Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/F6GIiNh3Awy9EXMJaPxdZpdGUCU.roa
File: F6GIiNh3Awy9EXMJaPxdZpdGUCU.roa (raw, json)
Hash identifier: VPeOW+kc+Cs2ZRwH0IBgukoK32hJuvYYzNXBCgQVpz8=
Subject key identifier: 17:A1:88:88:D8:77:03:0C:BD:11:73:09:68:FC:5D:66:97:46:50:25
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 6514
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/F6GIiNh3Awy9EXMJaPxdZpdGUCU.roa
Signing time: Tue 27 May 2025 15:11:18 +0000
ROA not before: Tue 27 May 2025 15:11:18 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 24426
IP address blocks: 43.239.48.0/22 maxlen: 22
43.246.0.0/22 maxlen: 22
43.246.4.0/22 maxlen: 22
43.246.12.0/22 maxlen: 22
43.246.16.0/22 maxlen: 22
43.246.20.0/22 maxlen: 22
43.246.24.0/22 maxlen: 22
43.246.28.0/22 maxlen: 22
43.246.32.0/22 maxlen: 22
43.246.36.0/22 maxlen: 22
43.246.40.0/22 maxlen: 22
43.246.44.0/22 maxlen: 22
43.246.52.0/22 maxlen: 22
43.246.56.0/22 maxlen: 22
43.246.60.0/22 maxlen: 22
43.246.64.0/22 maxlen: 22
43.246.68.0/22 maxlen: 22
43.246.72.0/22 maxlen: 22
43.246.76.0/22 maxlen: 22
43.246.80.0/22 maxlen: 22
43.246.84.0/22 maxlen: 22
43.246.88.0/22 maxlen: 22
43.246.92.0/22 maxlen: 22
43.246.96.0/22 maxlen: 22
103.35.48.0/22 maxlen: 22
103.236.0.0/22 maxlen: 22
103.236.4.0/22 maxlen: 22
103.236.8.0/22 maxlen: 22
103.236.12.0/22 maxlen: 22
103.236.16.0/22 maxlen: 22
103.236.20.0/22 maxlen: 22
103.236.28.0/22 maxlen: 22
103.236.32.0/22 maxlen: 22
103.236.36.0/22 maxlen: 22
103.236.40.0/22 maxlen: 22
103.236.44.0/22 maxlen: 22
103.236.48.0/22 maxlen: 22
103.236.52.0/22 maxlen: 22
103.236.56.0/22 maxlen: 22
103.236.60.0/22 maxlen: 22
103.236.64.0/22 maxlen: 22
103.236.68.0/22 maxlen: 22
103.236.72.0/22 maxlen: 22
103.236.76.0/22 maxlen: 22
103.236.80.0/22 maxlen: 22
103.236.84.0/22 maxlen: 22
103.236.88.0/22 maxlen: 22
103.236.92.0/22 maxlen: 22
103.236.96.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 25876 (0x6514)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 27 15:11:18 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=17A18888D877030CBD11730968FC5D6697465025
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:f3:2d:11:d0:bd:c4:71:8e:99:63:5b:3c:ef:
61:18:b8:16:c1:a0:8a:61:9c:89:ab:f6:c9:3c:c0:
96:ac:c4:fa:5a:67:7f:65:cc:af:d7:a6:90:1a:81:
e2:d9:82:19:51:69:ae:c3:a0:48:f9:d2:86:18:4d:
aa:9c:6d:9a:4b:60:c2:e0:83:6d:bd:bc:80:87:e0:
86:57:68:05:a1:87:3f:f8:85:8b:bf:91:9f:16:9d:
78:07:d9:c2:20:1a:cc:f3:40:40:90:1c:90:f9:01:
f2:a2:f6:25:8a:98:09:98:09:88:bd:21:11:8a:2c:
a5:d4:3b:90:f4:d7:e3:9c:69:85:1b:91:1f:aa:31:
30:3f:cf:9f:46:da:e5:95:b1:54:d3:7e:03:8f:01:
c6:3b:41:97:fc:72:d7:52:45:23:53:c0:0f:9d:99:
f8:68:ff:7c:c4:82:8d:44:59:e2:09:98:ff:89:2f:
bc:73:84:e1:07:91:1d:28:36:11:56:e7:a6:51:13:
24:6e:09:a0:45:10:71:10:09:b7:36:98:6c:e1:33:
a2:ac:a0:5e:e6:a7:a3:b5:ea:78:8c:0c:7d:b8:f5:
b3:2a:a6:33:91:60:98:69:42:ce:b3:a4:85:65:70:
4e:bc:c8:e8:73:a5:32:27:7f:54:a9:e6:d8:05:a4:
38:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:A1:88:88:D8:77:03:0C:BD:11:73:09:68:FC:5D:66:97:46:50:25
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/F6GIiNh3Awy9EXMJaPxdZpdGUCU.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.48.0/22
43.246.0.0/21
43.246.12.0-43.246.47.255
43.246.52.0-43.246.99.255
103.35.48.0/22
103.236.0.0-103.236.23.255
103.236.28.0-103.236.99.255
Signature Algorithm: sha256WithRSAEncryption
9b:88:5d:38:63:cb:06:11:3f:8d:f9:cc:40:ef:03:68:fc:23:
02:1e:3e:b4:a2:00:02:6d:21:8e:0b:40:e9:2a:f5:85:85:7c:
93:23:35:86:c7:52:ff:44:0d:1b:80:ea:ab:af:8b:86:26:22:
08:93:63:0e:db:8f:25:ab:e8:95:7f:74:8b:1e:8a:5e:89:9b:
0e:27:83:02:c4:43:aa:06:f6:bd:3f:61:4c:75:5e:2f:63:db:
ad:74:4c:0f:52:6a:70:2b:45:9b:85:93:08:14:97:15:87:ed:
29:fd:43:05:ac:af:75:1c:db:31:33:92:17:69:1c:da:d2:95:
52:4f:4a:ab:07:e8:d0:ee:f2:a1:37:9f:d2:87:f2:04:db:08:
05:cc:2f:78:85:68:84:9c:85:c1:93:da:70:b1:60:e4:75:dc:
9e:3c:81:b0:6c:d3:b9:5d:74:a8:40:1e:de:5f:5b:d6:9f:c8:
e5:65:77:7c:5d:51:dd:fb:6c:01:32:d8:4c:17:96:e7:ce:bd:
28:01:25:aa:f7:bd:65:09:52:74:33:94:9d:14:e4:28:9c:8d:
82:a0:5a:ed:64:cc:be:a0:bc:72:10:b1:4f:78:03:64:fe:bb:
4b:c3:0b:52:91:70:a0:e1:07:e9:06:07:16:22:06:5d:82:64:
c5:1b:64:73
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgICZRQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNTA1Mjcx
NTExMThaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDE3QTE4ODg4RDg3NzAz
MENCRDExNzMwOTY4RkM1RDY2OTc0NjUwMjUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC08y0R0L3EcY6ZY1s872EYuBbBoIphnImr9sk8wJasxPpaZ39l
zK/XppAageLZghlRaa7DoEj50oYYTaqcbZpLYMLgg229vICH4IZXaAWhhz/4hYu/
kZ8WnXgH2cIgGszzQECQHJD5AfKi9iWKmAmYCYi9IRGKLKXUO5D01+OcaYUbkR+q
MTA/z59G2uWVsVTTfgOPAcY7QZf8ctdSRSNTwA+dmfho/3zEgo1EWeIJmP+JL7xz
hOEHkR0oNhFW56ZREyRuCaBFEHEQCbc2mGzhM6KsoF7mp6O16niMDH249bMqpjOR
YJhpQs6zpIVlcE68yOhzpTInf1Sp5tgFpDjRAgMBAAGjggI0MIICMDAdBgNVHQ4E
FgQUF6GIiNh3Awy9EXMJaPxdZpdGUCUwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0Y2R0lpTmgzQXd5OUVY
TUphUHhkWnBkR1VDVS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwYgYIKwYBBQUHAQcBAf8EUzBRME8EAgABMEkD
BAIr7zADBAMr9gAwDAMEAiv2DAMEBCv2IDAMAwQCK/Y0AwQCK/ZgAwQCZyMwMAsD
AwJn7AMEA2fsEDAMAwQCZ+wcAwQCZ+xgMA0GCSqGSIb3DQEBCwUAA4IBAQCbiF04
Y8sGET+N+cxA7wNo/CMCHj60ogACbSGOC0DpKvWFhXyTIzWGx1L/RA0bgOqrr4uG
JiIIk2MO248lq+iVf3SLHopeiZsOJ4MCxEOqBva9P2FMdV4vY9utdEwPUmpwK0Wb
hZMIFJcVh+0p/UMFrK91HNsxM5IXaRza0pVST0qrB+jQ7vKhN5/Sh/IE2wgFzC94
hWiEnIXBk9pwsWDkddyePIGwbNO5XXSoQB7eX1vWn8jlZXd8XVHd+2wBMthMF5bn
zr0oASWq971lCVJ0M5SdFOQonI2CoFrtZMy+oLxyELFPeANk/rtLwwtSkXCg4Qfp
BgcWIgZdgmTFG2Rz
-----END CERTIFICATE-----
Generated at Wed Jun 4 01:25:33 2025 by rpki-client