Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/Jp8IsoGFHMwj04s17-lqpp1PcRw.roa
File: Jp8IsoGFHMwj04s17-lqpp1PcRw.roa (raw, json)
Hash identifier: XfmsJPDTsN8Ldkspfi3LXgFgIY2AL6TkQwzyL2PxqTo=
Subject key identifier: 26:9F:08:B2:81:85:1C:CC:23:D3:8B:35:EF:E9:6A:A6:9D:4F:71:1C
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 6C4A
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/Jp8IsoGFHMwj04s17-lqpp1PcRw.roa
Signing time: Sun 15 Jun 2025 20:42:24 +0000
ROA not before: Sun 15 Jun 2025 20:42:24 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 24426
IP address blocks: 43.239.48.0/22 maxlen: 22
43.246.0.0/22 maxlen: 22
43.246.4.0/22 maxlen: 22
43.246.12.0/22 maxlen: 22
43.246.16.0/22 maxlen: 22
43.246.20.0/22 maxlen: 22
43.246.24.0/22 maxlen: 22
43.246.28.0/22 maxlen: 22
43.246.32.0/22 maxlen: 22
43.246.36.0/22 maxlen: 22
43.246.40.0/22 maxlen: 22
43.246.44.0/22 maxlen: 22
43.246.52.0/22 maxlen: 22
43.246.56.0/22 maxlen: 22
43.246.60.0/22 maxlen: 22
43.246.64.0/22 maxlen: 22
43.246.68.0/22 maxlen: 22
43.246.72.0/22 maxlen: 22
43.246.76.0/22 maxlen: 22
43.246.80.0/22 maxlen: 22
43.246.84.0/22 maxlen: 22
43.246.88.0/22 maxlen: 22
43.246.92.0/22 maxlen: 22
43.246.96.0/22 maxlen: 22
103.35.48.0/22 maxlen: 22
103.236.0.0/22 maxlen: 22
103.236.4.0/22 maxlen: 22
103.236.8.0/22 maxlen: 22
103.236.12.0/22 maxlen: 22
103.236.16.0/22 maxlen: 22
103.236.20.0/22 maxlen: 22
103.236.28.0/22 maxlen: 22
103.236.32.0/22 maxlen: 22
103.236.36.0/22 maxlen: 22
103.236.40.0/22 maxlen: 22
103.236.44.0/22 maxlen: 22
103.236.48.0/22 maxlen: 22
103.236.52.0/22 maxlen: 22
103.236.56.0/22 maxlen: 22
103.236.60.0/22 maxlen: 22
103.236.64.0/22 maxlen: 22
103.236.68.0/22 maxlen: 22
103.236.72.0/22 maxlen: 22
103.236.76.0/22 maxlen: 22
103.236.80.0/22 maxlen: 22
103.236.84.0/22 maxlen: 22
103.236.88.0/22 maxlen: 22
103.236.92.0/22 maxlen: 22
103.236.96.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 27722 (0x6c4a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Jun 15 20:42:24 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=269F08B281851CCC23D38B35EFE96AA69D4F711C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:a3:92:62:53:98:51:2f:5c:cc:fe:2d:38:e4:
c8:1a:bd:62:33:4c:e1:f5:62:7d:e7:f4:4e:06:40:
91:aa:2d:67:31:68:54:8e:f2:34:80:af:5a:8a:2b:
95:c4:dd:af:22:ad:3d:a6:47:24:5e:95:6a:29:f6:
1b:2d:15:34:e4:92:e6:27:b8:16:07:bc:9d:c1:92:
be:51:6b:dd:c6:4c:54:48:d3:bc:64:b9:7d:be:de:
9a:cb:b0:20:a5:b2:33:c2:9e:b4:09:ce:b8:be:21:
82:7e:9d:d5:6e:df:8d:2d:64:fc:28:0e:67:71:b7:
77:68:b6:b0:a7:bd:f4:48:e1:6b:f8:dc:60:5a:b3:
b5:e9:62:bf:bc:90:b0:08:00:99:87:4e:9e:46:d6:
bc:7b:35:28:6c:ac:27:57:55:dc:43:3a:98:a4:c6:
04:42:cd:64:ab:03:8f:71:56:b7:60:fe:57:6d:6e:
5d:a3:8e:41:55:01:99:f4:ce:ab:de:ad:12:e0:aa:
d5:d5:6e:e1:01:bf:0f:a2:3e:29:fa:c4:7c:d6:85:
40:2b:80:36:4c:f8:83:b8:9d:a6:d5:2a:e9:86:ad:
06:c8:07:a2:dc:39:23:32:62:47:96:d7:7c:74:79:
6a:aa:52:e5:67:4d:b2:8b:52:30:46:eb:06:11:72:
02:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:9F:08:B2:81:85:1C:CC:23:D3:8B:35:EF:E9:6A:A6:9D:4F:71:1C
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/Jp8IsoGFHMwj04s17-lqpp1PcRw.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.48.0/22
43.246.0.0/21
43.246.12.0-43.246.47.255
43.246.52.0-43.246.99.255
103.35.48.0/22
103.236.0.0-103.236.23.255
103.236.28.0-103.236.99.255
Signature Algorithm: sha256WithRSAEncryption
3e:84:20:73:35:31:2b:b5:72:ba:e0:6e:6d:a7:63:71:22:30:
dc:09:79:df:e5:99:cc:74:bd:b0:17:25:f4:7a:79:f5:b2:df:
99:a3:8e:e8:73:50:3e:66:c3:cd:7a:15:d0:af:db:c2:14:a1:
1a:ed:4f:14:7c:1a:d3:d4:70:d9:ae:b1:e8:1c:c1:f7:3b:a4:
3f:d2:3c:e7:45:3c:02:af:b3:00:ce:61:e7:22:61:a7:c1:22:
0b:e7:fa:1e:10:f4:44:b6:93:bb:ae:5f:3d:96:ba:fb:9e:7f:
42:8a:58:d2:b2:3d:d2:9b:47:7f:95:5c:5b:01:bb:90:83:e1:
6b:fc:29:c9:5a:b0:e8:0a:36:bd:5c:5a:66:be:42:b5:b9:a3:
9d:11:18:f2:62:af:ff:f0:91:20:6c:e7:2f:ad:04:23:72:67:
c7:ac:81:73:5d:5d:7b:e9:1b:35:e3:7a:a8:fa:7f:98:6d:08:
91:98:46:83:33:53:53:81:41:68:f0:79:8b:ba:ec:48:62:2e:
8b:8a:c2:d3:ab:76:13:1d:7b:34:e7:b0:44:79:df:b6:81:6b:
96:20:3e:ad:13:03:64:27:a4:39:85:cf:a0:52:6d:7e:df:58:
0a:de:49:6c:e0:a1:0d:b4:91:c8:7e:17:b4:c5:ba:74:03:f4:
02:6a:97:27
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgICbEowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNTA2MTUy
MDQyMjRaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDI2OUYwOEIyODE4NTFD
Q0MyM0QzOEIzNUVGRTk2QUE2OUQ0RjcxMUMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDeo5JiU5hRL1zM/i045MgavWIzTOH1Yn3n9E4GQJGqLWcxaFSO
8jSAr1qKK5XE3a8irT2mRyRelWop9hstFTTkkuYnuBYHvJ3Bkr5Ra93GTFRI07xk
uX2+3prLsCClsjPCnrQJzri+IYJ+ndVu340tZPwoDmdxt3dotrCnvfRI4Wv43GBa
s7XpYr+8kLAIAJmHTp5G1rx7NShsrCdXVdxDOpikxgRCzWSrA49xVrdg/ldtbl2j
jkFVAZn0zqverRLgqtXVbuEBvw+iPin6xHzWhUArgDZM+IO4nabVKumGrQbIB6Lc
OSMyYkeW13x0eWqqUuVnTbKLUjBG6wYRcgJdAgMBAAGjggI0MIICMDAdBgNVHQ4E
FgQUJp8IsoGFHMwj04s17+lqpp1PcRwwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0pwOElzb0dGSE13ajA0
czE3LWxxcHAxUGNSdy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwYgYIKwYBBQUHAQcBAf8EUzBRME8EAgABMEkD
BAIr7zADBAMr9gAwDAMEAiv2DAMEBCv2IDAMAwQCK/Y0AwQCK/ZgAwQCZyMwMAsD
AwJn7AMEA2fsEDAMAwQCZ+wcAwQCZ+xgMA0GCSqGSIb3DQEBCwUAA4IBAQA+hCBz
NTErtXK64G5tp2NxIjDcCXnf5ZnMdL2wFyX0enn1st+Zo47oc1A+ZsPNehXQr9vC
FKEa7U8UfBrT1HDZrrHoHMH3O6Q/0jznRTwCr7MAzmHnImGnwSIL5/oeEPREtpO7
rl89lrr7nn9CiljSsj3Sm0d/lVxbAbuQg+Fr/CnJWrDoCja9XFpmvkK1uaOdERjy
Yq//8JEgbOcvrQQjcmfHrIFzXV176Rs143qo+n+YbQiRmEaDM1NTgUFo8HmLuuxI
Yi6LisLTq3YTHXs057BEed+2gWuWID6tEwNkJ6Q5hc+gUm1+31gK3kls4KENtJHI
fhe0xbp0A/QCapcn
-----END CERTIFICATE-----
Generated at Sun Jul 20 12:45:51 2025 by rpki-client