Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/RAwgd3ZDBRK4qjxnol1LYylo25w.roa
File: RAwgd3ZDBRK4qjxnol1LYylo25w.roa (raw, json)
Hash identifier: Mo1R5F5sl7emBEUywpTFmM2YBNz35JV7xSzziJ5P1oo=
Subject key identifier: 44:0C:20:77:76:43:05:12:B8:AA:3C:67:A2:5D:4B:63:29:68:DB:9C
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 6CB0
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/RAwgd3ZDBRK4qjxnol1LYylo25w.roa
Signing time: Mon 16 Jun 2025 22:15:34 +0000
ROA not before: Mon 16 Jun 2025 22:15:34 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 24426
IP address blocks: 43.239.48.0/22 maxlen: 22
43.246.0.0/22 maxlen: 22
43.246.4.0/22 maxlen: 22
43.246.12.0/22 maxlen: 22
43.246.16.0/22 maxlen: 22
43.246.20.0/22 maxlen: 22
43.246.24.0/22 maxlen: 22
43.246.28.0/22 maxlen: 22
43.246.32.0/22 maxlen: 22
43.246.36.0/22 maxlen: 22
43.246.40.0/22 maxlen: 22
43.246.44.0/22 maxlen: 22
43.246.52.0/22 maxlen: 22
43.246.56.0/22 maxlen: 22
43.246.60.0/22 maxlen: 22
43.246.64.0/22 maxlen: 22
43.246.68.0/22 maxlen: 22
43.246.72.0/22 maxlen: 22
43.246.76.0/22 maxlen: 22
43.246.80.0/22 maxlen: 22
43.246.84.0/22 maxlen: 22
43.246.88.0/22 maxlen: 22
43.246.92.0/22 maxlen: 22
43.246.96.0/22 maxlen: 22
103.35.48.0/22 maxlen: 22
103.236.0.0/22 maxlen: 22
103.236.4.0/22 maxlen: 22
103.236.8.0/22 maxlen: 22
103.236.12.0/22 maxlen: 22
103.236.16.0/22 maxlen: 22
103.236.20.0/22 maxlen: 22
103.236.28.0/22 maxlen: 22
103.236.32.0/22 maxlen: 22
103.236.36.0/22 maxlen: 22
103.236.40.0/22 maxlen: 22
103.236.44.0/22 maxlen: 22
103.236.48.0/22 maxlen: 22
103.236.52.0/22 maxlen: 22
103.236.56.0/22 maxlen: 22
103.236.60.0/22 maxlen: 22
103.236.64.0/22 maxlen: 22
103.236.68.0/22 maxlen: 22
103.236.72.0/22 maxlen: 22
103.236.76.0/22 maxlen: 22
103.236.80.0/22 maxlen: 22
103.236.84.0/22 maxlen: 22
103.236.88.0/22 maxlen: 22
103.236.92.0/22 maxlen: 22
103.236.96.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 27824 (0x6cb0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Jun 16 22:15:34 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=440C207776430512B8AA3C67A25D4B632968DB9C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:d4:12:47:8a:be:10:9c:71:07:b9:87:01:e1:
86:e8:11:16:23:ff:2c:35:c2:8c:ae:31:c2:51:c2:
fd:1f:42:6b:73:0e:87:f7:39:14:0b:4a:f7:d4:57:
85:94:7a:21:e5:22:55:bf:c1:0d:ab:61:4f:16:20:
40:f1:ff:52:af:ac:ac:2b:ab:b8:3a:29:7d:8d:6b:
a3:2b:22:06:7a:14:0a:2c:d0:15:7c:b0:13:3a:6d:
65:98:97:c4:9c:8e:b7:49:65:33:eb:9b:94:82:87:
fc:9d:21:ff:a6:41:d4:99:0d:bc:e7:ce:de:d9:aa:
58:24:97:7d:dd:be:bb:67:c7:2c:61:e5:f9:3a:4a:
61:b0:3d:dc:c7:49:f7:c8:9a:d0:25:ac:f8:0b:ee:
80:ce:9c:3b:68:5e:c5:2e:d8:0c:08:83:48:fb:1a:
f6:5c:94:c1:61:f5:ef:66:25:73:93:0f:92:e5:43:
95:8e:0a:79:83:ff:6f:48:a2:17:a7:93:a9:c1:6c:
e5:14:fe:5d:d6:dc:d2:57:01:dc:a5:88:ef:fd:4f:
df:c0:e6:3c:dd:1d:cf:e1:f5:b1:03:07:b4:b7:a3:
48:3b:7e:a6:eb:c8:bc:54:42:e7:57:97:81:af:7d:
b8:47:02:8b:77:e3:e5:1d:3b:85:b4:c2:ba:7c:b5:
1e:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:0C:20:77:76:43:05:12:B8:AA:3C:67:A2:5D:4B:63:29:68:DB:9C
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/RAwgd3ZDBRK4qjxnol1LYylo25w.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.48.0/22
43.246.0.0/21
43.246.12.0-43.246.47.255
43.246.52.0-43.246.99.255
103.35.48.0/22
103.236.0.0-103.236.23.255
103.236.28.0-103.236.99.255
Signature Algorithm: sha256WithRSAEncryption
74:43:05:a0:98:6d:00:59:26:54:d0:0c:46:35:a8:27:88:0b:
d0:17:29:88:16:27:32:d7:99:3e:fa:0a:22:da:3f:57:65:14:
a9:3f:2c:eb:ab:33:1b:1b:94:54:77:c0:ab:59:5a:ce:fc:56:
43:5d:4d:07:df:ac:d8:2a:ca:03:23:29:2d:e0:8e:fb:24:cf:
fa:da:14:df:3d:ae:e0:97:7d:92:e0:66:d1:2d:5a:40:e1:38:
38:50:2c:c2:a5:47:d7:99:0a:f0:3b:17:a4:76:e4:08:03:36:
2e:69:86:91:64:16:8b:be:56:5e:fd:65:37:6b:d2:ec:97:98:
53:e4:54:4e:19:7d:6c:87:05:24:d7:b6:71:e4:89:57:42:fc:
60:e7:e5:84:5a:ea:71:0b:e4:d4:50:63:cd:20:c5:7f:b5:58:
79:3f:cd:82:57:76:ed:67:13:97:23:d9:8d:1f:30:57:c1:48:
6f:d5:62:87:86:5c:51:ca:2c:85:29:2d:16:ab:c0:fd:74:38:
63:e1:b2:c2:8e:d2:fa:ff:90:94:f2:c5:16:f7:b2:86:23:e0:
42:88:f0:7f:50:7d:73:2b:ef:78:81:4c:c9:70:4a:12:4b:2f:
c2:36:77:70:a9:e8:0f:ae:04:e0:b9:ff:a7:0d:9b:8b:81:0e:
29:c6:35:98
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgICbLAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNTA2MTYy
MjE1MzRaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDQ0MEMyMDc3NzY0MzA1
MTJCOEFBM0M2N0EyNUQ0QjYzMjk2OERCOUMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC51BJHir4QnHEHuYcB4YboERYj/yw1woyuMcJRwv0fQmtzDof3
ORQLSvfUV4WUeiHlIlW/wQ2rYU8WIEDx/1KvrKwrq7g6KX2Na6MrIgZ6FAos0BV8
sBM6bWWYl8ScjrdJZTPrm5SCh/ydIf+mQdSZDbznzt7Zqlgkl33dvrtnxyxh5fk6
SmGwPdzHSffImtAlrPgL7oDOnDtoXsUu2AwIg0j7GvZclMFh9e9mJXOTD5LlQ5WO
CnmD/29Iohenk6nBbOUU/l3W3NJXAdyliO/9T9/A5jzdHc/h9bEDB7S3o0g7fqbr
yLxUQudXl4GvfbhHAot34+UdO4W0wrp8tR4TAgMBAAGjggI0MIICMDAdBgNVHQ4E
FgQURAwgd3ZDBRK4qjxnol1LYylo25wwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1JBd2dkM1pEQlJLNHFq
eG5vbDFMWXlsbzI1dy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwYgYIKwYBBQUHAQcBAf8EUzBRME8EAgABMEkD
BAIr7zADBAMr9gAwDAMEAiv2DAMEBCv2IDAMAwQCK/Y0AwQCK/ZgAwQCZyMwMAsD
AwJn7AMEA2fsEDAMAwQCZ+wcAwQCZ+xgMA0GCSqGSIb3DQEBCwUAA4IBAQB0QwWg
mG0AWSZU0AxGNagniAvQFymIFicy15k++goi2j9XZRSpPyzrqzMbG5RUd8CrWVrO
/FZDXU0H36zYKsoDIykt4I77JM/62hTfPa7gl32S4GbRLVpA4Tg4UCzCpUfXmQrw
OxekduQIAzYuaYaRZBaLvlZe/WU3a9Lsl5hT5FROGX1shwUk17Zx5IlXQvxg5+WE
WupxC+TUUGPNIMV/tVh5P82CV3btZxOXI9mNHzBXwUhv1WKHhlxRyiyFKS0Wq8D9
dDhj4bLCjtL6/5CU8sUW97KGI+BCiPB/UH1zK+94gUzJcEoSSy/CNndwqegPrgTg
uf+nDZuLgQ4pxjWY
-----END CERTIFICATE-----
Generated at Sun Jul 20 12:49:45 2025 by rpki-client