Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/RPYeXJRH53b2_Px69Bq1bVTQtUI.roa
File: RPYeXJRH53b2_Px69Bq1bVTQtUI.roa (raw, json)
Hash identifier: BSZFT0fXytX+H8UbTIlG3UhucTVPFBegVFQMZUaNKr0=
Subject key identifier: 44:F6:1E:5C:94:47:E7:76:F6:FC:FC:7A:F4:1A:B5:6D:54:D0:B5:42
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 7008
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/RPYeXJRH53b2_Px69Bq1bVTQtUI.roa
Signing time: Thu 26 Jun 2025 01:44:37 +0000
ROA not before: Thu 26 Jun 2025 01:44:37 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 24426
IP address blocks: 43.239.48.0/22 maxlen: 22
43.246.0.0/22 maxlen: 22
43.246.4.0/22 maxlen: 22
43.246.12.0/22 maxlen: 22
43.246.16.0/22 maxlen: 22
43.246.20.0/22 maxlen: 22
43.246.24.0/22 maxlen: 22
43.246.28.0/22 maxlen: 22
43.246.32.0/22 maxlen: 22
43.246.36.0/22 maxlen: 22
43.246.40.0/22 maxlen: 22
43.246.44.0/22 maxlen: 22
43.246.52.0/22 maxlen: 22
43.246.56.0/22 maxlen: 22
43.246.60.0/22 maxlen: 22
43.246.64.0/22 maxlen: 22
43.246.68.0/22 maxlen: 22
43.246.72.0/22 maxlen: 22
43.246.76.0/22 maxlen: 22
43.246.80.0/22 maxlen: 22
43.246.84.0/22 maxlen: 22
43.246.88.0/22 maxlen: 22
43.246.92.0/22 maxlen: 22
43.246.96.0/22 maxlen: 22
103.35.48.0/22 maxlen: 22
103.236.0.0/22 maxlen: 22
103.236.4.0/22 maxlen: 22
103.236.8.0/22 maxlen: 22
103.236.12.0/22 maxlen: 22
103.236.16.0/22 maxlen: 22
103.236.20.0/22 maxlen: 22
103.236.28.0/22 maxlen: 22
103.236.32.0/22 maxlen: 22
103.236.36.0/22 maxlen: 22
103.236.40.0/22 maxlen: 22
103.236.44.0/22 maxlen: 22
103.236.48.0/22 maxlen: 22
103.236.52.0/22 maxlen: 22
103.236.56.0/22 maxlen: 22
103.236.60.0/22 maxlen: 22
103.236.64.0/22 maxlen: 22
103.236.68.0/22 maxlen: 22
103.236.72.0/22 maxlen: 22
103.236.76.0/22 maxlen: 22
103.236.80.0/22 maxlen: 22
103.236.84.0/22 maxlen: 22
103.236.88.0/22 maxlen: 22
103.236.92.0/22 maxlen: 22
103.236.96.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 28680 (0x7008)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Jun 26 01:44:37 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=44F61E5C9447E776F6FCFC7AF41AB56D54D0B542
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:4a:69:9f:55:fc:f0:0e:8c:eb:d2:dc:0c:ed:
5b:e0:fa:fa:e8:66:89:d9:85:f4:fc:44:a4:ad:f4:
ad:fb:62:6c:75:d2:5a:9b:5f:21:fd:83:df:df:ce:
61:0a:68:76:94:ad:4e:c4:7e:9b:7b:4c:d0:58:c1:
f5:e7:90:93:bf:da:6d:c0:39:4f:38:da:79:da:24:
94:0f:51:3e:93:7e:5c:e5:08:1b:75:06:d5:b7:bb:
e4:90:a0:c0:4d:b7:15:c5:fa:05:c8:30:d0:0d:6a:
3b:29:e1:36:17:99:d9:d6:46:d0:bb:56:60:db:16:
d2:d7:dd:fe:16:9b:f7:af:fe:0c:c7:bb:35:a2:90:
4c:1c:67:3c:c4:21:88:22:c2:2b:b5:89:44:34:82:
d7:66:e4:a8:f8:66:45:f9:b2:51:85:f2:a2:dd:89:
ca:f7:4f:66:ec:a8:2a:d5:21:e8:6b:f7:80:da:a0:
c0:73:4b:bd:14:71:c9:24:da:1f:b9:0b:02:e4:64:
f7:40:46:c0:4d:77:ed:b2:3e:94:d2:11:c2:20:09:
d2:95:7d:43:50:10:4b:65:b7:83:9d:a9:a1:ef:31:
ed:e5:43:b7:87:c1:84:cb:9d:08:3a:59:ea:17:83:
b5:22:1b:15:22:b9:00:ae:ef:f5:4a:72:65:f7:9e:
e3:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:F6:1E:5C:94:47:E7:76:F6:FC:FC:7A:F4:1A:B5:6D:54:D0:B5:42
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/RPYeXJRH53b2_Px69Bq1bVTQtUI.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.48.0/22
43.246.0.0/21
43.246.12.0-43.246.47.255
43.246.52.0-43.246.99.255
103.35.48.0/22
103.236.0.0-103.236.23.255
103.236.28.0-103.236.99.255
Signature Algorithm: sha256WithRSAEncryption
61:bf:2f:fb:b5:d2:7a:db:cd:5e:4e:07:7e:d1:b5:f0:1a:04:
86:e1:ed:ce:39:52:4d:fc:ee:46:4b:84:08:ff:17:23:1e:f3:
0c:85:3c:3e:d7:0f:e6:69:61:3e:c0:cd:f7:5e:29:36:43:87:
3d:d8:50:08:03:bb:8f:1a:3c:9e:05:21:eb:0c:d4:b3:64:7b:
f1:3a:6e:5e:f9:f5:c2:37:92:24:11:67:7a:2f:64:43:26:22:
18:be:c0:03:71:40:8c:28:fe:ea:c0:84:3f:3a:75:a5:ca:cd:
04:54:39:5c:75:fd:4f:14:3d:ef:16:12:85:6f:bc:31:0c:81:
09:4c:28:f0:24:25:c4:91:d0:8f:b0:72:3a:56:27:d0:57:4d:
c2:53:e0:a7:d5:40:2c:32:30:36:38:95:6e:71:fd:c6:37:b3:
a6:6f:af:14:a1:ef:0e:cb:e3:79:14:57:8b:5e:10:be:59:86:
08:6f:c2:f2:b0:52:e6:9e:70:83:0e:8f:aa:31:24:cd:c6:7b:
43:5e:7e:bd:b2:21:31:77:68:38:f1:8d:d3:ee:7f:a4:f6:e8:
a0:4c:09:01:ca:50:d9:14:00:a9:a1:54:53:b4:8d:c0:87:67:
98:b3:bd:1e:c5:e6:ad:89:22:bf:ec:e8:fb:b2:72:98:85:db:
5a:47:6a:50
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgICcAgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNTA2MjYw
MTQ0MzdaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDQ0RjYxRTVDOTQ0N0U3
NzZGNkZDRkM3QUY0MUFCNTZENTREMEI1NDIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCjSmmfVfzwDozr0twM7Vvg+vroZonZhfT8RKSt9K37Ymx10lqb
XyH9g9/fzmEKaHaUrU7Efpt7TNBYwfXnkJO/2m3AOU842nnaJJQPUT6TflzlCBt1
BtW3u+SQoMBNtxXF+gXIMNANajsp4TYXmdnWRtC7VmDbFtLX3f4Wm/ev/gzHuzWi
kEwcZzzEIYgiwiu1iUQ0gtdm5Kj4ZkX5slGF8qLdicr3T2bsqCrVIehr94DaoMBz
S70Ucckk2h+5CwLkZPdARsBNd+2yPpTSEcIgCdKVfUNQEEtlt4OdqaHvMe3lQ7eH
wYTLnQg6WeoXg7UiGxUiuQCu7/VKcmX3nuMjAgMBAAGjggI0MIICMDAdBgNVHQ4E
FgQURPYeXJRH53b2/Px69Bq1bVTQtUIwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1JQWWVYSlJINTNiMl9Q
eDY5QnExYlZUUXRVSS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwYgYIKwYBBQUHAQcBAf8EUzBRME8EAgABMEkD
BAIr7zADBAMr9gAwDAMEAiv2DAMEBCv2IDAMAwQCK/Y0AwQCK/ZgAwQCZyMwMAsD
AwJn7AMEA2fsEDAMAwQCZ+wcAwQCZ+xgMA0GCSqGSIb3DQEBCwUAA4IBAQBhvy/7
tdJ6281eTgd+0bXwGgSG4e3OOVJN/O5GS4QI/xcjHvMMhTw+1w/maWE+wM33Xik2
Q4c92FAIA7uPGjyeBSHrDNSzZHvxOm5e+fXCN5IkEWd6L2RDJiIYvsADcUCMKP7q
wIQ/OnWlys0EVDlcdf1PFD3vFhKFb7wxDIEJTCjwJCXEkdCPsHI6VifQV03CU+Cn
1UAsMjA2OJVucf3GN7Omb68Uoe8Oy+N5FFeLXhC+WYYIb8LysFLmnnCDDo+qMSTN
xntDXn69siExd2g48Y3T7n+k9uigTAkBylDZFACpoVRTtI3Ah2eYs70exeatiSK/
7Oj7snKYhdtaR2pQ
-----END CERTIFICATE-----
Generated at Sun Jul 20 12:32:07 2025 by rpki-client