Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/6cD4BqJqsnMPzXXt2txiFeHA860.roa
File: 6cD4BqJqsnMPzXXt2txiFeHA860.roa (raw, json)
Hash identifier: FqkjHlUQZOGFPjFY4XDSoxRvoIn77hRqQHmDpK2djgY=
Subject key identifier: E9:C0:F8:06:A2:6A:B2:73:0F:CD:75:ED:DA:DC:62:15:E1:C0:F3:AD
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 6614
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/6cD4BqJqsnMPzXXt2txiFeHA860.roa
Signing time: Fri 30 May 2025 07:11:29 +0000
ROA not before: Fri 30 May 2025 07:11:29 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 24426
IP address blocks: 43.239.48.0/22 maxlen: 22
43.246.0.0/22 maxlen: 22
43.246.4.0/22 maxlen: 22
43.246.12.0/22 maxlen: 22
43.246.16.0/22 maxlen: 22
43.246.20.0/22 maxlen: 22
43.246.24.0/22 maxlen: 22
43.246.28.0/22 maxlen: 22
43.246.32.0/22 maxlen: 22
43.246.36.0/22 maxlen: 22
43.246.40.0/22 maxlen: 22
43.246.44.0/22 maxlen: 22
43.246.52.0/22 maxlen: 22
43.246.56.0/22 maxlen: 22
43.246.60.0/22 maxlen: 22
43.246.64.0/22 maxlen: 22
43.246.68.0/22 maxlen: 22
43.246.72.0/22 maxlen: 22
43.246.76.0/22 maxlen: 22
43.246.80.0/22 maxlen: 22
43.246.84.0/22 maxlen: 22
43.246.88.0/22 maxlen: 22
43.246.92.0/22 maxlen: 22
43.246.96.0/22 maxlen: 22
103.35.48.0/22 maxlen: 22
103.236.0.0/22 maxlen: 22
103.236.4.0/22 maxlen: 22
103.236.8.0/22 maxlen: 22
103.236.12.0/22 maxlen: 22
103.236.16.0/22 maxlen: 22
103.236.20.0/22 maxlen: 22
103.236.28.0/22 maxlen: 22
103.236.32.0/22 maxlen: 22
103.236.36.0/22 maxlen: 22
103.236.40.0/22 maxlen: 22
103.236.44.0/22 maxlen: 22
103.236.48.0/22 maxlen: 22
103.236.52.0/22 maxlen: 22
103.236.56.0/22 maxlen: 22
103.236.60.0/22 maxlen: 22
103.236.64.0/22 maxlen: 22
103.236.68.0/22 maxlen: 22
103.236.72.0/22 maxlen: 22
103.236.76.0/22 maxlen: 22
103.236.80.0/22 maxlen: 22
103.236.84.0/22 maxlen: 22
103.236.88.0/22 maxlen: 22
103.236.92.0/22 maxlen: 22
103.236.96.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 26132 (0x6614)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 30 07:11:29 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=E9C0F806A26AB2730FCD75EDDADC6215E1C0F3AD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:92:68:9a:c7:b7:33:83:47:04:55:fd:c5:8a:
5b:95:3b:d8:e6:9d:06:ea:00:5a:8c:ed:94:0a:68:
70:b2:06:f6:be:31:7a:ce:e8:c9:28:8c:fd:d6:47:
ff:60:35:f1:de:fd:18:49:0d:3c:b6:39:65:23:bd:
db:e3:5c:2d:d5:a2:5e:ba:ed:21:39:ee:91:b1:4e:
fa:33:e6:69:6d:db:35:bf:8c:52:34:47:50:96:26:
1f:e5:01:3a:1d:11:88:d1:11:f1:d8:88:6e:95:4c:
c0:6a:98:21:4e:98:ee:ae:90:d2:b5:22:ac:ed:2f:
42:ad:45:0a:10:c7:dc:6d:68:58:45:1f:a9:41:6a:
a3:24:67:cc:59:72:a2:1f:95:73:16:9c:dc:67:37:
98:73:f1:89:88:f5:03:d4:2c:86:fc:f0:fd:ed:f3:
ad:c9:91:61:f3:b3:30:e0:b6:72:98:16:be:8d:a9:
bc:e6:48:6e:0e:26:df:f3:5d:19:92:50:51:cb:67:
11:ed:9a:08:e7:29:da:7e:58:e2:46:bd:ee:b4:07:
f2:32:aa:94:92:f8:bc:3f:e3:be:52:be:f8:73:09:
4b:03:75:d0:a7:77:6f:7c:16:e5:91:b8:d5:16:9e:
e3:a4:24:ab:09:57:4c:15:d4:06:7b:7f:a0:d2:b4:
9f:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:C0:F8:06:A2:6A:B2:73:0F:CD:75:ED:DA:DC:62:15:E1:C0:F3:AD
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/6cD4BqJqsnMPzXXt2txiFeHA860.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.48.0/22
43.246.0.0/21
43.246.12.0-43.246.47.255
43.246.52.0-43.246.99.255
103.35.48.0/22
103.236.0.0-103.236.23.255
103.236.28.0-103.236.99.255
Signature Algorithm: sha256WithRSAEncryption
62:1b:bb:1f:70:c9:99:69:1b:c7:e2:63:62:35:d4:a4:a3:b5:
aa:2e:2d:b6:4f:b4:83:c9:c3:db:1b:02:79:04:ab:af:5e:26:
6a:97:25:36:76:11:7d:9e:91:a3:76:d7:42:94:ac:fe:0e:cc:
c4:93:a3:72:43:1f:98:c2:5d:54:39:31:72:31:03:3f:2f:4f:
5d:c0:c0:13:cc:3c:14:9a:db:ff:35:7d:3e:00:b8:fa:00:5e:
4f:3f:23:03:67:b8:89:de:37:78:5c:6b:76:ee:09:68:01:46:
3f:d6:44:07:92:2a:4a:c3:95:0f:37:8f:50:ea:3c:05:11:b7:
b4:13:e4:ce:d9:2f:d5:5b:e7:9d:4a:7d:53:01:a5:3e:a8:90:
60:1b:f8:17:58:a2:8d:4a:be:b7:1d:63:8c:a8:cd:85:da:79:
7d:46:cb:fc:3e:88:41:25:d8:a7:76:87:e1:88:12:8e:87:7c:
fc:77:de:b2:41:4d:f3:c4:d1:6b:1f:ad:3b:d4:cf:db:aa:d0:
e8:d0:bd:e8:64:e4:12:f8:b1:92:0c:79:ec:39:23:25:68:7f:
46:20:a1:16:97:bb:a3:c7:67:4b:17:86:4c:7b:92:78:bb:4f:
39:2e:98:44:c0:ba:e9:5d:29:4f:69:17:5a:48:3a:e3:29:79:
27:9b:8f:0e
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgICZhQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNTA1MzAw
NzExMjlaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKEU5QzBGODA2QTI2QUIy
NzMwRkNENzVFRERBREM2MjE1RTFDMEYzQUQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDPkmiax7czg0cEVf3FiluVO9jmnQbqAFqM7ZQKaHCyBva+MXrO
6MkojP3WR/9gNfHe/RhJDTy2OWUjvdvjXC3Vol667SE57pGxTvoz5mlt2zW/jFI0
R1CWJh/lATodEYjREfHYiG6VTMBqmCFOmO6ukNK1IqztL0KtRQoQx9xtaFhFH6lB
aqMkZ8xZcqIflXMWnNxnN5hz8YmI9QPULIb88P3t863JkWHzszDgtnKYFr6Nqbzm
SG4OJt/zXRmSUFHLZxHtmgjnKdp+WOJGve60B/IyqpSS+Lw/475SvvhzCUsDddCn
d298FuWRuNUWnuOkJKsJV0wV1AZ7f6DStJ/hAgMBAAGjggI0MIICMDAdBgNVHQ4E
FgQU6cD4BqJqsnMPzXXt2txiFeHA860wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzZjRDRCcUpxc25NUHpY
WHQydHhpRmVIQTg2MC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwYgYIKwYBBQUHAQcBAf8EUzBRME8EAgABMEkD
BAIr7zADBAMr9gAwDAMEAiv2DAMEBCv2IDAMAwQCK/Y0AwQCK/ZgAwQCZyMwMAsD
AwJn7AMEA2fsEDAMAwQCZ+wcAwQCZ+xgMA0GCSqGSIb3DQEBCwUAA4IBAQBiG7sf
cMmZaRvH4mNiNdSko7WqLi22T7SDycPbGwJ5BKuvXiZqlyU2dhF9npGjdtdClKz+
DszEk6NyQx+Ywl1UOTFyMQM/L09dwMATzDwUmtv/NX0+ALj6AF5PPyMDZ7iJ3jd4
XGt27gloAUY/1kQHkipKw5UPN49Q6jwFEbe0E+TO2S/VW+edSn1TAaU+qJBgG/gX
WKKNSr63HWOMqM2F2nl9Rsv8PohBJdindofhiBKOh3z8d96yQU3zxNFrH6071M/b
qtDo0L3oZOQS+LGSDHnsOSMlaH9GIKEWl7ujx2dLF4ZMe5J4u085LphEwLrpXSlP
aRdaSDrjKXknm48O
-----END CERTIFICATE-----
Generated at Wed Jun 4 01:21:17 2025 by rpki-client