Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/GcXuomW-HG05QFIXg_VHiUCetnA.roa
File: GcXuomW-HG05QFIXg_VHiUCetnA.roa (raw, json)
Hash identifier: CWnBgoEHeU22anmARXJUiSnFrCOA3MJOeNkrdEiTZRE=
Subject key identifier: 19:C5:EE:A2:65:BE:1C:6D:39:40:52:17:83:F5:47:89:40:9E:B6:70
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 725E
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/GcXuomW-HG05QFIXg_VHiUCetnA.roa
Signing time: Wed 02 Jul 2025 07:14:53 +0000
ROA not before: Wed 02 Jul 2025 07:14:53 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 24426
IP address blocks: 43.239.48.0/22 maxlen: 22
43.246.0.0/22 maxlen: 22
43.246.4.0/22 maxlen: 22
43.246.12.0/22 maxlen: 22
43.246.16.0/22 maxlen: 22
43.246.20.0/22 maxlen: 22
43.246.24.0/22 maxlen: 22
43.246.28.0/22 maxlen: 22
43.246.32.0/22 maxlen: 22
43.246.36.0/22 maxlen: 22
43.246.40.0/22 maxlen: 22
43.246.44.0/22 maxlen: 22
43.246.52.0/22 maxlen: 22
43.246.56.0/22 maxlen: 22
43.246.60.0/22 maxlen: 22
43.246.64.0/22 maxlen: 22
43.246.68.0/22 maxlen: 22
43.246.72.0/22 maxlen: 22
43.246.76.0/22 maxlen: 22
43.246.80.0/22 maxlen: 22
43.246.84.0/22 maxlen: 22
43.246.88.0/22 maxlen: 22
43.246.92.0/22 maxlen: 22
43.246.96.0/22 maxlen: 22
103.35.48.0/22 maxlen: 22
103.236.0.0/22 maxlen: 22
103.236.4.0/22 maxlen: 22
103.236.8.0/22 maxlen: 22
103.236.12.0/22 maxlen: 22
103.236.16.0/22 maxlen: 22
103.236.20.0/22 maxlen: 22
103.236.28.0/22 maxlen: 22
103.236.32.0/22 maxlen: 22
103.236.36.0/22 maxlen: 22
103.236.40.0/22 maxlen: 22
103.236.44.0/22 maxlen: 22
103.236.48.0/22 maxlen: 22
103.236.52.0/22 maxlen: 22
103.236.56.0/22 maxlen: 22
103.236.60.0/22 maxlen: 22
103.236.64.0/22 maxlen: 22
103.236.68.0/22 maxlen: 22
103.236.72.0/22 maxlen: 22
103.236.76.0/22 maxlen: 22
103.236.80.0/22 maxlen: 22
103.236.84.0/22 maxlen: 22
103.236.88.0/22 maxlen: 22
103.236.92.0/22 maxlen: 22
103.236.96.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 29278 (0x725e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Jul 2 07:14:53 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=19C5EEA265BE1C6D3940521783F54789409EB670
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:ee:e7:ef:35:68:d0:8c:79:f1:2a:bc:da:05:
95:01:29:85:1a:bf:50:38:df:b7:8e:76:9b:86:42:
f8:84:4e:3e:1f:70:ff:cb:44:8f:41:88:06:3e:23:
fc:98:d8:01:23:85:bb:45:99:ab:81:aa:26:9c:84:
07:3e:b4:bc:b8:ca:3b:96:67:77:96:69:7f:b7:99:
c4:98:a3:d4:59:ff:73:4f:69:7e:06:3e:2a:55:d4:
e7:ff:1e:24:06:eb:ab:8e:6e:6e:a9:1c:55:49:56:
65:dc:67:d9:32:9c:8e:af:d8:61:4d:97:35:3f:2a:
4d:ea:62:b6:24:f0:e4:5f:32:cb:d1:27:f3:da:fd:
76:66:26:5d:ef:a6:d0:8f:3d:b1:f3:3a:a5:63:74:
ab:eb:e7:6e:23:66:5b:0c:72:db:8d:bc:28:87:7a:
0b:8d:3d:2d:e1:85:a0:48:24:70:d2:2f:ba:14:e0:
bb:f9:92:52:71:71:21:d1:a8:4a:a2:47:6b:4b:b3:
cb:62:79:b2:02:f3:6f:d4:c4:cc:2c:5e:e8:20:3c:
67:66:b7:e2:cf:0d:1f:6e:be:fe:73:f0:4f:27:7d:
b1:80:45:fd:b3:4f:7b:02:28:ea:69:b6:a0:77:a3:
49:6f:94:52:71:60:99:36:33:86:ef:48:e8:8d:fc:
39:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:C5:EE:A2:65:BE:1C:6D:39:40:52:17:83:F5:47:89:40:9E:B6:70
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/GcXuomW-HG05QFIXg_VHiUCetnA.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.48.0/22
43.246.0.0/21
43.246.12.0-43.246.47.255
43.246.52.0-43.246.99.255
103.35.48.0/22
103.236.0.0-103.236.23.255
103.236.28.0-103.236.99.255
Signature Algorithm: sha256WithRSAEncryption
25:d6:ec:dc:ec:2f:11:e2:bf:6d:b5:26:98:3c:7e:76:34:bf:
ee:ab:bd:ed:aa:76:e1:ef:26:77:c1:a7:0a:44:00:98:cc:8f:
c1:3a:85:69:56:82:61:7b:ef:a7:84:26:cd:fe:bf:78:0b:ad:
a8:e4:99:9c:7e:32:3c:65:78:28:c3:8c:8d:74:3b:29:5f:27:
d8:b6:25:03:95:4e:62:8a:9e:72:7b:dc:a6:8a:09:69:1c:5f:
fb:ac:ed:05:e6:49:d9:cf:53:ba:4a:02:6c:6c:97:d3:49:66:
33:f3:86:4f:3c:cf:48:3d:f0:25:55:41:2d:86:cb:f6:53:69:
43:87:a2:e1:f1:f8:b9:d6:7f:44:67:cd:0d:90:b6:38:72:2f:
a7:af:45:16:f8:a8:e5:da:f2:15:de:8e:45:26:75:e5:92:e6:
ee:e5:df:49:14:f4:3b:9b:48:c0:2c:2d:21:d9:2d:4e:4c:c8:
13:70:12:df:6b:f6:53:1e:99:57:60:92:43:9b:3f:34:65:72:
aa:fc:f6:17:12:d2:3d:85:ca:35:6d:22:87:5f:b4:ce:1f:ea:
db:f4:76:a3:b8:93:f8:41:8b:76:dc:38:6d:a8:7f:31:ee:d2:
a5:94:3c:74:57:1e:14:cb:12:e5:14:63:44:6c:0e:92:ed:0b:
e6:c2:2f:06
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgICcl4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNTA3MDIw
NzE0NTNaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDE5QzVFRUEyNjVCRTFD
NkQzOTQwNTIxNzgzRjU0Nzg5NDA5RUI2NzAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCc7ufvNWjQjHnxKrzaBZUBKYUav1A437eOdpuGQviETj4fcP/L
RI9BiAY+I/yY2AEjhbtFmauBqiachAc+tLy4yjuWZ3eWaX+3mcSYo9RZ/3NPaX4G
PipV1Of/HiQG66uObm6pHFVJVmXcZ9kynI6v2GFNlzU/Kk3qYrYk8ORfMsvRJ/Pa
/XZmJl3vptCPPbHzOqVjdKvr524jZlsMctuNvCiHeguNPS3hhaBIJHDSL7oU4Lv5
klJxcSHRqEqiR2tLs8tiebIC82/UxMwsXuggPGdmt+LPDR9uvv5z8E8nfbGARf2z
T3sCKOpptqB3o0lvlFJxYJk2M4bvSOiN/DlFAgMBAAGjggI0MIICMDAdBgNVHQ4E
FgQUGcXuomW+HG05QFIXg/VHiUCetnAwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0djWHVvbVctSEcwNVFG
SVhnX1ZIaVVDZXRuQS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwYgYIKwYBBQUHAQcBAf8EUzBRME8EAgABMEkD
BAIr7zADBAMr9gAwDAMEAiv2DAMEBCv2IDAMAwQCK/Y0AwQCK/ZgAwQCZyMwMAsD
AwJn7AMEA2fsEDAMAwQCZ+wcAwQCZ+xgMA0GCSqGSIb3DQEBCwUAA4IBAQAl1uzc
7C8R4r9ttSaYPH52NL/uq73tqnbh7yZ3wacKRACYzI/BOoVpVoJhe++nhCbN/r94
C62o5JmcfjI8ZXgow4yNdDspXyfYtiUDlU5iip5ye9ymiglpHF/7rO0F5knZz1O6
SgJsbJfTSWYz84ZPPM9IPfAlVUEthsv2U2lDh6Lh8fi51n9EZ80NkLY4ci+nr0UW
+Kjl2vIV3o5FJnXlkubu5d9JFPQ7m0jALC0h2S1OTMgTcBLfa/ZTHplXYJJDmz80
ZXKq/PYXEtI9hco1bSKHX7TOH+rb9HajuJP4QYt23DhtqH8x7tKllDx0Vx4UyxLl
FGNEbA6S7Qvmwi8G
-----END CERTIFICATE-----
Generated at Sun Jul 20 12:57:59 2025 by rpki-client