Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/91NG1AE4lhDJ3JWgtEbidN024Cg.roa
File: 91NG1AE4lhDJ3JWgtEbidN024Cg.roa (raw, json)
Hash identifier: yxBJo5A3HFnxClRIfWq2lJ7GzlPkF8x67FUWwymtuEo=
Subject key identifier: F7:53:46:D4:01:38:96:10:C9:DC:95:A0:B4:46:E2:74:DD:36:E0:28
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 78B2
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/91NG1AE4lhDJ3JWgtEbidN024Cg.roa
Signing time: Sat 19 Jul 2025 04:42:06 +0000
ROA not before: Sat 19 Jul 2025 04:42:06 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 24426
IP address blocks: 43.239.48.0/22 maxlen: 22
43.246.0.0/22 maxlen: 22
43.246.4.0/22 maxlen: 22
43.246.12.0/22 maxlen: 22
43.246.16.0/22 maxlen: 22
43.246.20.0/22 maxlen: 22
43.246.24.0/22 maxlen: 22
43.246.28.0/22 maxlen: 22
43.246.32.0/22 maxlen: 22
43.246.36.0/22 maxlen: 22
43.246.40.0/22 maxlen: 22
43.246.44.0/22 maxlen: 22
43.246.52.0/22 maxlen: 22
43.246.56.0/22 maxlen: 22
43.246.60.0/22 maxlen: 22
43.246.64.0/22 maxlen: 22
43.246.68.0/22 maxlen: 22
43.246.72.0/22 maxlen: 22
43.246.76.0/22 maxlen: 22
43.246.80.0/22 maxlen: 22
43.246.84.0/22 maxlen: 22
43.246.88.0/22 maxlen: 22
43.246.92.0/22 maxlen: 22
43.246.96.0/22 maxlen: 22
103.35.48.0/22 maxlen: 22
103.236.0.0/22 maxlen: 22
103.236.4.0/22 maxlen: 22
103.236.8.0/22 maxlen: 22
103.236.12.0/22 maxlen: 22
103.236.16.0/22 maxlen: 22
103.236.20.0/22 maxlen: 22
103.236.28.0/22 maxlen: 22
103.236.32.0/22 maxlen: 22
103.236.36.0/22 maxlen: 22
103.236.40.0/22 maxlen: 22
103.236.44.0/22 maxlen: 22
103.236.48.0/22 maxlen: 22
103.236.52.0/22 maxlen: 22
103.236.56.0/22 maxlen: 22
103.236.60.0/22 maxlen: 22
103.236.64.0/22 maxlen: 22
103.236.68.0/22 maxlen: 22
103.236.72.0/22 maxlen: 22
103.236.76.0/22 maxlen: 22
103.236.80.0/22 maxlen: 22
103.236.84.0/22 maxlen: 22
103.236.88.0/22 maxlen: 22
103.236.92.0/22 maxlen: 22
103.236.96.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 30898 (0x78b2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Jul 19 04:42:06 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=F75346D401389610C9DC95A0B446E274DD36E028
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:66:ba:55:55:44:ff:59:c9:ed:07:92:db:45:
31:65:dd:1a:51:ba:1d:cc:5e:e7:2c:8b:0f:f2:3b:
11:ad:7b:b9:c2:42:03:2f:35:6e:db:25:96:e1:c4:
f4:61:a8:a7:3e:8f:1e:d1:7b:ba:94:c9:80:bf:07:
62:b8:a3:53:ee:50:6e:0d:9d:c9:21:03:3e:77:53:
94:94:bb:ba:55:3d:c8:4b:4b:23:ef:f9:83:eb:3c:
ab:37:0a:26:d6:47:08:4e:ad:01:60:df:74:9f:93:
b2:38:19:e6:ac:7c:b0:d3:73:e6:f0:94:b1:67:87:
4f:05:61:25:67:0e:b1:73:fa:28:e9:c6:a6:8b:3d:
91:2e:6d:49:00:04:ee:ed:f6:16:99:36:b4:1e:6f:
5c:2a:3a:27:2e:c7:47:a3:c3:3c:24:24:50:6e:0d:
ba:5d:56:20:07:4d:53:da:9f:7a:1c:00:36:7c:7a:
68:b6:1f:8c:f1:9c:5e:96:96:2e:49:98:d2:78:e7:
7e:b4:67:b9:04:97:99:0e:38:07:1b:7b:e8:a4:5c:
45:a0:42:62:e5:a3:d6:5a:8e:e9:bc:bf:14:e8:b9:
56:3e:a7:53:2a:df:7d:d5:a8:84:ca:cb:08:9a:32:
34:22:1c:27:38:dd:80:65:43:16:23:af:b3:dd:86:
d9:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:53:46:D4:01:38:96:10:C9:DC:95:A0:B4:46:E2:74:DD:36:E0:28
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/91NG1AE4lhDJ3JWgtEbidN024Cg.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.48.0/22
43.246.0.0/21
43.246.12.0-43.246.47.255
43.246.52.0-43.246.99.255
103.35.48.0/22
103.236.0.0-103.236.23.255
103.236.28.0-103.236.99.255
Signature Algorithm: sha256WithRSAEncryption
b8:e7:b1:f5:eb:5e:bb:da:0c:42:ee:0d:4c:c1:76:b9:89:fe:
02:d4:3f:ed:1c:65:07:08:35:51:88:03:df:f5:b0:71:ff:6a:
66:ef:70:78:4a:65:92:de:89:77:e3:31:da:93:40:8c:67:2c:
e6:96:db:47:37:d6:7d:7e:c6:05:70:e4:e1:17:7a:d5:63:76:
35:a2:f9:99:5a:27:74:49:fa:cd:ef:6e:3b:19:8e:fc:90:dd:
51:9d:02:9e:70:75:6b:a8:32:57:b1:76:70:dc:6d:77:52:7f:
b3:79:9c:15:c5:f3:5e:b4:60:95:e8:ff:e5:6d:d6:59:ac:bb:
fc:49:54:2a:f4:a3:93:da:dd:23:ca:af:42:e4:4c:95:19:4b:
6f:6e:f4:89:1b:bb:26:cd:85:22:e5:8f:69:4e:10:50:26:be:
57:99:3e:21:8a:42:1b:83:ee:d0:6f:25:2a:6c:84:bc:a9:06:
40:ba:58:1f:38:9c:09:7e:54:d9:ec:4c:78:45:08:19:7f:0a:
08:5c:cc:ad:74:4b:c0:cc:38:25:03:36:f0:35:46:8f:85:c3:
84:75:fd:ff:f5:2b:8b:09:16:d5:d7:c9:a9:29:99:4a:6c:fb:
80:22:b5:10:2e:d2:4d:2f:a0:fb:f8:1f:dc:8f:38:ea:16:a0:
bc:c4:4b:89
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgICeLIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNTA3MTkw
NDQyMDZaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKEY3NTM0NkQ0MDEzODk2
MTBDOURDOTVBMEI0NDZFMjc0REQzNkUwMjgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDHZrpVVUT/WcntB5LbRTFl3RpRuh3MXucsiw/yOxGte7nCQgMv
NW7bJZbhxPRhqKc+jx7Re7qUyYC/B2K4o1PuUG4NnckhAz53U5SUu7pVPchLSyPv
+YPrPKs3CibWRwhOrQFg33Sfk7I4GeasfLDTc+bwlLFnh08FYSVnDrFz+ijpxqaL
PZEubUkABO7t9haZNrQeb1wqOicux0ejwzwkJFBuDbpdViAHTVPan3ocADZ8emi2
H4zxnF6Wli5JmNJ45360Z7kEl5kOOAcbe+ikXEWgQmLlo9Zajum8vxTouVY+p1Mq
333VqITKywiaMjQiHCc43YBlQxYjr7PdhtmRAgMBAAGjggI0MIICMDAdBgNVHQ4E
FgQU91NG1AE4lhDJ3JWgtEbidN024CgwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzkxTkcxQUU0bGhESjNK
V2d0RWJpZE4wMjRDZy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwYgYIKwYBBQUHAQcBAf8EUzBRME8EAgABMEkD
BAIr7zADBAMr9gAwDAMEAiv2DAMEBCv2IDAMAwQCK/Y0AwQCK/ZgAwQCZyMwMAsD
AwJn7AMEA2fsEDAMAwQCZ+wcAwQCZ+xgMA0GCSqGSIb3DQEBCwUAA4IBAQC457H1
61672gxC7g1MwXa5if4C1D/tHGUHCDVRiAPf9bBx/2pm73B4SmWS3ol34zHak0CM
ZyzmlttHN9Z9fsYFcOThF3rVY3Y1ovmZWid0SfrN7247GY78kN1RnQKecHVrqDJX
sXZw3G13Un+zeZwVxfNetGCV6P/lbdZZrLv8SVQq9KOT2t0jyq9C5EyVGUtvbvSJ
G7smzYUi5Y9pThBQJr5XmT4hikIbg+7QbyUqbIS8qQZAulgfOJwJflTZ7Ex4RQgZ
fwoIXMytdEvAzDglAzbwNUaPhcOEdf3/9SuLCRbV18mpKZlKbPuAIrUQLtJNL6D7
+B/cjzjqFqC8xEuJ
-----END CERTIFICATE-----
Generated at Sun Jul 20 12:42:01 2025 by rpki-client