Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/LBiZHAlXhl9N2CTGJoyjS4OLuww.roa
File: LBiZHAlXhl9N2CTGJoyjS4OLuww.roa (raw, json)
Hash identifier: 4HRqPK07CiAmjUlbiSx/i2ux+BrgzlOVP2TPIueT57A=
Subject key identifier: 2C:18:99:1C:09:57:86:5F:4D:D8:24:C6:26:8C:A3:4B:83:8B:BB:0C
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 6DC0
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/LBiZHAlXhl9N2CTGJoyjS4OLuww.roa
Signing time: Fri 20 Jun 2025 04:42:23 +0000
ROA not before: Fri 20 Jun 2025 04:42:23 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 24426
IP address blocks: 43.239.48.0/22 maxlen: 22
43.246.0.0/22 maxlen: 22
43.246.4.0/22 maxlen: 22
43.246.12.0/22 maxlen: 22
43.246.16.0/22 maxlen: 22
43.246.20.0/22 maxlen: 22
43.246.24.0/22 maxlen: 22
43.246.28.0/22 maxlen: 22
43.246.32.0/22 maxlen: 22
43.246.36.0/22 maxlen: 22
43.246.40.0/22 maxlen: 22
43.246.44.0/22 maxlen: 22
43.246.52.0/22 maxlen: 22
43.246.56.0/22 maxlen: 22
43.246.60.0/22 maxlen: 22
43.246.64.0/22 maxlen: 22
43.246.68.0/22 maxlen: 22
43.246.72.0/22 maxlen: 22
43.246.76.0/22 maxlen: 22
43.246.80.0/22 maxlen: 22
43.246.84.0/22 maxlen: 22
43.246.88.0/22 maxlen: 22
43.246.92.0/22 maxlen: 22
43.246.96.0/22 maxlen: 22
103.35.48.0/22 maxlen: 22
103.236.0.0/22 maxlen: 22
103.236.4.0/22 maxlen: 22
103.236.8.0/22 maxlen: 22
103.236.12.0/22 maxlen: 22
103.236.16.0/22 maxlen: 22
103.236.20.0/22 maxlen: 22
103.236.28.0/22 maxlen: 22
103.236.32.0/22 maxlen: 22
103.236.36.0/22 maxlen: 22
103.236.40.0/22 maxlen: 22
103.236.44.0/22 maxlen: 22
103.236.48.0/22 maxlen: 22
103.236.52.0/22 maxlen: 22
103.236.56.0/22 maxlen: 22
103.236.60.0/22 maxlen: 22
103.236.64.0/22 maxlen: 22
103.236.68.0/22 maxlen: 22
103.236.72.0/22 maxlen: 22
103.236.76.0/22 maxlen: 22
103.236.80.0/22 maxlen: 22
103.236.84.0/22 maxlen: 22
103.236.88.0/22 maxlen: 22
103.236.92.0/22 maxlen: 22
103.236.96.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 28096 (0x6dc0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Jun 20 04:42:23 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=2C18991C0957865F4DD824C6268CA34B838BBB0C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:ed:ed:80:70:39:cb:4a:9b:cd:64:c7:bf:f9:
08:de:71:42:7f:6c:fe:c3:a9:8a:bd:19:cc:ea:0c:
c8:9e:44:d4:35:4a:ca:6f:99:08:d6:1c:c8:d7:4b:
db:75:30:35:6e:1b:7e:05:9a:71:74:96:05:79:13:
bd:e0:49:d2:92:74:23:21:7b:cc:be:33:38:7b:00:
d4:27:f0:02:07:fb:cb:2f:a4:1b:cb:a1:f1:f3:10:
ab:7c:ca:ac:5c:f7:0a:af:05:10:20:48:b1:3c:3b:
b5:10:c9:11:1c:41:a4:a5:71:fa:e6:2b:de:99:51:
ad:06:75:55:98:6a:c3:37:8b:15:d8:6a:65:df:f0:
01:e4:ab:b9:5d:56:99:fd:a0:d1:0c:ec:cd:ab:4d:
5b:cd:ab:ed:bc:fe:f1:97:47:51:a2:f8:cf:80:c5:
7d:36:a6:cf:b9:be:69:0d:22:7e:07:b6:5e:7e:65:
1a:7f:ef:fd:9b:91:82:61:1e:0e:61:bf:a8:ca:70:
12:61:d2:35:3e:92:6d:6f:c6:70:48:97:c4:87:ce:
b0:32:3b:8c:f0:31:13:23:c5:e0:d9:1c:bd:6b:fe:
85:94:9e:b8:03:2a:21:05:14:ba:f7:e9:ae:c1:25:
db:03:3c:81:df:97:a7:4d:6e:1c:09:f0:9f:c6:e2:
65:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:18:99:1C:09:57:86:5F:4D:D8:24:C6:26:8C:A3:4B:83:8B:BB:0C
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/LBiZHAlXhl9N2CTGJoyjS4OLuww.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.48.0/22
43.246.0.0/21
43.246.12.0-43.246.47.255
43.246.52.0-43.246.99.255
103.35.48.0/22
103.236.0.0-103.236.23.255
103.236.28.0-103.236.99.255
Signature Algorithm: sha256WithRSAEncryption
43:6c:c4:07:10:d2:76:04:34:77:d9:af:35:de:3c:b5:bf:53:
20:a0:2d:90:73:f3:3e:dd:b7:e8:a8:4a:3d:1c:0c:e5:77:01:
2c:31:74:c9:23:c4:01:d0:2e:45:b2:77:43:3d:10:7d:1e:13:
f7:6e:b8:7e:3c:36:0c:70:97:97:71:42:53:6e:3e:e1:50:c6:
24:8b:d0:b6:e3:aa:5e:a6:e2:f2:7a:91:0c:07:ce:fb:97:f0:
82:28:fa:45:a3:58:ba:e8:7c:56:c6:7e:5a:44:b8:84:a2:7f:
f0:01:7f:62:8b:c3:a8:1d:c2:0f:d4:7f:2b:7c:6e:47:cf:cb:
36:67:43:03:d9:cd:c9:db:17:3b:53:7c:f6:e0:86:b2:8d:93:
61:d6:77:f2:44:03:08:e0:92:1c:da:46:54:3c:c9:ac:4c:ea:
9d:5b:18:68:ec:a7:52:39:64:b1:ff:7a:fc:58:a3:80:03:0a:
b9:a8:fd:a5:b7:89:9f:46:35:34:e5:f7:b6:64:93:4f:b2:2b:
2c:d9:d4:85:c9:a5:9f:3b:99:2d:77:45:e7:a6:59:09:f4:47:
18:8b:e6:56:92:07:93:c7:db:e2:f3:f8:93:a9:ec:a1:4f:1b:
8d:ae:ce:f6:16:0e:0d:56:02:0f:7c:43:cf:ff:f5:62:ee:a0:
19:34:22:9c
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgICbcAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNTA2MjAw
NDQyMjNaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDJDMTg5OTFDMDk1Nzg2
NUY0REQ4MjRDNjI2OENBMzRCODM4QkJCMEMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDH7e2AcDnLSpvNZMe/+QjecUJ/bP7DqYq9GczqDMieRNQ1Sspv
mQjWHMjXS9t1MDVuG34FmnF0lgV5E73gSdKSdCMhe8y+Mzh7ANQn8AIH+8svpBvL
ofHzEKt8yqxc9wqvBRAgSLE8O7UQyREcQaSlcfrmK96ZUa0GdVWYasM3ixXYamXf
8AHkq7ldVpn9oNEM7M2rTVvNq+28/vGXR1Gi+M+AxX02ps+5vmkNIn4Htl5+ZRp/
7/2bkYJhHg5hv6jKcBJh0jU+km1vxnBIl8SHzrAyO4zwMRMjxeDZHL1r/oWUnrgD
KiEFFLr36a7BJdsDPIHfl6dNbhwJ8J/G4mUJAgMBAAGjggI0MIICMDAdBgNVHQ4E
FgQULBiZHAlXhl9N2CTGJoyjS4OLuwwwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0xCaVpIQWxYaGw5TjJD
VEdKb3lqUzRPTHV3dy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwYgYIKwYBBQUHAQcBAf8EUzBRME8EAgABMEkD
BAIr7zADBAMr9gAwDAMEAiv2DAMEBCv2IDAMAwQCK/Y0AwQCK/ZgAwQCZyMwMAsD
AwJn7AMEA2fsEDAMAwQCZ+wcAwQCZ+xgMA0GCSqGSIb3DQEBCwUAA4IBAQBDbMQH
ENJ2BDR32a813jy1v1MgoC2Qc/M+3bfoqEo9HAzldwEsMXTJI8QB0C5FsndDPRB9
HhP3brh+PDYMcJeXcUJTbj7hUMYki9C246pepuLyepEMB877l/CCKPpFo1i66HxW
xn5aRLiEon/wAX9ii8OoHcIP1H8rfG5Hz8s2Z0MD2c3J2xc7U3z24IayjZNh1nfy
RAMI4JIc2kZUPMmsTOqdWxho7KdSOWSx/3r8WKOAAwq5qP2lt4mfRjU05fe2ZJNP
siss2dSFyaWfO5ktd0XnplkJ9EcYi+ZWkgeTx9vi8/iTqeyhTxuNrs72Fg4NVgIP
fEPP//Vi7qAZNCKc
-----END CERTIFICATE-----
Generated at Sun Jul 20 12:49:49 2025 by rpki-client