Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/8TYdsoCh6kRLzJIoxpymEVijZgA.roa
File: 8TYdsoCh6kRLzJIoxpymEVijZgA.roa (raw, json)
Hash identifier: 0bSVA0t9Xr/RD2chBPeX23uzAKLZZpP7fxoG4b2RE8w=
Subject key identifier: F1:36:1D:B2:80:A1:EA:44:4B:CC:92:28:C6:9C:A6:11:58:A3:66:00
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 724E
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/8TYdsoCh6kRLzJIoxpymEVijZgA.roa
Signing time: Wed 02 Jul 2025 03:15:05 +0000
ROA not before: Wed 02 Jul 2025 03:15:05 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 24426
IP address blocks: 43.239.48.0/22 maxlen: 22
43.246.0.0/22 maxlen: 22
43.246.4.0/22 maxlen: 22
43.246.12.0/22 maxlen: 22
43.246.16.0/22 maxlen: 22
43.246.20.0/22 maxlen: 22
43.246.24.0/22 maxlen: 22
43.246.28.0/22 maxlen: 22
43.246.32.0/22 maxlen: 22
43.246.36.0/22 maxlen: 22
43.246.40.0/22 maxlen: 22
43.246.44.0/22 maxlen: 22
43.246.52.0/22 maxlen: 22
43.246.56.0/22 maxlen: 22
43.246.60.0/22 maxlen: 22
43.246.64.0/22 maxlen: 22
43.246.68.0/22 maxlen: 22
43.246.72.0/22 maxlen: 22
43.246.76.0/22 maxlen: 22
43.246.80.0/22 maxlen: 22
43.246.84.0/22 maxlen: 22
43.246.88.0/22 maxlen: 22
43.246.92.0/22 maxlen: 22
43.246.96.0/22 maxlen: 22
103.35.48.0/22 maxlen: 22
103.236.0.0/22 maxlen: 22
103.236.4.0/22 maxlen: 22
103.236.8.0/22 maxlen: 22
103.236.12.0/22 maxlen: 22
103.236.16.0/22 maxlen: 22
103.236.20.0/22 maxlen: 22
103.236.28.0/22 maxlen: 22
103.236.32.0/22 maxlen: 22
103.236.36.0/22 maxlen: 22
103.236.40.0/22 maxlen: 22
103.236.44.0/22 maxlen: 22
103.236.48.0/22 maxlen: 22
103.236.52.0/22 maxlen: 22
103.236.56.0/22 maxlen: 22
103.236.60.0/22 maxlen: 22
103.236.64.0/22 maxlen: 22
103.236.68.0/22 maxlen: 22
103.236.72.0/22 maxlen: 22
103.236.76.0/22 maxlen: 22
103.236.80.0/22 maxlen: 22
103.236.84.0/22 maxlen: 22
103.236.88.0/22 maxlen: 22
103.236.92.0/22 maxlen: 22
103.236.96.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 29262 (0x724e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Jul 2 03:15:05 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=F1361DB280A1EA444BCC9228C69CA61158A36600
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:16:72:99:e9:06:fd:58:2a:70:39:95:1a:1b:
ea:cc:4c:1b:08:de:80:bf:38:43:3f:74:51:2f:51:
73:c9:89:28:ec:fc:09:2f:07:c0:9b:74:3c:af:82:
ce:ae:2d:75:0c:3f:60:8c:bc:cf:4c:eb:27:86:c9:
f5:fd:6a:d8:db:a9:4e:09:1e:4a:05:07:70:56:6b:
e5:20:c5:89:e8:98:9b:83:af:08:fd:2d:4e:e9:b7:
45:5f:58:88:2b:ef:fe:67:1b:cd:ea:14:f8:fc:df:
46:d6:dc:da:d5:69:44:e7:1d:2a:15:ea:cc:26:d0:
cc:11:47:aa:52:fb:fb:eb:92:83:7e:31:f4:20:90:
03:d0:cd:cb:7c:88:7c:0e:7e:e7:e6:e9:81:2e:51:
e6:30:33:86:5f:3e:b6:9b:f4:e0:fa:2b:e0:de:31:
c6:89:39:83:f2:21:3a:35:af:59:d2:07:0c:fe:c4:
6d:6f:64:b4:81:e7:53:72:cc:56:11:99:dd:b4:01:
cd:15:89:58:18:67:35:63:66:51:7b:76:e2:f9:4f:
4e:47:fd:84:94:f5:13:f8:7a:3f:5c:c3:36:49:e1:
1a:d9:58:5a:53:f4:bd:35:68:c2:6f:70:fa:d1:d0:
f1:b8:f5:4f:d2:aa:04:1a:db:85:95:91:9d:32:50:
48:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:36:1D:B2:80:A1:EA:44:4B:CC:92:28:C6:9C:A6:11:58:A3:66:00
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/8TYdsoCh6kRLzJIoxpymEVijZgA.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.48.0/22
43.246.0.0/21
43.246.12.0-43.246.47.255
43.246.52.0-43.246.99.255
103.35.48.0/22
103.236.0.0-103.236.23.255
103.236.28.0-103.236.99.255
Signature Algorithm: sha256WithRSAEncryption
04:5e:04:4d:ea:aa:cd:ea:a3:fa:e1:43:d9:98:39:ae:7f:2e:
a2:a8:8c:1c:f8:b3:74:c6:af:74:32:10:bf:40:dd:43:48:13:
73:81:ff:3e:14:a2:c3:0e:d8:8b:af:ce:3a:e4:0e:89:84:48:
26:29:90:6f:32:e6:59:86:68:44:72:69:f2:d7:56:45:49:bf:
a5:1a:f0:b7:a2:a0:fd:95:8c:15:86:7c:76:b8:9c:fa:b3:97:
10:e8:bd:6f:b9:49:84:17:8f:89:6f:64:54:26:e1:ec:db:ae:
e0:ef:9d:26:64:08:7b:97:d8:67:b4:3f:46:8e:de:ac:b1:a1:
a7:65:fe:1c:63:48:a5:26:12:36:82:a5:e2:f6:92:4c:65:cf:
88:75:6a:08:56:2b:ad:58:48:e5:34:3f:3d:20:88:cf:52:2b:
9b:a8:e6:39:d7:16:b6:e1:0a:1e:3b:13:95:2b:1f:db:0f:df:
51:49:85:f6:ea:e5:57:cc:4c:1c:7d:d7:b5:93:3f:93:00:09:
aa:70:f5:72:60:b3:bc:28:27:a9:40:db:28:14:70:9d:8e:9f:
e2:d8:d0:8b:e2:98:61:64:7f:b0:d9:20:79:d5:69:00:af:33:
35:94:d5:e7:a0:05:37:c0:38:7d:dc:5e:4b:91:a7:d5:d3:28:
9f:a6:f8:15
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgICck4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNTA3MDIw
MzE1MDVaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKEYxMzYxREIyODBBMUVB
NDQ0QkNDOTIyOEM2OUNBNjExNThBMzY2MDAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDTFnKZ6Qb9WCpwOZUaG+rMTBsI3oC/OEM/dFEvUXPJiSjs/Akv
B8CbdDyvgs6uLXUMP2CMvM9M6yeGyfX9atjbqU4JHkoFB3BWa+UgxYnomJuDrwj9
LU7pt0VfWIgr7/5nG83qFPj830bW3NrVaUTnHSoV6swm0MwRR6pS+/vrkoN+MfQg
kAPQzct8iHwOfufm6YEuUeYwM4ZfPrab9OD6K+DeMcaJOYPyITo1r1nSBwz+xG1v
ZLSB51NyzFYRmd20Ac0ViVgYZzVjZlF7duL5T05H/YSU9RP4ej9cwzZJ4RrZWFpT
9L01aMJvcPrR0PG49U/SqgQa24WVkZ0yUEhhAgMBAAGjggI0MIICMDAdBgNVHQ4E
FgQU8TYdsoCh6kRLzJIoxpymEVijZgAwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzhUWWRzb0NoNmtSTHpK
SW94cHltRVZpalpnQS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwYgYIKwYBBQUHAQcBAf8EUzBRME8EAgABMEkD
BAIr7zADBAMr9gAwDAMEAiv2DAMEBCv2IDAMAwQCK/Y0AwQCK/ZgAwQCZyMwMAsD
AwJn7AMEA2fsEDAMAwQCZ+wcAwQCZ+xgMA0GCSqGSIb3DQEBCwUAA4IBAQAEXgRN
6qrN6qP64UPZmDmufy6iqIwc+LN0xq90MhC/QN1DSBNzgf8+FKLDDtiLr8465A6J
hEgmKZBvMuZZhmhEcmny11ZFSb+lGvC3oqD9lYwVhnx2uJz6s5cQ6L1vuUmEF4+J
b2RUJuHs267g750mZAh7l9hntD9Gjt6ssaGnZf4cY0ilJhI2gqXi9pJMZc+IdWoI
ViutWEjlND89IIjPUiubqOY51xa24QoeOxOVKx/bD99RSYX26uVXzEwcfde1kz+T
AAmqcPVyYLO8KCepQNsoFHCdjp/i2NCL4phhZH+w2SB51WkArzM1lNXnoAU3wDh9
3F5LkafV0yifpvgV
-----END CERTIFICATE-----
Generated at Sun Jul 20 12:55:48 2025 by rpki-client