
Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/Qpp5uJvp48YineNVUVnkMVUnofI.roa
File: Qpp5uJvp48YineNVUVnkMVUnofI.roa (raw, json)
Hash identifier: CtuqAZfPGxfwMwJDCi5BYDwZvGSLBN7NobWiqTnMEwQ=
Subject key identifier: 42:9A:79:B8:9B:E9:E3:C6:22:9D:E3:55:51:59:E4:31:55:27:A1:F2
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 7820
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/Qpp5uJvp48YineNVUVnkMVUnofI.roa
Signing time: Thu 17 Jul 2025 16:12:05 +0000
ROA not before: Thu 17 Jul 2025 16:12:05 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 24426
IP address blocks: 43.239.48.0/22 maxlen: 22
43.246.0.0/22 maxlen: 22
43.246.4.0/22 maxlen: 22
43.246.12.0/22 maxlen: 22
43.246.16.0/22 maxlen: 22
43.246.20.0/22 maxlen: 22
43.246.24.0/22 maxlen: 22
43.246.28.0/22 maxlen: 22
43.246.32.0/22 maxlen: 22
43.246.36.0/22 maxlen: 22
43.246.40.0/22 maxlen: 22
43.246.44.0/22 maxlen: 22
43.246.52.0/22 maxlen: 22
43.246.56.0/22 maxlen: 22
43.246.60.0/22 maxlen: 22
43.246.64.0/22 maxlen: 22
43.246.68.0/22 maxlen: 22
43.246.72.0/22 maxlen: 22
43.246.76.0/22 maxlen: 22
43.246.80.0/22 maxlen: 22
43.246.84.0/22 maxlen: 22
43.246.88.0/22 maxlen: 22
43.246.92.0/22 maxlen: 22
43.246.96.0/22 maxlen: 22
103.35.48.0/22 maxlen: 22
103.236.0.0/22 maxlen: 22
103.236.4.0/22 maxlen: 22
103.236.8.0/22 maxlen: 22
103.236.12.0/22 maxlen: 22
103.236.16.0/22 maxlen: 22
103.236.20.0/22 maxlen: 22
103.236.28.0/22 maxlen: 22
103.236.32.0/22 maxlen: 22
103.236.36.0/22 maxlen: 22
103.236.40.0/22 maxlen: 22
103.236.44.0/22 maxlen: 22
103.236.48.0/22 maxlen: 22
103.236.52.0/22 maxlen: 22
103.236.56.0/22 maxlen: 22
103.236.60.0/22 maxlen: 22
103.236.64.0/22 maxlen: 22
103.236.68.0/22 maxlen: 22
103.236.72.0/22 maxlen: 22
103.236.76.0/22 maxlen: 22
103.236.80.0/22 maxlen: 22
103.236.84.0/22 maxlen: 22
103.236.88.0/22 maxlen: 22
103.236.92.0/22 maxlen: 22
103.236.96.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 30752 (0x7820)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Jul 17 16:12:05 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=429A79B89BE9E3C6229DE3555159E4315527A1F2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:d3:1d:9e:ad:f7:8a:c8:a6:69:f7:04:e6:96:
07:f6:32:66:43:78:05:c3:1f:e9:4f:33:b3:77:82:
50:cc:b5:36:1f:8b:7a:2d:ca:f4:6f:2a:0e:30:b5:
6b:5e:c7:f3:47:90:b9:16:21:f4:2d:ff:3e:63:1b:
03:10:76:84:32:84:52:d3:88:83:3c:27:bc:7c:69:
e4:8a:fd:ba:7a:39:3c:99:d6:7b:96:87:cc:10:bb:
96:da:45:03:99:f3:57:ad:21:78:a0:71:64:55:33:
5b:09:cd:7e:c0:82:8a:91:c3:b0:f6:5a:3e:f5:29:
d6:0c:d9:11:6b:bd:c7:04:24:bd:65:b7:49:cb:f0:
eb:f0:d2:0a:53:7c:70:7e:f6:3b:55:e7:32:9a:ce:
90:32:3e:bb:0d:57:b0:72:99:86:60:70:1e:fa:1d:
01:d6:76:fb:9e:f4:be:ac:f4:be:ab:f4:a8:1c:36:
83:7d:9e:93:16:23:a4:d5:d8:10:ef:47:89:c1:10:
1e:ba:46:93:7f:20:07:f6:2c:e5:1a:a0:e4:10:a4:
10:48:89:e8:58:8b:eb:bb:a3:1b:84:ac:51:7f:74:
64:c1:5b:08:87:d1:a8:78:11:df:db:65:30:1b:20:
45:9d:05:71:b4:a3:8d:ec:f1:2a:2c:54:af:cb:79:
1d:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:9A:79:B8:9B:E9:E3:C6:22:9D:E3:55:51:59:E4:31:55:27:A1:F2
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/Qpp5uJvp48YineNVUVnkMVUnofI.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.48.0/22
43.246.0.0/21
43.246.12.0-43.246.47.255
43.246.52.0-43.246.99.255
103.35.48.0/22
103.236.0.0-103.236.23.255
103.236.28.0-103.236.99.255
Signature Algorithm: sha256WithRSAEncryption
b0:17:a5:58:30:20:76:8e:c3:8d:88:69:cf:21:a7:b2:0e:9f:
58:49:b5:c2:67:c7:35:35:2e:b9:bc:e2:5b:d4:68:9a:44:81:
64:60:11:81:5a:f6:5e:8d:95:b4:6a:ac:ab:a8:59:41:86:d8:
a5:d5:c8:e0:d7:73:fb:06:1f:71:30:89:b5:97:b8:a2:13:ab:
7a:74:6f:15:2f:ff:93:97:8c:80:93:4c:54:89:1f:8c:e9:4f:
d5:8f:9c:44:58:8c:5b:22:55:6f:5b:73:35:47:a5:45:c2:9b:
78:63:0d:ba:63:63:f9:01:65:65:e3:86:da:96:ce:ee:b3:29:
fe:db:53:78:16:d2:28:1a:40:88:f5:86:2a:9b:97:c7:c1:b7:
1c:09:ba:26:9b:b1:54:2a:92:cf:fa:b0:11:04:dd:b5:95:e9:
a5:a9:a7:65:56:22:95:6d:09:f6:89:3b:2b:e1:e9:a8:38:c3:
4f:f6:ee:b4:a6:e1:16:fe:38:9a:1e:94:de:ec:ae:f1:ae:bd:
ce:f2:83:69:17:d4:c6:7b:39:9f:60:9a:31:b1:05:47:7e:4f:
a4:5f:48:3c:9c:84:22:b2:8a:0d:70:7e:e1:b9:ad:be:6f:46:
77:aa:c1:a8:69:79:33:f1:f6:70:c2:cf:ba:10:25:35:ed:29:
46:38:60:43
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgICeCAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNTA3MTcx
NjEyMDVaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDQyOUE3OUI4OUJFOUUz
QzYyMjlERTM1NTUxNTlFNDMxNTUyN0ExRjIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDw0x2erfeKyKZp9wTmlgf2MmZDeAXDH+lPM7N3glDMtTYfi3ot
yvRvKg4wtWtex/NHkLkWIfQt/z5jGwMQdoQyhFLTiIM8J7x8aeSK/bp6OTyZ1nuW
h8wQu5baRQOZ81etIXigcWRVM1sJzX7AgoqRw7D2Wj71KdYM2RFrvccEJL1lt0nL
8Ovw0gpTfHB+9jtV5zKazpAyPrsNV7BymYZgcB76HQHWdvue9L6s9L6r9KgcNoN9
npMWI6TV2BDvR4nBEB66RpN/IAf2LOUaoOQQpBBIiehYi+u7oxuErFF/dGTBWwiH
0ah4Ed/bZTAbIEWdBXG0o43s8SosVK/LeR05AgMBAAGjggI0MIICMDAdBgNVHQ4E
FgQUQpp5uJvp48YineNVUVnkMVUnofIwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1FwcDV1SnZwNDhZaW5l
TlZVVm5rTVZVbm9mSS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwYgYIKwYBBQUHAQcBAf8EUzBRME8EAgABMEkD
BAIr7zADBAMr9gAwDAMEAiv2DAMEBCv2IDAMAwQCK/Y0AwQCK/ZgAwQCZyMwMAsD
AwJn7AMEA2fsEDAMAwQCZ+wcAwQCZ+xgMA0GCSqGSIb3DQEBCwUAA4IBAQCwF6VY
MCB2jsONiGnPIaeyDp9YSbXCZ8c1NS65vOJb1GiaRIFkYBGBWvZejZW0aqyrqFlB
htil1cjg13P7Bh9xMIm1l7iiE6t6dG8VL/+Tl4yAk0xUiR+M6U/Vj5xEWIxbIlVv
W3M1R6VFwpt4Yw26Y2P5AWVl44bals7usyn+21N4FtIoGkCI9YYqm5fHwbccCbom
m7FUKpLP+rARBN21lemlqadlViKVbQn2iTsr4emoOMNP9u60puEW/jiaHpTe7K7x
rr3O8oNpF9TGezmfYJoxsQVHfk+kX0g8nIQisooNcH7hua2+b0Z3qsGoaXkz8fZw
ws+6ECU17SlGOGBD
-----END CERTIFICATE-----
Generated at Sun Jul 20 12:48:50 2025 by rpki-client