Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/J2yWZHwv77WR_-85yuPM-PPsxjA.roa
File: J2yWZHwv77WR_-85yuPM-PPsxjA.roa (raw, json)
Hash identifier: 4sjwxmi/G/C6U8jvNg9WI8Vvf46cdrsIdUKSpLqWZ4c=
Subject key identifier: 27:6C:96:64:7C:2F:EF:B5:91:FF:EF:39:CA:E3:CC:F8:F3:EC:C6:30
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 6FF8
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/J2yWZHwv77WR_-85yuPM-PPsxjA.roa
Signing time: Wed 25 Jun 2025 21:44:31 +0000
ROA not before: Wed 25 Jun 2025 21:44:31 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 24426
IP address blocks: 43.239.48.0/22 maxlen: 22
43.246.0.0/22 maxlen: 22
43.246.4.0/22 maxlen: 22
43.246.12.0/22 maxlen: 22
43.246.16.0/22 maxlen: 22
43.246.20.0/22 maxlen: 22
43.246.24.0/22 maxlen: 22
43.246.28.0/22 maxlen: 22
43.246.32.0/22 maxlen: 22
43.246.36.0/22 maxlen: 22
43.246.40.0/22 maxlen: 22
43.246.44.0/22 maxlen: 22
43.246.52.0/22 maxlen: 22
43.246.56.0/22 maxlen: 22
43.246.60.0/22 maxlen: 22
43.246.64.0/22 maxlen: 22
43.246.68.0/22 maxlen: 22
43.246.72.0/22 maxlen: 22
43.246.76.0/22 maxlen: 22
43.246.80.0/22 maxlen: 22
43.246.84.0/22 maxlen: 22
43.246.88.0/22 maxlen: 22
43.246.92.0/22 maxlen: 22
43.246.96.0/22 maxlen: 22
103.35.48.0/22 maxlen: 22
103.236.0.0/22 maxlen: 22
103.236.4.0/22 maxlen: 22
103.236.8.0/22 maxlen: 22
103.236.12.0/22 maxlen: 22
103.236.16.0/22 maxlen: 22
103.236.20.0/22 maxlen: 22
103.236.28.0/22 maxlen: 22
103.236.32.0/22 maxlen: 22
103.236.36.0/22 maxlen: 22
103.236.40.0/22 maxlen: 22
103.236.44.0/22 maxlen: 22
103.236.48.0/22 maxlen: 22
103.236.52.0/22 maxlen: 22
103.236.56.0/22 maxlen: 22
103.236.60.0/22 maxlen: 22
103.236.64.0/22 maxlen: 22
103.236.68.0/22 maxlen: 22
103.236.72.0/22 maxlen: 22
103.236.76.0/22 maxlen: 22
103.236.80.0/22 maxlen: 22
103.236.84.0/22 maxlen: 22
103.236.88.0/22 maxlen: 22
103.236.92.0/22 maxlen: 22
103.236.96.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 28664 (0x6ff8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Jun 25 21:44:31 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=276C96647C2FEFB591FFEF39CAE3CCF8F3ECC630
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:48:38:e4:af:8b:df:25:e0:95:b3:24:bc:eb:
10:4b:df:76:97:31:c9:87:f7:7a:24:fe:5e:cb:ca:
e8:99:ed:07:98:57:f3:e9:2e:30:1f:ec:79:13:91:
98:d2:c4:f9:63:2d:0c:f4:7d:d2:84:a9:c0:d8:be:
4c:e6:74:90:6f:0a:8e:e3:92:05:b8:88:f8:be:9e:
4b:14:10:b3:53:da:7b:d9:87:5c:12:74:f3:7b:5c:
68:56:a7:cc:3c:f2:ce:39:f2:80:13:ed:cd:c1:5a:
d6:9d:d9:39:91:e4:b2:33:fa:4c:20:83:fd:26:26:
84:f7:4c:86:aa:81:97:dd:db:a4:71:2a:ca:94:64:
6a:f2:22:17:74:46:32:4b:6b:85:0d:c3:75:e7:9d:
17:ea:72:86:5f:23:e7:f4:f0:46:47:86:0c:21:b2:
79:35:d4:e5:22:ce:12:8a:b6:3f:5c:24:c5:3e:39:
6c:56:09:8b:2d:13:7c:68:9d:6b:11:80:0d:54:a1:
00:4f:b1:b9:a4:30:70:de:94:c7:b0:7a:c6:98:24:
02:47:a9:d9:20:05:99:30:f9:1b:fb:32:29:6d:6a:
1f:d8:94:5d:81:ce:66:d0:b6:c9:47:21:66:14:86:
42:16:bb:f8:67:44:66:76:83:54:82:d1:ef:88:48:
14:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:6C:96:64:7C:2F:EF:B5:91:FF:EF:39:CA:E3:CC:F8:F3:EC:C6:30
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/J2yWZHwv77WR_-85yuPM-PPsxjA.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.48.0/22
43.246.0.0/21
43.246.12.0-43.246.47.255
43.246.52.0-43.246.99.255
103.35.48.0/22
103.236.0.0-103.236.23.255
103.236.28.0-103.236.99.255
Signature Algorithm: sha256WithRSAEncryption
8e:63:82:e7:2d:38:df:41:d9:57:90:d9:54:3b:fe:30:34:23:
98:5b:ab:38:10:11:ff:a0:1f:ce:07:f7:dd:5f:94:5a:1a:72:
ce:8e:f3:29:91:d7:bc:c6:5f:11:9a:66:24:ca:06:3c:58:8f:
ed:6f:d7:dc:e2:2b:f9:07:cf:e3:11:a2:7f:ec:7c:7a:82:04:
eb:ad:9d:39:d4:13:07:18:bc:83:15:80:77:14:21:a9:01:da:
8e:a7:b1:13:a8:16:8b:99:91:2c:ea:d4:47:36:d5:3f:37:f4:
a7:18:d4:3c:d9:77:e9:8b:5f:d6:67:c8:23:83:67:6f:83:12:
67:b4:f8:26:e6:cf:81:ed:af:2d:08:d5:7f:3b:19:a0:f4:71:
c5:7a:41:0c:95:30:ab:37:ba:68:d3:56:fc:98:ee:db:62:b4:
f6:4e:29:01:22:a9:18:a0:31:c8:a9:6f:14:06:4a:f7:93:dc:
5e:7b:ef:23:44:b9:54:1d:f6:67:ec:56:ab:c3:0e:5b:00:28:
7d:96:cb:c3:49:24:ef:bc:7c:74:d4:a1:68:f3:ad:36:63:ae:
cf:7c:c6:57:c9:2a:02:30:37:2c:38:ff:0c:02:bc:f6:91:1f:
76:73:c8:c6:fe:21:2f:4c:0f:c5:9c:66:cd:5d:7f:e9:36:3b:
ba:e1:4b:e5
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgICb/gwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNTA2MjUy
MTQ0MzFaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDI3NkM5NjY0N0MyRkVG
QjU5MUZGRUYzOUNBRTNDQ0Y4RjNFQ0M2MzAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDWSDjkr4vfJeCVsyS86xBL33aXMcmH93ok/l7LyuiZ7QeYV/Pp
LjAf7HkTkZjSxPljLQz0fdKEqcDYvkzmdJBvCo7jkgW4iPi+nksUELNT2nvZh1wS
dPN7XGhWp8w88s458oAT7c3BWtad2TmR5LIz+kwgg/0mJoT3TIaqgZfd26RxKsqU
ZGryIhd0RjJLa4UNw3XnnRfqcoZfI+f08EZHhgwhsnk11OUizhKKtj9cJMU+OWxW
CYstE3xonWsRgA1UoQBPsbmkMHDelMewesaYJAJHqdkgBZkw+Rv7Miltah/YlF2B
zmbQtslHIWYUhkIWu/hnRGZ2g1SC0e+ISBRnAgMBAAGjggI0MIICMDAdBgNVHQ4E
FgQUJ2yWZHwv77WR/+85yuPM+PPsxjAwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0oyeVdaSHd2NzdXUl8t
ODV5dVBNLVBQc3hqQS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwYgYIKwYBBQUHAQcBAf8EUzBRME8EAgABMEkD
BAIr7zADBAMr9gAwDAMEAiv2DAMEBCv2IDAMAwQCK/Y0AwQCK/ZgAwQCZyMwMAsD
AwJn7AMEA2fsEDAMAwQCZ+wcAwQCZ+xgMA0GCSqGSIb3DQEBCwUAA4IBAQCOY4Ln
LTjfQdlXkNlUO/4wNCOYW6s4EBH/oB/OB/fdX5RaGnLOjvMpkde8xl8RmmYkygY8
WI/tb9fc4iv5B8/jEaJ/7Hx6ggTrrZ051BMHGLyDFYB3FCGpAdqOp7ETqBaLmZEs
6tRHNtU/N/SnGNQ82Xfpi1/WZ8gjg2dvgxJntPgm5s+B7a8tCNV/Oxmg9HHFekEM
lTCrN7po01b8mO7bYrT2TikBIqkYoDHIqW8UBkr3k9xee+8jRLlUHfZn7Farww5b
ACh9lsvDSSTvvHx01KFo8602Y67PfMZXySoCMDcsOP8MArz2kR92c8jG/iEvTA/F
nGbNXX/pNju64Uvl
-----END CERTIFICATE-----
Generated at Sun Jul 20 12:51:28 2025 by rpki-client