Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/R9C9v6eXz7coSNuJR-cUP-7JJqc.roa
File: R9C9v6eXz7coSNuJR-cUP-7JJqc.roa (raw, json)
Hash identifier: 9EVJtpfE0se0Crfz+7zeyV50NunR/psael+BB0U+Y2Q=
Subject key identifier: 47:D0:BD:BF:A7:97:CF:B7:28:48:DB:89:47:E7:14:3F:EE:C9:26:A7
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 6C02
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/R9C9v6eXz7coSNuJR-cUP-7JJqc.roa
Signing time: Sun 15 Jun 2025 02:54:57 +0000
ROA not before: Sun 15 Jun 2025 02:54:57 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 24426
IP address blocks: 43.239.48.0/22 maxlen: 22
43.246.0.0/22 maxlen: 22
43.246.4.0/22 maxlen: 22
43.246.12.0/22 maxlen: 22
43.246.16.0/22 maxlen: 22
43.246.20.0/22 maxlen: 22
43.246.24.0/22 maxlen: 22
43.246.28.0/22 maxlen: 22
43.246.32.0/22 maxlen: 22
43.246.36.0/22 maxlen: 22
43.246.40.0/22 maxlen: 22
43.246.44.0/22 maxlen: 22
43.246.52.0/22 maxlen: 22
43.246.56.0/22 maxlen: 22
43.246.60.0/22 maxlen: 22
43.246.64.0/22 maxlen: 22
43.246.68.0/22 maxlen: 22
43.246.72.0/22 maxlen: 22
43.246.76.0/22 maxlen: 22
43.246.80.0/22 maxlen: 22
43.246.84.0/22 maxlen: 22
43.246.88.0/22 maxlen: 22
43.246.92.0/22 maxlen: 22
43.246.96.0/22 maxlen: 22
103.35.48.0/22 maxlen: 22
103.236.0.0/22 maxlen: 22
103.236.4.0/22 maxlen: 22
103.236.8.0/22 maxlen: 22
103.236.12.0/22 maxlen: 22
103.236.16.0/22 maxlen: 22
103.236.20.0/22 maxlen: 22
103.236.28.0/22 maxlen: 22
103.236.32.0/22 maxlen: 22
103.236.36.0/22 maxlen: 22
103.236.40.0/22 maxlen: 22
103.236.44.0/22 maxlen: 22
103.236.48.0/22 maxlen: 22
103.236.52.0/22 maxlen: 22
103.236.56.0/22 maxlen: 22
103.236.60.0/22 maxlen: 22
103.236.64.0/22 maxlen: 22
103.236.68.0/22 maxlen: 22
103.236.72.0/22 maxlen: 22
103.236.76.0/22 maxlen: 22
103.236.80.0/22 maxlen: 22
103.236.84.0/22 maxlen: 22
103.236.88.0/22 maxlen: 22
103.236.92.0/22 maxlen: 22
103.236.96.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 27650 (0x6c02)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Jun 15 02:54:57 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=47D0BDBFA797CFB72848DB8947E7143FEEC926A7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:2b:f0:af:1f:d2:9c:24:5c:28:09:91:45:75:
28:a2:0f:60:4d:c4:eb:33:98:a8:31:09:d8:2e:49:
c1:9a:6a:a7:8c:17:3a:8b:23:fc:c8:7d:9c:17:ea:
0f:e1:6d:c4:06:6b:98:86:c4:fe:28:33:51:3c:9d:
f4:69:39:13:89:26:f3:9c:eb:33:84:b8:15:cf:bc:
5a:60:bc:d5:60:bf:46:58:db:1a:09:b7:d1:d4:c5:
14:f7:b0:ad:b1:70:2b:e3:46:51:f7:54:05:99:17:
2a:e3:b6:e2:7b:4f:8d:7a:e4:bc:6f:30:ab:8a:cf:
5c:ae:b1:13:ad:ef:28:c4:7e:c7:cd:e4:ff:c9:31:
3f:01:a0:bf:4d:82:1e:4f:24:80:1a:08:dd:20:28:
f2:1f:73:97:a7:0a:86:dc:9d:90:3b:60:d0:24:f8:
65:41:69:ba:e0:0e:2e:b3:73:b4:25:3e:55:a6:25:
73:b2:65:f6:7a:f0:a8:5a:3f:b5:2a:af:14:b0:20:
38:2c:13:91:f0:5f:0f:d1:8c:90:53:29:c8:0a:ee:
92:4e:af:50:3b:12:34:8e:50:9a:81:82:4a:e5:9f:
0c:64:1a:7a:b9:e3:43:5f:53:95:ae:09:66:5e:c6:
84:a9:5b:a0:8a:79:ef:5c:be:6b:3a:a7:3f:3c:90:
e2:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:D0:BD:BF:A7:97:CF:B7:28:48:DB:89:47:E7:14:3F:EE:C9:26:A7
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/R9C9v6eXz7coSNuJR-cUP-7JJqc.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.48.0/22
43.246.0.0/21
43.246.12.0-43.246.47.255
43.246.52.0-43.246.99.255
103.35.48.0/22
103.236.0.0-103.236.23.255
103.236.28.0-103.236.99.255
Signature Algorithm: sha256WithRSAEncryption
5d:e4:23:48:18:4e:e9:88:eb:db:bf:1b:46:cd:07:b6:49:13:
b8:c5:9a:81:74:0f:9c:79:46:e2:bd:6f:fd:de:e4:77:84:27:
5e:15:91:17:e6:58:d2:41:09:9e:2a:a2:be:5e:31:4a:a9:97:
38:3a:58:ce:39:aa:74:7a:b8:dd:63:f2:b8:ca:2d:cf:35:26:
bf:ce:59:21:8d:7e:2e:22:8b:f7:40:0d:01:f5:a6:f3:6d:3e:
83:e1:26:d6:aa:dd:47:5b:06:c8:fb:b7:01:c3:01:89:b4:46:
b3:00:3f:de:0d:b1:4a:d3:18:d0:42:90:15:4a:91:a7:bb:af:
33:8f:64:6a:de:21:d8:56:a9:37:47:60:cc:f4:c3:3d:47:08:
65:49:22:14:76:a3:dd:15:e6:d9:69:3e:5c:e9:0a:e2:99:f0:
44:79:9a:c1:43:bb:35:af:3a:54:84:bb:2e:51:4c:7d:e6:cf:
62:0f:38:ca:72:2b:75:78:5a:bf:cd:55:8b:a7:c1:96:5c:63:
b1:22:5f:b6:24:43:90:c7:4d:88:20:dc:f3:1c:71:48:1b:36:
08:04:03:20:71:27:3b:64:01:32:a5:97:80:bb:3e:bb:90:c7:
b2:21:36:fb:17:1f:1f:9f:b9:4f:3b:17:04:65:1d:d3:bd:8c:
47:00:1d:9e
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgICbAIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNTA2MTUw
MjU0NTdaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDQ3RDBCREJGQTc5N0NG
QjcyODQ4REI4OTQ3RTcxNDNGRUVDOTI2QTcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDMK/CvH9KcJFwoCZFFdSiiD2BNxOszmKgxCdguScGaaqeMFzqL
I/zIfZwX6g/hbcQGa5iGxP4oM1E8nfRpOROJJvOc6zOEuBXPvFpgvNVgv0ZY2xoJ
t9HUxRT3sK2xcCvjRlH3VAWZFyrjtuJ7T4165LxvMKuKz1yusROt7yjEfsfN5P/J
MT8BoL9Ngh5PJIAaCN0gKPIfc5enCobcnZA7YNAk+GVBabrgDi6zc7QlPlWmJXOy
ZfZ68KhaP7UqrxSwIDgsE5HwXw/RjJBTKcgK7pJOr1A7EjSOUJqBgkrlnwxkGnq5
40NfU5WuCWZexoSpW6CKee9cvms6pz88kOLRAgMBAAGjggI0MIICMDAdBgNVHQ4E
FgQUR9C9v6eXz7coSNuJR+cUP+7JJqcwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1I5Qzl2NmVYejdjb1NO
dUpSLWNVUC03SkpxYy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwYgYIKwYBBQUHAQcBAf8EUzBRME8EAgABMEkD
BAIr7zADBAMr9gAwDAMEAiv2DAMEBCv2IDAMAwQCK/Y0AwQCK/ZgAwQCZyMwMAsD
AwJn7AMEA2fsEDAMAwQCZ+wcAwQCZ+xgMA0GCSqGSIb3DQEBCwUAA4IBAQBd5CNI
GE7piOvbvxtGzQe2SRO4xZqBdA+ceUbivW/93uR3hCdeFZEX5ljSQQmeKqK+XjFK
qZc4OljOOap0erjdY/K4yi3PNSa/zlkhjX4uIov3QA0B9abzbT6D4SbWqt1HWwbI
+7cBwwGJtEazAD/eDbFK0xjQQpAVSpGnu68zj2Rq3iHYVqk3R2DM9MM9RwhlSSIU
dqPdFebZaT5c6QrimfBEeZrBQ7s1rzpUhLsuUUx95s9iDzjKcit1eFq/zVWLp8GW
XGOxIl+2JEOQx02IINzzHHFIGzYIBAMgcSc7ZAEypZeAuz67kMeyITb7Fx8fn7lP
OxcEZR3TvYxHAB2e
-----END CERTIFICATE-----
Generated at Sun Jul 20 12:40:07 2025 by rpki-client