Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/S7WFySTw47gjCJtu9Wq_Y-tgKRQ.roa
File: S7WFySTw47gjCJtu9Wq_Y-tgKRQ.roa (raw, json)
Hash identifier: 70wyNgxf/s1oE6BYPDRCSnm5s4LMxuzfUQL3FCg1Dso=
Subject key identifier: 4B:B5:85:C9:24:F0:E3:B8:23:08:9B:6E:F5:6A:BF:63:EB:60:29:14
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 69C6
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/S7WFySTw47gjCJtu9Wq_Y-tgKRQ.roa
Signing time: Mon 09 Jun 2025 03:42:13 +0000
ROA not before: Mon 09 Jun 2025 03:42:13 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 24426
IP address blocks: 43.239.48.0/22 maxlen: 22
43.246.0.0/22 maxlen: 22
43.246.4.0/22 maxlen: 22
43.246.12.0/22 maxlen: 22
43.246.16.0/22 maxlen: 22
43.246.20.0/22 maxlen: 22
43.246.24.0/22 maxlen: 22
43.246.28.0/22 maxlen: 22
43.246.32.0/22 maxlen: 22
43.246.36.0/22 maxlen: 22
43.246.40.0/22 maxlen: 22
43.246.44.0/22 maxlen: 22
43.246.52.0/22 maxlen: 22
43.246.56.0/22 maxlen: 22
43.246.60.0/22 maxlen: 22
43.246.64.0/22 maxlen: 22
43.246.68.0/22 maxlen: 22
43.246.72.0/22 maxlen: 22
43.246.76.0/22 maxlen: 22
43.246.80.0/22 maxlen: 22
43.246.84.0/22 maxlen: 22
43.246.88.0/22 maxlen: 22
43.246.92.0/22 maxlen: 22
43.246.96.0/22 maxlen: 22
103.35.48.0/22 maxlen: 22
103.236.0.0/22 maxlen: 22
103.236.4.0/22 maxlen: 22
103.236.8.0/22 maxlen: 22
103.236.12.0/22 maxlen: 22
103.236.16.0/22 maxlen: 22
103.236.20.0/22 maxlen: 22
103.236.28.0/22 maxlen: 22
103.236.32.0/22 maxlen: 22
103.236.36.0/22 maxlen: 22
103.236.40.0/22 maxlen: 22
103.236.44.0/22 maxlen: 22
103.236.48.0/22 maxlen: 22
103.236.52.0/22 maxlen: 22
103.236.56.0/22 maxlen: 22
103.236.60.0/22 maxlen: 22
103.236.64.0/22 maxlen: 22
103.236.68.0/22 maxlen: 22
103.236.72.0/22 maxlen: 22
103.236.76.0/22 maxlen: 22
103.236.80.0/22 maxlen: 22
103.236.84.0/22 maxlen: 22
103.236.88.0/22 maxlen: 22
103.236.92.0/22 maxlen: 22
103.236.96.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 27078 (0x69c6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Jun 9 03:42:13 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=4BB585C924F0E3B823089B6EF56ABF63EB602914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:60:26:c0:46:ff:9f:bc:ee:17:c9:9b:02:c0:
10:28:d2:d2:10:09:9a:99:76:4e:45:3a:22:6b:b9:
79:29:45:f1:0a:ee:22:76:58:5a:61:91:b2:4c:59:
94:89:84:49:6e:3b:0a:5a:14:7b:35:53:a5:a9:a3:
4a:20:54:5f:2a:41:e0:31:f8:bb:60:91:71:58:7a:
2e:ba:fa:f5:d6:71:a6:2c:b3:04:c7:3d:22:66:aa:
61:d9:1f:ec:c3:26:9e:c2:a4:f0:a3:ab:a3:43:8e:
ca:64:50:ed:b5:9e:91:b9:64:7b:be:dd:83:4a:cf:
61:a6:9a:d0:d2:71:d2:5e:d5:3d:d2:71:a0:02:a2:
87:07:54:42:a2:a5:c8:5c:d0:7e:8f:5e:21:b4:3c:
12:50:a9:cb:42:16:e1:c7:59:ec:31:01:e9:2c:24:
96:67:f6:a0:09:3a:d9:0b:12:41:07:77:7a:95:4e:
71:62:02:07:3e:79:81:11:75:8f:bc:d6:5c:6f:00:
68:bf:a0:08:c2:25:60:8e:f4:0d:87:c5:50:68:80:
d8:b7:04:d5:32:85:bc:e9:12:8a:a0:4c:e4:1c:a4:
bc:d8:a6:6f:28:80:07:6e:f0:89:c0:cc:40:2b:73:
e7:4a:5f:e4:29:0c:77:70:95:1a:22:bc:11:7d:21:
82:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:B5:85:C9:24:F0:E3:B8:23:08:9B:6E:F5:6A:BF:63:EB:60:29:14
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/S7WFySTw47gjCJtu9Wq_Y-tgKRQ.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.48.0/22
43.246.0.0/21
43.246.12.0-43.246.47.255
43.246.52.0-43.246.99.255
103.35.48.0/22
103.236.0.0-103.236.23.255
103.236.28.0-103.236.99.255
Signature Algorithm: sha256WithRSAEncryption
7a:bb:b8:17:fe:c5:a8:62:79:d8:29:9c:be:e0:dd:58:83:f0:
51:1f:f8:08:f0:c6:21:7f:8a:8e:f7:70:2a:28:25:72:74:f0:
53:43:89:35:ea:3d:35:0e:7e:a4:3c:1e:86:89:aa:d4:93:29:
b8:57:39:60:8a:9e:34:58:17:ba:e5:43:72:a7:18:c6:35:64:
70:96:f8:26:84:5a:53:2f:55:37:6a:5c:36:e8:c4:ed:79:0d:
73:7e:6f:f5:6a:b8:86:91:07:88:37:a7:87:6a:5e:af:46:d4:
44:f3:92:fc:a8:a0:36:3f:ce:ec:c6:07:24:67:32:05:68:35:
b6:b9:df:31:8f:67:1f:84:89:de:39:44:bc:91:5d:06:50:95:
6f:b3:35:45:87:c4:70:7d:e5:38:08:21:ea:83:29:35:3f:09:
93:ef:d6:ff:b5:ff:1a:d4:f8:02:50:2c:c0:91:0a:b2:6b:5d:
7d:53:b9:35:97:53:3b:e4:02:11:84:78:47:89:20:08:27:26:
0a:8e:22:23:77:33:30:0e:80:5b:f6:4c:e4:67:d5:03:e3:8f:
01:82:a3:03:3e:47:41:a4:a3:ad:b1:d8:f0:71:60:a9:15:17:
74:42:d7:5d:43:ff:0d:3f:4b:03:1f:51:01:ce:45:c5:fb:c7:
75:db:d5:59
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgICacYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNTA2MDkw
MzQyMTNaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDRCQjU4NUM5MjRGMEUz
QjgyMzA4OUI2RUY1NkFCRjYzRUI2MDI5MTQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDAYCbARv+fvO4XyZsCwBAo0tIQCZqZdk5FOiJruXkpRfEK7iJ2
WFphkbJMWZSJhEluOwpaFHs1U6Wpo0ogVF8qQeAx+LtgkXFYei66+vXWcaYsswTH
PSJmqmHZH+zDJp7CpPCjq6NDjspkUO21npG5ZHu+3YNKz2GmmtDScdJe1T3ScaAC
oocHVEKipchc0H6PXiG0PBJQqctCFuHHWewxAeksJJZn9qAJOtkLEkEHd3qVTnFi
Agc+eYERdY+81lxvAGi/oAjCJWCO9A2HxVBogNi3BNUyhbzpEoqgTOQcpLzYpm8o
gAdu8InAzEArc+dKX+QpDHdwlRoivBF9IYLlAgMBAAGjggI0MIICMDAdBgNVHQ4E
FgQUS7WFySTw47gjCJtu9Wq/Y+tgKRQwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1M3V0Z5U1R3NDdnakNK
dHU5V3FfWS10Z0tSUS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwYgYIKwYBBQUHAQcBAf8EUzBRME8EAgABMEkD
BAIr7zADBAMr9gAwDAMEAiv2DAMEBCv2IDAMAwQCK/Y0AwQCK/ZgAwQCZyMwMAsD
AwJn7AMEA2fsEDAMAwQCZ+wcAwQCZ+xgMA0GCSqGSIb3DQEBCwUAA4IBAQB6u7gX
/sWoYnnYKZy+4N1Yg/BRH/gI8MYhf4qO93AqKCVydPBTQ4k16j01Dn6kPB6GiarU
kym4Vzlgip40WBe65UNypxjGNWRwlvgmhFpTL1U3alw26MTteQ1zfm/1ariGkQeI
N6eHal6vRtRE85L8qKA2P87sxgckZzIFaDW2ud8xj2cfhIneOUS8kV0GUJVvszVF
h8RwfeU4CCHqgyk1PwmT79b/tf8a1PgCUCzAkQqya119U7k1l1M75AIRhHhHiSAI
JyYKjiIjdzMwDoBb9kzkZ9UD448BgqMDPkdBpKOtsdjwcWCpFRd0QtddQ/8NP0sD
H1EBzkXF+8d129VZ
-----END CERTIFICATE-----
Generated at Sun Jul 20 12:49:27 2025 by rpki-client