Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/99r8g9mAoIEKajIqeN-FWIZHAjw.roa
File: 99r8g9mAoIEKajIqeN-FWIZHAjw.roa (raw, json)
Hash identifier: 514TvuXzPzMtTP/TEsXyR/+MMhvhP6mNrsDzKGaizGY=
Subject key identifier: F7:DA:FC:83:D9:80:A0:81:0A:6A:32:2A:78:DF:85:58:86:47:02:3C
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 78FE
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/99r8g9mAoIEKajIqeN-FWIZHAjw.roa
Signing time: Sat 19 Jul 2025 23:42:10 +0000
ROA not before: Sat 19 Jul 2025 23:42:10 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 24426
IP address blocks: 43.239.48.0/22 maxlen: 22
43.246.0.0/22 maxlen: 22
43.246.4.0/22 maxlen: 22
43.246.12.0/22 maxlen: 22
43.246.16.0/22 maxlen: 22
43.246.20.0/22 maxlen: 22
43.246.24.0/22 maxlen: 22
43.246.28.0/22 maxlen: 22
43.246.32.0/22 maxlen: 22
43.246.36.0/22 maxlen: 22
43.246.40.0/22 maxlen: 22
43.246.44.0/22 maxlen: 22
43.246.52.0/22 maxlen: 22
43.246.56.0/22 maxlen: 22
43.246.60.0/22 maxlen: 22
43.246.64.0/22 maxlen: 22
43.246.68.0/22 maxlen: 22
43.246.72.0/22 maxlen: 22
43.246.76.0/22 maxlen: 22
43.246.80.0/22 maxlen: 22
43.246.84.0/22 maxlen: 22
43.246.88.0/22 maxlen: 22
43.246.92.0/22 maxlen: 22
43.246.96.0/22 maxlen: 22
103.35.48.0/22 maxlen: 22
103.236.0.0/22 maxlen: 22
103.236.4.0/22 maxlen: 22
103.236.8.0/22 maxlen: 22
103.236.12.0/22 maxlen: 22
103.236.16.0/22 maxlen: 22
103.236.20.0/22 maxlen: 22
103.236.28.0/22 maxlen: 22
103.236.32.0/22 maxlen: 22
103.236.36.0/22 maxlen: 22
103.236.40.0/22 maxlen: 22
103.236.44.0/22 maxlen: 22
103.236.48.0/22 maxlen: 22
103.236.52.0/22 maxlen: 22
103.236.56.0/22 maxlen: 22
103.236.60.0/22 maxlen: 22
103.236.64.0/22 maxlen: 22
103.236.68.0/22 maxlen: 22
103.236.72.0/22 maxlen: 22
103.236.76.0/22 maxlen: 22
103.236.80.0/22 maxlen: 22
103.236.84.0/22 maxlen: 22
103.236.88.0/22 maxlen: 22
103.236.92.0/22 maxlen: 22
103.236.96.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 30974 (0x78fe)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Jul 19 23:42:10 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=F7DAFC83D980A0810A6A322A78DF85588647023C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:c8:3d:6a:4a:9d:0d:d1:05:d6:f3:0b:bc:33:
d0:f1:13:0f:2f:a9:3c:26:2a:81:ee:c7:93:d2:0b:
e8:04:1a:66:ec:36:08:c0:a7:58:59:d5:fb:e4:04:
d3:57:e9:25:8d:a0:e2:c4:2d:34:93:97:4e:3b:17:
c9:42:dc:1f:d5:5f:3b:2f:0e:a0:51:63:20:37:8d:
5d:26:f1:94:77:d4:89:ed:ea:2b:d8:c4:7a:7f:45:
e2:ed:c9:02:c0:3f:5f:93:84:03:45:3a:83:de:92:
23:3a:ac:9e:eb:48:be:bf:4a:66:98:82:88:74:e3:
dd:ca:5f:04:14:18:65:1c:02:73:76:54:6e:db:c1:
06:d7:5a:c9:24:06:9e:8d:5b:47:8d:a5:43:64:5c:
d9:36:30:27:4c:e3:35:6c:eb:0b:19:e4:85:69:ac:
33:ec:43:71:61:c2:9b:16:49:59:2e:d1:b9:cb:6c:
a9:36:1b:40:dd:f4:bb:36:c7:61:c3:c6:85:14:b1:
be:5f:6b:89:d4:22:df:af:2a:b7:a2:88:e8:20:8a:
c4:bb:12:31:b5:9a:69:13:b6:94:95:fc:83:d6:2f:
88:a0:62:d6:17:1a:c8:ff:4a:4d:83:06:96:5e:72:
fc:41:f8:6d:3f:20:13:3e:13:e8:1a:af:dc:bb:df:
5a:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:DA:FC:83:D9:80:A0:81:0A:6A:32:2A:78:DF:85:58:86:47:02:3C
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/99r8g9mAoIEKajIqeN-FWIZHAjw.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.48.0/22
43.246.0.0/21
43.246.12.0-43.246.47.255
43.246.52.0-43.246.99.255
103.35.48.0/22
103.236.0.0-103.236.23.255
103.236.28.0-103.236.99.255
Signature Algorithm: sha256WithRSAEncryption
06:79:a4:81:f6:10:b2:b2:81:ae:e4:fb:b0:e7:fb:69:a9:f2:
a8:91:43:82:ac:a7:1c:0e:b5:10:35:6b:65:45:bc:e3:7f:72:
63:f4:18:f6:1c:db:39:7a:e8:c7:1a:8e:86:c7:16:00:3b:67:
67:c6:e1:58:cc:d7:40:61:b3:55:28:f8:18:56:b4:0c:86:7d:
d4:de:4e:4a:ee:af:df:4b:b2:1b:eb:d6:fb:c9:50:1a:55:ff:
87:f3:46:92:8c:73:20:87:35:27:1e:ca:f6:2e:9d:7c:79:4c:
bd:45:a7:25:0e:7c:37:f9:84:62:54:97:0c:f1:3e:f7:e8:36:
0f:fa:b2:0f:41:46:18:be:07:4c:d7:32:fc:2f:46:a1:8f:7f:
89:e2:38:92:73:8b:7d:5c:0c:96:c6:3d:0a:82:3d:6b:a7:81:
89:3b:1a:86:ca:33:8f:64:6e:4a:77:90:54:69:16:46:eb:82:
2a:ae:e6:3c:bb:cd:68:b8:cd:9e:f5:74:82:2a:73:ad:ef:5d:
1b:7c:1d:a5:2d:19:0f:40:7a:62:1a:48:9a:e7:29:06:9c:83:
ca:1a:c8:83:16:7d:51:01:05:fa:c5:03:aa:ff:68:59:cb:4c:
b0:8a:07:a2:39:e7:85:de:fc:d3:6f:1a:26:b8:28:6c:93:cb:
0c:6f:39:8e
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgICeP4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNTA3MTky
MzQyMTBaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKEY3REFGQzgzRDk4MEEw
ODEwQTZBMzIyQTc4REY4NTU4ODY0NzAyM0MwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC5yD1qSp0N0QXW8wu8M9DxEw8vqTwmKoHux5PSC+gEGmbsNgjA
p1hZ1fvkBNNX6SWNoOLELTSTl047F8lC3B/VXzsvDqBRYyA3jV0m8ZR31Int6ivY
xHp/ReLtyQLAP1+ThANFOoPekiM6rJ7rSL6/SmaYgoh0493KXwQUGGUcAnN2VG7b
wQbXWskkBp6NW0eNpUNkXNk2MCdM4zVs6wsZ5IVprDPsQ3FhwpsWSVku0bnLbKk2
G0Dd9Ls2x2HDxoUUsb5fa4nUIt+vKreiiOggisS7EjG1mmkTtpSV/IPWL4igYtYX
Gsj/Sk2DBpZecvxB+G0/IBM+E+gar9y731qhAgMBAAGjggI0MIICMDAdBgNVHQ4E
FgQU99r8g9mAoIEKajIqeN+FWIZHAjwwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3Lzk5cjhnOW1Bb0lFS2Fq
SXFlTi1GV0laSEFqdy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwYgYIKwYBBQUHAQcBAf8EUzBRME8EAgABMEkD
BAIr7zADBAMr9gAwDAMEAiv2DAMEBCv2IDAMAwQCK/Y0AwQCK/ZgAwQCZyMwMAsD
AwJn7AMEA2fsEDAMAwQCZ+wcAwQCZ+xgMA0GCSqGSIb3DQEBCwUAA4IBAQAGeaSB
9hCysoGu5Puw5/tpqfKokUOCrKccDrUQNWtlRbzjf3Jj9Bj2HNs5eujHGo6GxxYA
O2dnxuFYzNdAYbNVKPgYVrQMhn3U3k5K7q/fS7Ib69b7yVAaVf+H80aSjHMghzUn
Hsr2Lp18eUy9RaclDnw3+YRiVJcM8T736DYP+rIPQUYYvgdM1zL8L0ahj3+J4jiS
c4t9XAyWxj0Kgj1rp4GJOxqGyjOPZG5Kd5BUaRZG64IqruY8u81ouM2e9XSCKnOt
710bfB2lLRkPQHpiGkia5ykGnIPKGsiDFn1RAQX6xQOq/2hZy0ywigeiOeeF3vzT
bxomuChsk8sMbzmO
-----END CERTIFICATE-----
Generated at Sun Jul 20 12:52:35 2025 by rpki-client