79:44:b3:
b6:03:cc:20:76:03:de:a2:16:5d:a7:2d:44:69:31:cf:90:a4:
f9:04:64:87:9e:59:23:fa:29:88:41:53:94:2e:1a:1c:ed:cc:
ea:d4:2a:cf:78:eb:ca:e8:54:bb:60:87:d8:d3:14:c3:35:f2:
01:83:2e:c6:48:d5:c4:3b:06:b9:c5:23:b2:c2:4f:6a:35:84:
69:a4:4c:8a:52:72:2e:e9:62:43:da:00:b0:2f:1d:b6:1f:ab:
2d:a5:86:03:f9:6c:38:a7:32:7b:88:de:2e:12:d0:5f:c2:c9:
ca:ac:a2:5d:ad:fc:30:c6:cf:df:3a:81:77:62:d5:67:d6:19:
4c:10:de:0c:9e:42:32:d3:92:f1:95:e6:1a:f5:25:14:a1:a8:
64:e8:5f:cc
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgICYnowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNTA1MjAx
NjQwNDJaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKEVCRUUyMTFDQUJGNjVE
NEZGNjc4REUxMzc3MTgxRUIzQTA0MkJDNzAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCl/92A3l+IjDP+YpjRdhOuoZPq6sBdqyEsIQzGn517vClor5cZ
KSPHS0V7oX2N8OLHsnKg94csDOydodbzU9aG7/Mi5n+2nnqlt4Ky1YgD/bmko3kV
wOJdiZ18GHHfq8oTuv84LppDM+fjXTLwrhboK7r2uqT9anb/WPEe8egQN/fJ61VN
nFZmQjoZg/ZLNukDll5KwF87/y0JjxBwNm9jMtwc5Nlsa9R8IhFFaZmP3jwbsclL
N3YedSHigfNS7VSqpzrFzGxve1NPwMK1wV2Dd56DVm7O4YIa252nr6u9FOcBaMss
7oKONsXtMTlCIoqOUj+mew9Pxx2/nB3+APkfAgMBAAGjggI0MIICMDAdBgNVHQ4E
FgQU6+4hHKv2XU/2eN4Tdxges6BCvHAwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzYtNGhIS3YyWFVfMmVO
NFRkeGdlczZCQ3ZIQS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwYgYIKwYBBQUHAQcBAf8EUzBRME8EAgABMEkD
BAIr7zADBAMr9gAwDAMEAiv2DAMEBCv2IDAMAwQCK/Y0AwQCK/ZgAwQCZyMwMAsD
AwJn7AMEA2fsEDAMAwQCZ+wcAwQCZ+xgMA0GCSqGSIb3DQEBCwUAA4IBAQCr61Vp
7sJDGe8akBp2BAXNJaUD+EfJZe+GTuLyjiAX6JZhCSJRFkBeAusd/vJVqrKVPhYi
vMI9UgLNS9nOl9xgOr2VsEIuAoydiuVySCxIC3M1mY6aYmAul+wdAVYQ8jEF312k
pzg1yr15RLO2A8wgdgPeohZdpy1EaTHPkKT5BGSHnlkj+imIQVOULhoc7czq1CrP
eOvK6FS7YIfY0xTDNfIBgy7GSNXEOwa5xSOywk9qNYRppEyKUnIu6WJD2gCwLx22
H6stpYYD+Ww4pzJ7iN4uEtBfwsnKrKJdrfwwxs/fOoF3YtVn1hlMEN4MnkIy05Lx
leYa9SUUoahk6F/M
-----END CERTIFICATE-----
Generated at Wed Jun 4 01:00:14 2025 by rpki-client