Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/SMhI7hUG2bA-9kOx8DfEFBxmAVs.roa
File: SMhI7hUG2bA-9kOx8DfEFBxmAVs.roa (raw, json)
Hash identifier: U0a7ZrkqUVSTmdGneedRe/bE/fgN/EXJeBQR13bOp4g=
Subject key identifier: 48:C8:48:EE:15:06:D9:B0:3E:F6:43:B1:F0:37:C4:14:1C:66:01:5B
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 6322
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/SMhI7hUG2bA-9kOx8DfEFBxmAVs.roa
Signing time: Thu 22 May 2025 10:41:04 +0000
ROA not before: Thu 22 May 2025 10:41:04 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 24426
IP address blocks: 43.239.48.0/22 maxlen: 22
43.246.0.0/22 maxlen: 22
43.246.4.0/22 maxlen: 22
43.246.12.0/22 maxlen: 22
43.246.16.0/22 maxlen: 22
43.246.20.0/22 maxlen: 22
43.246.24.0/22 maxlen: 22
43.246.28.0/22 maxlen: 22
43.246.32.0/22 maxlen: 22
43.246.36.0/22 maxlen: 22
43.246.40.0/22 maxlen: 22
43.246.44.0/22 maxlen: 22
43.246.52.0/22 maxlen: 22
43.246.56.0/22 maxlen: 22
43.246.60.0/22 maxlen: 22
43.246.64.0/22 maxlen: 22
43.246.68.0/22 maxlen: 22
43.246.72.0/22 maxlen: 22
43.246.76.0/22 maxlen: 22
43.246.80.0/22 maxlen: 22
43.246.84.0/22 maxlen: 22
43.246.88.0/22 maxlen: 22
43.246.92.0/22 maxlen: 22
43.246.96.0/22 maxlen: 22
103.35.48.0/22 maxlen: 22
103.236.0.0/22 maxlen: 22
103.236.4.0/22 maxlen: 22
103.236.8.0/22 maxlen: 22
103.236.12.0/22 maxlen: 22
103.236.16.0/22 maxlen: 22
103.236.20.0/22 maxlen: 22
103.236.28.0/22 maxlen: 22
103.236.32.0/22 maxlen: 22
103.236.36.0/22 maxlen: 22
103.236.40.0/22 maxlen: 22
103.236.44.0/22 maxlen: 22
103.236.48.0/22 maxlen: 22
103.236.52.0/22 maxlen: 22
103.236.56.0/22 maxlen: 22
103.236.60.0/22 maxlen: 22
103.236.64.0/22 maxlen: 22
103.236.68.0/22 maxlen: 22
103.236.72.0/22 maxlen: 22
103.236.76.0/22 maxlen: 22
103.236.80.0/22 maxlen: 22
103.236.84.0/22 maxlen: 22
103.236.88.0/22 maxlen: 22
103.236.92.0/22 maxlen: 22
103.236.96.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 25378 (0x6322)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 22 10:41:04 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=48C848EE1506D9B03EF643B1F037C4141C66015B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:b8:1f:0b:29:b8:8b:81:08:7a:e2:bb:ea:d4:
09:81:6b:b9:81:b7:77:cf:6d:f3:3b:d7:01:f1:b6:
d6:05:8b:52:a8:f1:c9:fe:67:ce:b9:15:e8:54:2c:
ea:50:fb:7e:53:16:f4:68:21:c1:41:53:d5:29:e9:
86:0a:79:5b:12:7a:bf:91:66:3a:92:09:00:e0:1c:
fd:34:97:b4:de:ec:07:5a:9a:d3:c4:86:a6:41:bc:
8c:3a:4a:f9:de:13:1c:56:17:52:10:48:f3:35:35:
ec:86:6c:16:f0:45:8b:6b:82:ba:48:c5:5b:8d:92:
7b:d1:a9:8a:61:e3:9a:cf:72:e4:9d:9d:3b:59:f7:
62:93:f0:1f:74:ee:59:32:19:15:8f:51:8f:98:fc:
dd:bb:bb:83:f4:9d:01:2f:89:19:e6:92:12:d0:6b:
e3:2c:ba:8b:2a:1b:4d:c3:b6:49:2a:80:ff:3b:35:
aa:80:a0:99:2c:65:59:c7:70:5e:14:90:c1:e0:f9:
19:6f:93:d5:7e:fe:03:2b:3b:e1:ee:83:38:25:35:
f8:99:a8:de:63:7a:5a:d9:0d:b9:98:0c:5a:ee:d6:
53:64:05:b4:af:ab:f8:e4:80:52:60:83:c1:70:ef:
80:15:46:76:0f:d8:f7:82:13:27:1c:3a:86:3c:37:
19:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:C8:48:EE:15:06:D9:B0:3E:F6:43:B1:F0:37:C4:14:1C:66:01:5B
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/SMhI7hUG2bA-9kOx8DfEFBxmAVs.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.48.0/22
43.246.0.0/21
43.246.12.0-43.246.47.255
43.246.52.0-43.246.99.255
103.35.48.0/22
103.236.0.0-103.236.23.255
103.236.28.0-103.236.99.255
Signature Algorithm: sha256WithRSAEncryption
13:f0:93:d6:7b:27:08:61:58:37:11:ee:3f:b5:ea:03:b9:7e:
b4:97:a0:a6:b3:d6:5b:91:01:c3:ba:be:c5:29:1d:b2:b1:eb:
40:64:e0:f5:d9:c8:3f:cc:5c:ae:7b:02:a6:7b:0e:00:fe:40:
41:bf:a2:2a:8b:51:2e:4a:b0:4d:c1:18:0f:0a:8a:cb:a5:71:
4e:66:d1:74:12:20:44:78:d9:2a:37:89:79:76:20:59:7e:73:
36:63:f7:a9:4a:38:41:dc:b9:f8:cc:a9:fd:3b:ed:70:06:da:
7b:5c:a8:bf:65:11:70:69:45:0a:e2:98:47:49:15:6b:df:4e:
a9:f7:2e:83:3a:4c:0c:31:c2:9c:5a:09:a3:d6:b0:11:61:8f:
b2:e3:c7:09:f2:c1:fa:c4:d4:bf:c5:06:78:62:4d:7d:71:51:
0b:27:ed:8c:a8:48:66:cb:2c:f6:a0:5a:19:f9:2c:6a:42:d3:
9d:ec:d0:cf:65:9c:81:af:8e:6c:9e:fc:02:62:99:88:18:c5:
e5:e6:bb:aa:0a:e2:7e:f3:9f:8b:9f:9d:92:0a:26:30:ee:91:
48:3e:74:65:3d:d4:eb:50:c7:91:0e:95:94:b9:d9:b7:8f:b2:
39:ad:5c:5e:60:82:31:20:52:82:7b:31:09:a3:70:16:b4:9c:
11:8c:07:ce
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgICYyIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNTA1MjIx
MDQxMDRaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDQ4Qzg0OEVFMTUwNkQ5
QjAzRUY2NDNCMUYwMzdDNDE0MUM2NjAxNUIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDmuB8LKbiLgQh64rvq1AmBa7mBt3fPbfM71wHxttYFi1Ko8cn+
Z865FehULOpQ+35TFvRoIcFBU9Up6YYKeVsSer+RZjqSCQDgHP00l7Te7AdamtPE
hqZBvIw6SvneExxWF1IQSPM1NeyGbBbwRYtrgrpIxVuNknvRqYph45rPcuSdnTtZ
92KT8B907lkyGRWPUY+Y/N27u4P0nQEviRnmkhLQa+MsuosqG03DtkkqgP87NaqA
oJksZVnHcF4UkMHg+Rlvk9V+/gMrO+HugzglNfiZqN5jelrZDbmYDFru1lNkBbSv
q/jkgFJgg8Fw74AVRnYP2PeCEyccOoY8NxnDAgMBAAGjggI0MIICMDAdBgNVHQ4E
FgQUSMhI7hUG2bA+9kOx8DfEFBxmAVswHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1NNaEk3aFVHMmJBLTlr
T3g4RGZFRkJ4bUFWcy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwYgYIKwYBBQUHAQcBAf8EUzBRME8EAgABMEkD
BAIr7zADBAMr9gAwDAMEAiv2DAMEBCv2IDAMAwQCK/Y0AwQCK/ZgAwQCZyMwMAsD
AwJn7AMEA2fsEDAMAwQCZ+wcAwQCZ+xgMA0GCSqGSIb3DQEBCwUAA4IBAQAT8JPW
eycIYVg3Ee4/teoDuX60l6Cms9ZbkQHDur7FKR2ysetAZOD12cg/zFyuewKmew4A
/kBBv6Iqi1EuSrBNwRgPCorLpXFOZtF0EiBEeNkqN4l5diBZfnM2Y/epSjhB3Ln4
zKn9O+1wBtp7XKi/ZRFwaUUK4phHSRVr306p9y6DOkwMMcKcWgmj1rARYY+y48cJ
8sH6xNS/xQZ4Yk19cVELJ+2MqEhmyyz2oFoZ+SxqQtOd7NDPZZyBr45snvwCYpmI
GMXl5ruqCuJ+85+Ln52SCiYw7pFIPnRlPdTrUMeRDpWUudm3j7I5rVxeYIIxIFKC
ezEJo3AWtJwRjAfO
-----END CERTIFICATE-----
Generated at Wed Jun 4 00:54:24 2025 by rpki-client