Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/PDU-v5_t12ecxZoitk5_L6a3zeE.roa
File: PDU-v5_t12ecxZoitk5_L6a3zeE.roa (raw, json)
Hash identifier: Oa4V8Ev9478IgpfLZOze9Cgi27vMDk5653h98IF5K9k=
Subject key identifier: 3C:35:3E:BF:9F:ED:D7:67:9C:C5:9A:22:B6:4E:7F:2F:A6:B7:CD:E1
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 71FA
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/PDU-v5_t12ecxZoitk5_L6a3zeE.roa
Signing time: Tue 01 Jul 2025 06:14:47 +0000
ROA not before: Tue 01 Jul 2025 06:14:47 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 24426
IP address blocks: 43.239.48.0/22 maxlen: 22
43.246.0.0/22 maxlen: 22
43.246.4.0/22 maxlen: 22
43.246.12.0/22 maxlen: 22
43.246.16.0/22 maxlen: 22
43.246.20.0/22 maxlen: 22
43.246.24.0/22 maxlen: 22
43.246.28.0/22 maxlen: 22
43.246.32.0/22 maxlen: 22
43.246.36.0/22 maxlen: 22
43.246.40.0/22 maxlen: 22
43.246.44.0/22 maxlen: 22
43.246.52.0/22 maxlen: 22
43.246.56.0/22 maxlen: 22
43.246.60.0/22 maxlen: 22
43.246.64.0/22 maxlen: 22
43.246.68.0/22 maxlen: 22
43.246.72.0/22 maxlen: 22
43.246.76.0/22 maxlen: 22
43.246.80.0/22 maxlen: 22
43.246.84.0/22 maxlen: 22
43.246.88.0/22 maxlen: 22
43.246.92.0/22 maxlen: 22
43.246.96.0/22 maxlen: 22
103.35.48.0/22 maxlen: 22
103.236.0.0/22 maxlen: 22
103.236.4.0/22 maxlen: 22
103.236.8.0/22 maxlen: 22
103.236.12.0/22 maxlen: 22
103.236.16.0/22 maxlen: 22
103.236.20.0/22 maxlen: 22
103.236.28.0/22 maxlen: 22
103.236.32.0/22 maxlen: 22
103.236.36.0/22 maxlen: 22
103.236.40.0/22 maxlen: 22
103.236.44.0/22 maxlen: 22
103.236.48.0/22 maxlen: 22
103.236.52.0/22 maxlen: 22
103.236.56.0/22 maxlen: 22
103.236.60.0/22 maxlen: 22
103.236.64.0/22 maxlen: 22
103.236.68.0/22 maxlen: 22
103.236.72.0/22 maxlen: 22
103.236.76.0/22 maxlen: 22
103.236.80.0/22 maxlen: 22
103.236.84.0/22 maxlen: 22
103.236.88.0/22 maxlen: 22
103.236.92.0/22 maxlen: 22
103.236.96.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 29178 (0x71fa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Jul 1 06:14:47 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=3C353EBF9FEDD7679CC59A22B64E7F2FA6B7CDE1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:a9:45:2a:21:d2:fc:07:1d:f4:50:dc:55:9d:
10:f5:60:01:11:68:0c:4b:9a:56:81:3a:fb:9e:28:
96:be:8b:91:b3:5d:ac:41:61:bc:87:18:9b:8f:1f:
54:75:35:4c:32:f1:78:70:48:13:21:66:68:c8:0f:
56:92:4b:ec:2e:0c:be:3b:63:cc:69:e6:33:d6:f3:
6a:6c:01:4a:4e:aa:7a:cc:ff:c9:4c:47:4f:9f:fd:
b8:68:37:7d:ef:62:5e:4c:d5:c2:93:65:b2:11:7c:
f3:07:62:99:0c:e9:96:cc:72:ae:00:74:81:fc:f3:
ea:6c:24:6d:a1:52:38:aa:84:1e:7a:1b:6b:7b:a7:
74:a6:da:ac:00:2e:89:73:2e:45:4c:b1:06:56:b1:
40:88:2e:53:58:d4:44:ea:7b:58:07:4f:77:c5:e9:
47:ed:bf:2e:d8:d7:b1:4e:8e:9b:6c:f6:ca:a0:78:
91:92:b5:a7:0a:76:da:5c:8c:1d:82:56:cf:9c:e1:
fa:1b:20:e9:44:7a:f9:9d:25:dc:ee:15:5a:1c:28:
6f:68:ed:83:c3:df:e6:d1:67:69:3a:ba:54:de:48:
86:ef:ed:c9:e6:6a:d1:a7:10:3e:14:b2:4c:93:8b:
d8:4e:8b:4c:f4:93:79:4f:ae:99:c0:4d:b7:29:49:
86:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:35:3E:BF:9F:ED:D7:67:9C:C5:9A:22:B6:4E:7F:2F:A6:B7:CD:E1
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/PDU-v5_t12ecxZoitk5_L6a3zeE.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.48.0/22
43.246.0.0/21
43.246.12.0-43.246.47.255
43.246.52.0-43.246.99.255
103.35.48.0/22
103.236.0.0-103.236.23.255
103.236.28.0-103.236.99.255
Signature Algorithm: sha256WithRSAEncryption
a7:1a:4a:a1:11:af:60:16:68:04:96:a6:d0:78:3f:bd:85:d5:
a9:41:08:3f:a5:7d:0a:11:fb:b0:24:ff:77:9f:0f:c4:72:0e:
6a:69:a3:0f:1f:e1:9f:72:8e:59:b4:69:98:6e:c4:a8:ec:aa:
84:cc:a5:9c:8c:8b:cc:1b:ed:d1:26:8a:04:d3:4e:4b:aa:d9:
16:33:c6:99:67:bc:e9:ff:b7:55:8f:c5:4a:0c:2c:fc:00:fc:
a2:e6:e5:82:7d:7f:ff:4a:fd:08:c3:02:ff:83:7e:9b:00:4d:
94:24:6e:da:44:f8:af:e4:48:16:d4:47:c7:d5:18:51:0c:c9:
07:44:7d:cd:c3:03:d5:9e:75:05:6e:46:4f:eb:f2:98:e9:03:
71:df:4c:19:6d:dd:74:38:1e:ed:18:d4:c3:42:b7:96:4d:ed:
d7:ea:3a:e9:0c:f2:65:f4:37:05:fe:f8:f3:c2:e2:99:4e:7b:
d4:b1:f8:54:e8:76:b4:44:a8:d6:ba:98:52:f6:0d:8d:3b:cf:
03:39:f0:45:48:06:c3:67:f6:cd:d8:a8:1e:92:8b:0b:ee:e9:
38:ed:ee:08:b3:b2:c9:b9:26:06:56:ed:b4:2e:9f:f6:16:a6:
26:09:84:ac:66:b1:7c:88:f4:90:08:e1:db:a4:e8:a9:7f:be:
b0:07:80:90
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgICcfowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNTA3MDEw
NjE0NDdaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDNDMzUzRUJGOUZFREQ3
Njc5Q0M1OUEyMkI2NEU3RjJGQTZCN0NERTEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDVqUUqIdL8Bx30UNxVnRD1YAERaAxLmlaBOvueKJa+i5GzXaxB
YbyHGJuPH1R1NUwy8XhwSBMhZmjID1aSS+wuDL47Y8xp5jPW82psAUpOqnrM/8lM
R0+f/bhoN33vYl5M1cKTZbIRfPMHYpkM6ZbMcq4AdIH88+psJG2hUjiqhB56G2t7
p3Sm2qwALolzLkVMsQZWsUCILlNY1ETqe1gHT3fF6Uftvy7Y17FOjpts9sqgeJGS
tacKdtpcjB2CVs+c4fobIOlEevmdJdzuFVocKG9o7YPD3+bRZ2k6ulTeSIbv7cnm
atGnED4UskyTi9hOi0z0k3lPrpnATbcpSYaXAgMBAAGjggI0MIICMDAdBgNVHQ4E
FgQUPDU+v5/t12ecxZoitk5/L6a3zeEwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1BEVS12NV90MTJlY3ha
b2l0azVfTDZhM3plRS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwYgYIKwYBBQUHAQcBAf8EUzBRME8EAgABMEkD
BAIr7zADBAMr9gAwDAMEAiv2DAMEBCv2IDAMAwQCK/Y0AwQCK/ZgAwQCZyMwMAsD
AwJn7AMEA2fsEDAMAwQCZ+wcAwQCZ+xgMA0GCSqGSIb3DQEBCwUAA4IBAQCnGkqh
Ea9gFmgElqbQeD+9hdWpQQg/pX0KEfuwJP93nw/Ecg5qaaMPH+Gfco5ZtGmYbsSo
7KqEzKWcjIvMG+3RJooE005LqtkWM8aZZ7zp/7dVj8VKDCz8APyi5uWCfX//Sv0I
wwL/g36bAE2UJG7aRPiv5EgW1EfH1RhRDMkHRH3NwwPVnnUFbkZP6/KY6QNx30wZ
bd10OB7tGNTDQreWTe3X6jrpDPJl9DcF/vjzwuKZTnvUsfhU6Ha0RKjWuphS9g2N
O88DOfBFSAbDZ/bN2KgekosL7uk47e4Is7LJuSYGVu20Lp/2FqYmCYSsZrF8iPSQ
COHbpOipf76wB4CQ
-----END CERTIFICATE-----
Generated at Sun Jul 20 12:32:01 2025 by rpki-client