Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/ACs-Vid-mJJID6m3KFx3fgUHMRI.roa
File: ACs-Vid-mJJID6m3KFx3fgUHMRI.roa (raw, json)
Hash identifier: RQxW5iNTbhIhYpq2MYyluU83j9zQfTf3EkV6uK4eEpM=
Subject key identifier: 00:2B:3E:56:27:7E:98:92:48:0F:A9:B7:28:5C:77:7E:05:07:31:12
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 700C
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/ACs-Vid-mJJID6m3KFx3fgUHMRI.roa
Signing time: Thu 26 Jun 2025 02:46:26 +0000
ROA not before: Thu 26 Jun 2025 02:46:26 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 24426
IP address blocks: 43.239.48.0/22 maxlen: 22
43.246.0.0/22 maxlen: 22
43.246.4.0/22 maxlen: 22
43.246.12.0/22 maxlen: 22
43.246.16.0/22 maxlen: 22
43.246.20.0/22 maxlen: 22
43.246.24.0/22 maxlen: 22
43.246.28.0/22 maxlen: 22
43.246.32.0/22 maxlen: 22
43.246.36.0/22 maxlen: 22
43.246.40.0/22 maxlen: 22
43.246.44.0/22 maxlen: 22
43.246.52.0/22 maxlen: 22
43.246.56.0/22 maxlen: 22
43.246.60.0/22 maxlen: 22
43.246.64.0/22 maxlen: 22
43.246.68.0/22 maxlen: 22
43.246.72.0/22 maxlen: 22
43.246.76.0/22 maxlen: 22
43.246.80.0/22 maxlen: 22
43.246.84.0/22 maxlen: 22
43.246.88.0/22 maxlen: 22
43.246.92.0/22 maxlen: 22
43.246.96.0/22 maxlen: 22
103.35.48.0/22 maxlen: 22
103.236.0.0/22 maxlen: 22
103.236.4.0/22 maxlen: 22
103.236.8.0/22 maxlen: 22
103.236.12.0/22 maxlen: 22
103.236.16.0/22 maxlen: 22
103.236.20.0/22 maxlen: 22
103.236.28.0/22 maxlen: 22
103.236.32.0/22 maxlen: 22
103.236.36.0/22 maxlen: 22
103.236.40.0/22 maxlen: 22
103.236.44.0/22 maxlen: 22
103.236.48.0/22 maxlen: 22
103.236.52.0/22 maxlen: 22
103.236.56.0/22 maxlen: 22
103.236.60.0/22 maxlen: 22
103.236.64.0/22 maxlen: 22
103.236.68.0/22 maxlen: 22
103.236.72.0/22 maxlen: 22
103.236.76.0/22 maxlen: 22
103.236.80.0/22 maxlen: 22
103.236.84.0/22 maxlen: 22
103.236.88.0/22 maxlen: 22
103.236.92.0/22 maxlen: 22
103.236.96.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 28684 (0x700c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Jun 26 02:46:26 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=002B3E56277E9892480FA9B7285C777E05073112
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:91:f8:65:dd:71:24:f3:28:49:8e:84:8a:8b:
fa:a9:d7:4f:d0:af:35:93:d4:be:c7:62:b9:2d:1a:
0a:b8:f3:69:60:29:27:00:81:3f:40:c5:68:58:4a:
e4:72:87:5d:21:d1:36:c3:0a:b0:4f:e9:ea:a6:e0:
7c:67:0f:6c:9c:ae:41:b0:31:7a:81:63:ca:c3:5b:
77:53:10:40:8d:d2:5c:ff:29:37:d8:c9:52:2d:5c:
3e:6c:fc:60:16:84:e7:b3:84:fe:12:26:05:53:dd:
6a:9b:de:5e:30:2b:52:9d:48:7f:33:8e:a1:94:0f:
7d:b9:da:9c:ca:84:d2:55:13:e2:67:ec:3e:59:41:
cd:0a:a7:fc:81:49:c3:d1:09:82:18:b2:69:94:69:
d2:06:69:e0:88:a3:89:71:52:c4:56:46:cb:06:63:
c2:2b:a2:a3:fc:70:17:28:b9:d8:1d:76:b1:96:40:
75:de:da:00:ec:0f:61:1d:39:2b:79:0f:87:4f:06:
73:8a:33:48:6a:8b:1a:8b:e7:82:8c:ee:eb:e5:74:
64:4a:5d:b7:0c:b4:b0:02:9d:e9:9a:b8:c0:2e:20:
5c:d3:5d:bc:0c:aa:49:1e:6a:5b:df:eb:f8:f0:c0:
25:33:4b:97:04:f2:ba:e5:21:f9:77:03:6c:42:ec:
b0:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:2B:3E:56:27:7E:98:92:48:0F:A9:B7:28:5C:77:7E:05:07:31:12
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/ACs-Vid-mJJID6m3KFx3fgUHMRI.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.48.0/22
43.246.0.0/21
43.246.12.0-43.246.47.255
43.246.52.0-43.246.99.255
103.35.48.0/22
103.236.0.0-103.236.23.255
103.236.28.0-103.236.99.255
Signature Algorithm: sha256WithRSAEncryption
a2:6c:3d:0e:95:4c:30:47:d8:31:9b:c2:6a:c7:f0:08:27:04:
24:ff:ca:dc:88:84:0c:2b:cf:9e:16:cf:50:c5:3e:cb:1f:ee:
b4:a6:bc:a1:05:f0:04:98:f5:82:d9:11:dd:4a:27:5c:f1:08:
49:4c:5e:87:91:da:86:14:a9:9e:7f:f0:a3:64:90:0b:15:ab:
73:f9:f4:da:88:f4:d6:09:27:94:39:10:a1:dd:70:2b:fd:7b:
b5:21:03:15:92:ea:10:ef:55:cd:b2:24:1a:7a:fc:2e:a7:75:
4f:80:a6:15:97:e2:47:ed:44:0e:a6:07:0f:14:23:fb:a0:45:
2e:8b:dd:d5:28:96:3f:ab:68:eb:ca:f3:9e:d6:68:d5:6a:46:
4a:54:b5:4d:f8:1a:5c:71:d3:19:7a:df:5b:ac:2e:22:a3:d7:
31:c7:cb:8b:96:b4:8e:04:e4:40:9d:04:ee:c3:14:30:dd:a5:
34:5e:64:17:e9:d5:4f:b9:c9:09:3f:04:23:47:57:ff:21:42:
50:48:b9:be:67:c2:06:fd:f6:bc:5d:7f:0a:31:ef:aa:34:26:
7f:11:c2:1e:42:8e:b6:1b:24:c9:07:ee:5b:fa:b5:de:85:88:
95:ab:93:c9:6c:54:9f:20:93:61:c0:9f:0f:20:71:6e:21:89:
a7:cd:c7:44
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgICcAwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNTA2MjYw
MjQ2MjZaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDAwMkIzRTU2Mjc3RTk4
OTI0ODBGQTlCNzI4NUM3NzdFMDUwNzMxMTIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDDkfhl3XEk8yhJjoSKi/qp10/QrzWT1L7HYrktGgq482lgKScA
gT9AxWhYSuRyh10h0TbDCrBP6eqm4HxnD2ycrkGwMXqBY8rDW3dTEECN0lz/KTfY
yVItXD5s/GAWhOezhP4SJgVT3Wqb3l4wK1KdSH8zjqGUD3252pzKhNJVE+Jn7D5Z
Qc0Kp/yBScPRCYIYsmmUadIGaeCIo4lxUsRWRssGY8IroqP8cBcoudgddrGWQHXe
2gDsD2EdOSt5D4dPBnOKM0hqixqL54KM7uvldGRKXbcMtLACnemauMAuIFzTXbwM
qkkealvf6/jwwCUzS5cE8rrlIfl3A2xC7LCJAgMBAAGjggI0MIICMDAdBgNVHQ4E
FgQUACs+Vid+mJJID6m3KFx3fgUHMRIwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0FDcy1WaWQtbUpKSUQ2
bTNLRngzZmdVSE1SSS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwYgYIKwYBBQUHAQcBAf8EUzBRME8EAgABMEkD
BAIr7zADBAMr9gAwDAMEAiv2DAMEBCv2IDAMAwQCK/Y0AwQCK/ZgAwQCZyMwMAsD
AwJn7AMEA2fsEDAMAwQCZ+wcAwQCZ+xgMA0GCSqGSIb3DQEBCwUAA4IBAQCibD0O
lUwwR9gxm8Jqx/AIJwQk/8rciIQMK8+eFs9QxT7LH+60pryhBfAEmPWC2RHdSidc
8QhJTF6HkdqGFKmef/CjZJALFatz+fTaiPTWCSeUORCh3XAr/Xu1IQMVkuoQ71XN
siQaevwup3VPgKYVl+JH7UQOpgcPFCP7oEUui93VKJY/q2jryvOe1mjVakZKVLVN
+BpccdMZet9brC4io9cxx8uLlrSOBORAnQTuwxQw3aU0XmQX6dVPuckJPwQjR1f/
IUJQSLm+Z8IG/fa8XX8KMe+qNCZ/EcIeQo62GyTJB+5b+rXehYiVq5PJbFSfIJNh
wJ8PIHFuIYmnzcdE
-----END CERTIFICATE-----
Generated at Sun Jul 20 19:09:33 2025 by rpki-client