Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/AZu-9UcxaV9stAyBVSiyusY8zm0.roa
File: AZu-9UcxaV9stAyBVSiyusY8zm0.roa (raw, json)
Hash identifier: Ubuxu3Kkq4iDPajVWhSbasQ1yhjuESeQDWSRwmAaXrw=
Subject key identifier: 01:9B:BE:F5:47:31:69:5F:6C:B4:0C:81:55:28:B2:BA:C6:3C:CE:6D
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 7044
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/AZu-9UcxaV9stAyBVSiyusY8zm0.roa
Signing time: Thu 26 Jun 2025 16:44:47 +0000
ROA not before: Thu 26 Jun 2025 16:44:47 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 24426
IP address blocks: 43.239.48.0/22 maxlen: 22
43.246.0.0/22 maxlen: 22
43.246.4.0/22 maxlen: 22
43.246.12.0/22 maxlen: 22
43.246.16.0/22 maxlen: 22
43.246.20.0/22 maxlen: 22
43.246.24.0/22 maxlen: 22
43.246.28.0/22 maxlen: 22
43.246.32.0/22 maxlen: 22
43.246.36.0/22 maxlen: 22
43.246.40.0/22 maxlen: 22
43.246.44.0/22 maxlen: 22
43.246.52.0/22 maxlen: 22
43.246.56.0/22 maxlen: 22
43.246.60.0/22 maxlen: 22
43.246.64.0/22 maxlen: 22
43.246.68.0/22 maxlen: 22
43.246.72.0/22 maxlen: 22
43.246.76.0/22 maxlen: 22
43.246.80.0/22 maxlen: 22
43.246.84.0/22 maxlen: 22
43.246.88.0/22 maxlen: 22
43.246.92.0/22 maxlen: 22
43.246.96.0/22 maxlen: 22
103.35.48.0/22 maxlen: 22
103.236.0.0/22 maxlen: 22
103.236.4.0/22 maxlen: 22
103.236.8.0/22 maxlen: 22
103.236.12.0/22 maxlen: 22
103.236.16.0/22 maxlen: 22
103.236.20.0/22 maxlen: 22
103.236.28.0/22 maxlen: 22
103.236.32.0/22 maxlen: 22
103.236.36.0/22 maxlen: 22
103.236.40.0/22 maxlen: 22
103.236.44.0/22 maxlen: 22
103.236.48.0/22 maxlen: 22
103.236.52.0/22 maxlen: 22
103.236.56.0/22 maxlen: 22
103.236.60.0/22 maxlen: 22
103.236.64.0/22 maxlen: 22
103.236.68.0/22 maxlen: 22
103.236.72.0/22 maxlen: 22
103.236.76.0/22 maxlen: 22
103.236.80.0/22 maxlen: 22
103.236.84.0/22 maxlen: 22
103.236.88.0/22 maxlen: 22
103.236.92.0/22 maxlen: 22
103.236.96.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 28740 (0x7044)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Jun 26 16:44:47 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=019BBEF54731695F6CB40C815528B2BAC63CCE6D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:9b:0c:6b:58:9f:d1:39:c9:c2:7c:fa:48:40:
3f:5b:bc:a2:79:75:3b:59:84:52:80:fe:81:c5:0e:
7d:98:04:e7:9c:29:90:1f:14:45:1f:46:7f:bb:36:
34:91:77:f6:74:f8:32:e4:1c:66:08:82:43:98:fd:
e2:45:e7:b6:bc:59:ba:b7:ca:ee:b3:4f:9d:72:07:
5d:f6:97:e5:3d:18:d9:7d:70:3b:81:e5:90:b3:f7:
f1:57:28:95:bc:75:c5:1c:17:8a:c1:26:48:d1:d6:
bf:12:f1:1d:c5:ff:72:54:84:2e:73:e1:02:e0:08:
e9:f9:5f:bd:4f:d6:62:86:66:59:3c:b4:3d:41:c7:
89:c7:ee:cc:02:07:63:39:9e:88:9d:84:0d:2c:19:
49:3a:2d:e7:e7:21:ae:d5:24:c6:03:3a:7a:d7:1b:
7d:91:78:f7:1d:5c:df:e7:26:f4:6b:fe:c7:5c:3e:
22:c8:a2:a7:0c:d0:04:bc:05:c4:14:5c:24:58:01:
4f:5e:17:55:a8:4e:d8:9d:0c:ad:e6:c1:ff:25:82:
50:36:9f:72:18:ab:02:2c:9c:2d:3c:ae:80:01:73:
c5:08:61:17:0f:04:77:49:a3:f0:1a:fc:c1:c0:d5:
7c:6a:27:7d:0c:66:cc:46:78:36:b9:6e:8d:3f:33:
80:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:9B:BE:F5:47:31:69:5F:6C:B4:0C:81:55:28:B2:BA:C6:3C:CE:6D
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/AZu-9UcxaV9stAyBVSiyusY8zm0.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.48.0/22
43.246.0.0/21
43.246.12.0-43.246.47.255
43.246.52.0-43.246.99.255
103.35.48.0/22
103.236.0.0-103.236.23.255
103.236.28.0-103.236.99.255
Signature Algorithm: sha256WithRSAEncryption
55:29:9b:ee:d5:4d:48:02:c9:d7:94:70:c0:c2:13:4a:e4:01:
b3:ee:64:a5:5d:9a:b1:71:67:7d:71:af:f7:d1:5c:6e:72:b0:
8d:6e:eb:23:b4:22:ef:67:1f:8c:25:a2:35:08:b5:35:50:ee:
80:bd:6a:dd:3d:f3:65:a8:47:5b:f2:43:28:72:2d:ee:84:c0:
92:c6:1c:90:27:6c:5b:68:e6:6f:89:5d:28:6b:07:f7:bc:a3:
62:c6:ad:ad:da:02:f7:92:9a:11:67:c8:c8:5f:71:35:df:b1:
24:1a:13:b1:13:6d:2c:4f:0e:80:64:b4:5b:5a:d8:64:80:90:
57:f2:a6:21:dd:11:2d:9f:8e:ee:7d:99:49:58:bd:34:27:de:
48:d7:df:78:d0:a2:8e:bf:e9:e2:20:5a:cf:37:83:dc:cb:99:
a2:21:12:2c:66:89:f4:e6:3d:72:f0:01:28:f6:da:66:b4:00:
38:a1:78:94:df:47:b9:df:c2:f5:18:8b:96:47:27:06:1e:f1:
41:50:31:32:2a:c5:14:cd:71:69:34:72:97:88:68:2b:34:2c:
0f:ee:5a:53:60:29:92:89:d2:0f:e9:b5:28:f8:6b:e3:ac:09:
e7:90:b5:e3:d6:5f:2c:22:7a:68:ce:24:eb:bd:05:0f:23:3d:
94:2e:50:a4
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgICcEQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNTA2MjYx
NjQ0NDdaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDAxOUJCRUY1NDczMTY5
NUY2Q0I0MEM4MTU1MjhCMkJBQzYzQ0NFNkQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDOmwxrWJ/ROcnCfPpIQD9bvKJ5dTtZhFKA/oHFDn2YBOecKZAf
FEUfRn+7NjSRd/Z0+DLkHGYIgkOY/eJF57a8Wbq3yu6zT51yB132l+U9GNl9cDuB
5ZCz9/FXKJW8dcUcF4rBJkjR1r8S8R3F/3JUhC5z4QLgCOn5X71P1mKGZlk8tD1B
x4nH7swCB2M5noidhA0sGUk6LefnIa7VJMYDOnrXG32RePcdXN/nJvRr/sdcPiLI
oqcM0AS8BcQUXCRYAU9eF1WoTtidDK3mwf8lglA2n3IYqwIsnC08roABc8UIYRcP
BHdJo/Aa/MHA1XxqJ30MZsxGeDa5bo0/M4DjAgMBAAGjggI0MIICMDAdBgNVHQ4E
FgQUAZu+9UcxaV9stAyBVSiyusY8zm0wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0FadS05VWN4YVY5c3RB
eUJWU2l5dXNZOHptMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwYgYIKwYBBQUHAQcBAf8EUzBRME8EAgABMEkD
BAIr7zADBAMr9gAwDAMEAiv2DAMEBCv2IDAMAwQCK/Y0AwQCK/ZgAwQCZyMwMAsD
AwJn7AMEA2fsEDAMAwQCZ+wcAwQCZ+xgMA0GCSqGSIb3DQEBCwUAA4IBAQBVKZvu
1U1IAsnXlHDAwhNK5AGz7mSlXZqxcWd9ca/30VxucrCNbusjtCLvZx+MJaI1CLU1
UO6AvWrdPfNlqEdb8kMoci3uhMCSxhyQJ2xbaOZviV0oawf3vKNixq2t2gL3kpoR
Z8jIX3E137EkGhOxE20sTw6AZLRbWthkgJBX8qYh3REtn47ufZlJWL00J95I1994
0KKOv+niIFrPN4Pcy5miIRIsZon05j1y8AEo9tpmtAA4oXiU30e538L1GIuWRycG
HvFBUDEyKsUUzXFpNHKXiGgrNCwP7lpTYCmSidIP6bUo+GvjrAnnkLXj1l8sInpo
ziTrvQUPIz2ULlCk
-----END CERTIFICATE-----
Generated at Sun Jul 20 12:49:48 2025 by rpki-client