Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/Re-G7xrJw30sMkbnlzFPMCMvi1g.roa
File: Re-G7xrJw30sMkbnlzFPMCMvi1g.roa (raw, json)
Hash identifier: ftBvxBcvQkuKwi+T3YRhawMt4f+zoE4GCLyTHzRi3Ec=
Subject key identifier: 45:EF:86:EF:1A:C9:C3:7D:2C:32:46:E7:97:31:4F:30:23:2F:8B:58
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 75BA
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/Re-G7xrJw30sMkbnlzFPMCMvi1g.roa
Signing time: Fri 11 Jul 2025 06:15:11 +0000
ROA not before: Fri 11 Jul 2025 06:15:11 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 24426
IP address blocks: 43.239.48.0/22 maxlen: 22
43.246.0.0/22 maxlen: 22
43.246.4.0/22 maxlen: 22
43.246.12.0/22 maxlen: 22
43.246.16.0/22 maxlen: 22
43.246.20.0/22 maxlen: 22
43.246.24.0/22 maxlen: 22
43.246.28.0/22 maxlen: 22
43.246.32.0/22 maxlen: 22
43.246.36.0/22 maxlen: 22
43.246.40.0/22 maxlen: 22
43.246.44.0/22 maxlen: 22
43.246.52.0/22 maxlen: 22
43.246.56.0/22 maxlen: 22
43.246.60.0/22 maxlen: 22
43.246.64.0/22 maxlen: 22
43.246.68.0/22 maxlen: 22
43.246.72.0/22 maxlen: 22
43.246.76.0/22 maxlen: 22
43.246.80.0/22 maxlen: 22
43.246.84.0/22 maxlen: 22
43.246.88.0/22 maxlen: 22
43.246.92.0/22 maxlen: 22
43.246.96.0/22 maxlen: 22
103.35.48.0/22 maxlen: 22
103.236.0.0/22 maxlen: 22
103.236.4.0/22 maxlen: 22
103.236.8.0/22 maxlen: 22
103.236.12.0/22 maxlen: 22
103.236.16.0/22 maxlen: 22
103.236.20.0/22 maxlen: 22
103.236.28.0/22 maxlen: 22
103.236.32.0/22 maxlen: 22
103.236.36.0/22 maxlen: 22
103.236.40.0/22 maxlen: 22
103.236.44.0/22 maxlen: 22
103.236.48.0/22 maxlen: 22
103.236.52.0/22 maxlen: 22
103.236.56.0/22 maxlen: 22
103.236.60.0/22 maxlen: 22
103.236.64.0/22 maxlen: 22
103.236.68.0/22 maxlen: 22
103.236.72.0/22 maxlen: 22
103.236.76.0/22 maxlen: 22
103.236.80.0/22 maxlen: 22
103.236.84.0/22 maxlen: 22
103.236.88.0/22 maxlen: 22
103.236.92.0/22 maxlen: 22
103.236.96.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 30138 (0x75ba)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Jul 11 06:15:11 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=45EF86EF1AC9C37D2C3246E797314F30232F8B58
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:76:11:93:ed:8a:a9:8a:4f:98:72:13:78:0b:
ac:8d:9d:d5:5e:4e:71:f3:b9:65:35:eb:01:54:7d:
37:24:26:32:e5:d0:62:3e:6c:4f:89:87:b8:6c:90:
94:d6:f2:a1:07:cd:84:f2:db:06:05:24:9e:32:76:
60:4e:be:fa:ed:77:66:6d:ec:f4:e6:71:51:48:94:
c7:51:b7:c9:a5:54:e4:1f:eb:da:31:b8:e8:8f:ba:
6b:5f:91:d9:50:48:68:3b:ed:36:da:f3:ba:99:28:
30:77:8b:b9:27:0a:fb:81:f5:54:4f:56:06:61:2f:
fc:6e:82:da:8a:d3:27:c0:9a:ee:ec:db:ca:d9:34:
2c:38:9b:a5:12:9c:d9:57:ed:7e:1b:d4:38:39:0e:
93:e9:f0:fc:b5:5d:a1:64:36:f6:53:e7:a4:0f:a4:
59:e5:dc:03:25:c0:27:9c:8c:0f:28:ad:95:8d:8e:
dd:d6:5b:6e:2d:d1:9f:52:d6:a1:13:21:67:6b:9e:
16:f1:d8:1f:46:cf:d4:69:0f:44:a1:5b:0d:e0:a2:
93:11:a8:d9:e1:f9:27:0f:fa:65:5f:5c:36:23:2e:
2a:2a:f1:29:28:f1:3b:a5:8c:5b:e4:1d:08:8f:b9:
be:29:96:70:8e:08:dd:20:97:81:ae:51:e7:9a:1b:
60:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:EF:86:EF:1A:C9:C3:7D:2C:32:46:E7:97:31:4F:30:23:2F:8B:58
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/Re-G7xrJw30sMkbnlzFPMCMvi1g.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.48.0/22
43.246.0.0/21
43.246.12.0-43.246.47.255
43.246.52.0-43.246.99.255
103.35.48.0/22
103.236.0.0-103.236.23.255
103.236.28.0-103.236.99.255
Signature Algorithm: sha256WithRSAEncryption
b5:a9:fd:90:f2:8f:0f:4e:23:64:45:e8:bb:44:5b:a0:a4:e3:
dc:7f:89:ba:a4:2a:e0:56:ce:f7:5b:f8:8e:a6:ff:e3:e5:0f:
a0:9f:60:85:0e:7f:90:b5:39:18:ee:85:53:b2:af:0e:84:27:
40:c4:9f:b2:72:2c:11:8b:c8:37:10:25:2e:41:94:59:1e:82:
27:94:69:ab:2b:b4:35:83:55:11:a9:db:09:59:05:8e:93:96:
cd:74:32:d3:7e:d5:a3:b9:26:52:16:71:87:32:c8:7c:45:54:
49:e4:3c:db:10:a8:0d:e4:b2:b8:13:1b:3a:ee:c0:0d:ea:1a:
73:04:91:74:0e:f1:72:01:45:92:da:7a:c0:fb:2e:0c:4e:1d:
7d:d5:86:8b:bb:cf:b9:ce:d3:57:5f:12:87:a0:a1:72:37:21:
13:98:07:bf:b6:da:9d:5f:70:4f:69:91:f7:d1:4a:63:94:90:
b9:97:90:c2:d0:e6:ff:1f:6c:15:18:de:00:6b:d2:85:9b:ef:
60:3b:a3:9a:85:84:2e:af:81:be:f3:dc:5a:43:51:54:ac:a1:
b4:01:ba:ee:93:bc:bb:2d:f8:6c:ca:95:4c:2a:7d:12:0e:c9:
50:ab:19:87:d7:57:75:e9:8a:0f:87:ce:ef:1b:87:72:90:8b:
52:86:c6:b8
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgICdbowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNTA3MTEw
NjE1MTFaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDQ1RUY4NkVGMUFDOUMz
N0QyQzMyNDZFNzk3MzE0RjMwMjMyRjhCNTgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCydhGT7Yqpik+YchN4C6yNndVeTnHzuWU16wFUfTckJjLl0GI+
bE+Jh7hskJTW8qEHzYTy2wYFJJ4ydmBOvvrtd2Zt7PTmcVFIlMdRt8mlVOQf69ox
uOiPumtfkdlQSGg77Tba87qZKDB3i7knCvuB9VRPVgZhL/xugtqK0yfAmu7s28rZ
NCw4m6USnNlX7X4b1Dg5DpPp8Py1XaFkNvZT56QPpFnl3AMlwCecjA8orZWNjt3W
W24t0Z9S1qETIWdrnhbx2B9Gz9RpD0ShWw3gopMRqNnh+ScP+mVfXDYjLioq8Sko
8TuljFvkHQiPub4plnCOCN0gl4GuUeeaG2D7AgMBAAGjggI0MIICMDAdBgNVHQ4E
FgQURe+G7xrJw30sMkbnlzFPMCMvi1gwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1JlLUc3eHJKdzMwc01r
Ym5sekZQTUNNdmkxZy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwYgYIKwYBBQUHAQcBAf8EUzBRME8EAgABMEkD
BAIr7zADBAMr9gAwDAMEAiv2DAMEBCv2IDAMAwQCK/Y0AwQCK/ZgAwQCZyMwMAsD
AwJn7AMEA2fsEDAMAwQCZ+wcAwQCZ+xgMA0GCSqGSIb3DQEBCwUAA4IBAQC1qf2Q
8o8PTiNkRei7RFugpOPcf4m6pCrgVs73W/iOpv/j5Q+gn2CFDn+QtTkY7oVTsq8O
hCdAxJ+yciwRi8g3ECUuQZRZHoInlGmrK7Q1g1URqdsJWQWOk5bNdDLTftWjuSZS
FnGHMsh8RVRJ5DzbEKgN5LK4Exs67sAN6hpzBJF0DvFyAUWS2nrA+y4MTh191YaL
u8+5ztNXXxKHoKFyNyETmAe/ttqdX3BPaZH30UpjlJC5l5DC0Ob/H2wVGN4Aa9KF
m+9gO6OahYQur4G+89xaQ1FUrKG0Abruk7y7LfhsypVMKn0SDslQqxmH11d16YoP
h87vG4dykItShsa4
-----END CERTIFICATE-----
Generated at Sun Jul 20 12:34:20 2025 by rpki-client