Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/Jt_mEsJIP-E3N-y0mSd3Yhu8NyQ.roa
File: Jt_mEsJIP-E3N-y0mSd3Yhu8NyQ.roa (raw, json)
Hash identifier: W3UfUoFMrlDGeNxqCsn//R9CRDUlYC4hDzxeF2vg0Is=
Subject key identifier: 26:DF:E6:12:C2:48:3F:E1:37:37:EC:B4:99:27:77:62:1B:BC:37:24
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 7528
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/Jt_mEsJIP-E3N-y0mSd3Yhu8NyQ.roa
Signing time: Wed 09 Jul 2025 17:45:27 +0000
ROA not before: Wed 09 Jul 2025 17:45:27 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 24426
IP address blocks: 43.239.48.0/22 maxlen: 22
43.246.0.0/22 maxlen: 22
43.246.4.0/22 maxlen: 22
43.246.12.0/22 maxlen: 22
43.246.16.0/22 maxlen: 22
43.246.20.0/22 maxlen: 22
43.246.24.0/22 maxlen: 22
43.246.28.0/22 maxlen: 22
43.246.32.0/22 maxlen: 22
43.246.36.0/22 maxlen: 22
43.246.40.0/22 maxlen: 22
43.246.44.0/22 maxlen: 22
43.246.52.0/22 maxlen: 22
43.246.56.0/22 maxlen: 22
43.246.60.0/22 maxlen: 22
43.246.64.0/22 maxlen: 22
43.246.68.0/22 maxlen: 22
43.246.72.0/22 maxlen: 22
43.246.76.0/22 maxlen: 22
43.246.80.0/22 maxlen: 22
43.246.84.0/22 maxlen: 22
43.246.88.0/22 maxlen: 22
43.246.92.0/22 maxlen: 22
43.246.96.0/22 maxlen: 22
103.35.48.0/22 maxlen: 22
103.236.0.0/22 maxlen: 22
103.236.4.0/22 maxlen: 22
103.236.8.0/22 maxlen: 22
103.236.12.0/22 maxlen: 22
103.236.16.0/22 maxlen: 22
103.236.20.0/22 maxlen: 22
103.236.28.0/22 maxlen: 22
103.236.32.0/22 maxlen: 22
103.236.36.0/22 maxlen: 22
103.236.40.0/22 maxlen: 22
103.236.44.0/22 maxlen: 22
103.236.48.0/22 maxlen: 22
103.236.52.0/22 maxlen: 22
103.236.56.0/22 maxlen: 22
103.236.60.0/22 maxlen: 22
103.236.64.0/22 maxlen: 22
103.236.68.0/22 maxlen: 22
103.236.72.0/22 maxlen: 22
103.236.76.0/22 maxlen: 22
103.236.80.0/22 maxlen: 22
103.236.84.0/22 maxlen: 22
103.236.88.0/22 maxlen: 22
103.236.92.0/22 maxlen: 22
103.236.96.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 29992 (0x7528)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Jul 9 17:45:27 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=26DFE612C2483FE13737ECB4992777621BBC3724
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:a9:35:64:f8:b0:ab:df:76:5c:48:1d:ca:66:
18:56:52:3c:63:69:68:ff:4c:42:31:05:ae:5d:d6:
29:e7:9a:8a:c9:c7:4c:60:50:00:11:31:ce:35:d2:
81:b7:d0:f0:bc:c8:72:d5:b7:0f:13:c2:a3:6f:dc:
32:9d:b8:4b:a9:b0:7a:18:dd:9f:f9:24:e5:26:9e:
9c:0b:c4:df:55:0f:de:42:33:9b:0e:0a:30:03:92:
46:37:f3:43:d9:c1:27:ef:b6:9c:81:1d:48:8c:59:
2e:91:29:74:0c:2e:df:de:d1:f8:fb:cc:b0:68:02:
c8:5e:3d:72:ee:e4:78:ff:8f:1d:94:36:56:f7:bb:
4d:64:4f:c8:03:fc:2c:7b:1c:94:12:79:67:16:da:
9d:91:0b:da:64:95:0d:27:5b:7f:49:bd:e6:0b:2c:
1f:56:dc:c2:e5:c2:34:4f:2e:a5:57:d9:ed:5f:f3:
e3:09:b3:69:76:b1:52:97:ec:5b:f4:b3:f8:e8:d7:
d2:c1:66:1f:04:89:4b:5b:6f:14:05:5f:0a:f1:af:
02:de:0e:09:18:d5:d1:09:b7:7d:59:96:12:2f:58:
65:9e:41:4e:60:e4:8c:6b:e6:44:f6:b7:16:e7:98:
1b:07:c5:70:ce:66:ce:fe:a0:3a:a8:81:6c:1f:28:
24:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:DF:E6:12:C2:48:3F:E1:37:37:EC:B4:99:27:77:62:1B:BC:37:24
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/Jt_mEsJIP-E3N-y0mSd3Yhu8NyQ.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.48.0/22
43.246.0.0/21
43.246.12.0-43.246.47.255
43.246.52.0-43.246.99.255
103.35.48.0/22
103.236.0.0-103.236.23.255
103.236.28.0-103.236.99.255
Signature Algorithm: sha256WithRSAEncryption
af:0c:72:a6:c9:89:b8:46:15:4f:0d:e6:d0:b9:f6:2a:a2:2f:
df:31:0e:d1:eb:0d:8f:ca:27:cb:ce:1a:34:1b:8c:ed:b4:3e:
f4:1c:02:e8:81:d7:82:3a:d1:e9:bc:56:2c:7b:32:e0:3c:8d:
14:98:f0:eb:d5:b8:7a:db:34:b5:95:6e:f2:28:c7:99:84:c7:
b1:b1:b7:8b:cc:8e:a6:80:ce:44:31:ea:6b:e5:d3:c7:fc:54:
08:84:6c:16:d3:d5:58:93:c9:d3:ab:b9:10:7b:4f:b4:a7:4c:
51:15:b7:d7:f8:cb:20:72:50:3e:95:7a:3f:1e:06:cc:aa:7e:
ab:f5:79:fe:94:23:d1:46:c6:6b:83:2d:80:0b:8c:be:b7:3d:
99:0c:b4:10:fd:b8:2d:2e:2e:3f:7f:6c:4c:e6:15:01:e2:c7:
41:25:0f:1c:bd:cd:8b:81:64:63:9c:f9:fb:05:10:ed:31:04:
4c:ea:0b:55:f3:ec:5c:e0:d0:ad:58:1a:e7:39:8d:39:52:5b:
83:61:d0:f8:60:67:1f:55:50:74:12:b5:c9:22:50:c4:33:64:
7a:41:5f:32:1c:fc:a8:a9:19:76:e5:6a:8c:61:6e:a5:08:57:
0b:d2:c0:0c:4c:1e:5d:23:89:73:2b:9d:b8:25:8f:6b:60:f8:
98:6f:a0:37
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgICdSgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNTA3MDkx
NzQ1MjdaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDI2REZFNjEyQzI0ODNG
RTEzNzM3RUNCNDk5Mjc3NzYyMUJCQzM3MjQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDIqTVk+LCr33ZcSB3KZhhWUjxjaWj/TEIxBa5d1innmorJx0xg
UAARMc410oG30PC8yHLVtw8TwqNv3DKduEupsHoY3Z/5JOUmnpwLxN9VD95CM5sO
CjADkkY380PZwSfvtpyBHUiMWS6RKXQMLt/e0fj7zLBoAshePXLu5Hj/jx2UNlb3
u01kT8gD/Cx7HJQSeWcW2p2RC9pklQ0nW39JveYLLB9W3MLlwjRPLqVX2e1f8+MJ
s2l2sVKX7Fv0s/jo19LBZh8EiUtbbxQFXwrxrwLeDgkY1dEJt31ZlhIvWGWeQU5g
5Ixr5kT2txbnmBsHxXDOZs7+oDqogWwfKCRxAgMBAAGjggI0MIICMDAdBgNVHQ4E
FgQUJt/mEsJIP+E3N+y0mSd3Yhu8NyQwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0p0X21Fc0pJUC1FM04t
eTBtU2QzWWh1OE55US5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwYgYIKwYBBQUHAQcBAf8EUzBRME8EAgABMEkD
BAIr7zADBAMr9gAwDAMEAiv2DAMEBCv2IDAMAwQCK/Y0AwQCK/ZgAwQCZyMwMAsD
AwJn7AMEA2fsEDAMAwQCZ+wcAwQCZ+xgMA0GCSqGSIb3DQEBCwUAA4IBAQCvDHKm
yYm4RhVPDebQufYqoi/fMQ7R6w2PyifLzho0G4zttD70HALogdeCOtHpvFYsezLg
PI0UmPDr1bh62zS1lW7yKMeZhMexsbeLzI6mgM5EMepr5dPH/FQIhGwW09VYk8nT
q7kQe0+0p0xRFbfX+MsgclA+lXo/HgbMqn6r9Xn+lCPRRsZrgy2AC4y+tz2ZDLQQ
/bgtLi4/f2xM5hUB4sdBJQ8cvc2LgWRjnPn7BRDtMQRM6gtV8+xc4NCtWBrnOY05
UluDYdD4YGcfVVB0ErXJIlDEM2R6QV8yHPyoqRl25WqMYW6lCFcL0sAMTB5dI4lz
K524JY9rYPiYb6A3
-----END CERTIFICATE-----
Generated at Sun Jul 20 12:49:48 2025 by rpki-client