Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/V6lvUeltJNz_usVa32LLlnOGp6Y.roa
File: V6lvUeltJNz_usVa32LLlnOGp6Y.roa (raw, json)
Hash identifier: MiAgoprho8+zFIAvJaCW0wJiUX3P1QZVeXogUC9vb1c=
Subject key identifier: 57:A9:6F:51:E9:6D:24:DC:FF:BA:C5:5A:DF:62:CB:96:73:86:A7:A6
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 7092
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/V6lvUeltJNz_usVa32LLlnOGp6Y.roa
Signing time: Fri 27 Jun 2025 12:18:22 +0000
ROA not before: Fri 27 Jun 2025 12:18:22 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 24426
IP address blocks: 43.239.48.0/22 maxlen: 22
43.246.0.0/22 maxlen: 22
43.246.4.0/22 maxlen: 22
43.246.12.0/22 maxlen: 22
43.246.16.0/22 maxlen: 22
43.246.20.0/22 maxlen: 22
43.246.24.0/22 maxlen: 22
43.246.28.0/22 maxlen: 22
43.246.32.0/22 maxlen: 22
43.246.36.0/22 maxlen: 22
43.246.40.0/22 maxlen: 22
43.246.44.0/22 maxlen: 22
43.246.52.0/22 maxlen: 22
43.246.56.0/22 maxlen: 22
43.246.60.0/22 maxlen: 22
43.246.64.0/22 maxlen: 22
43.246.68.0/22 maxlen: 22
43.246.72.0/22 maxlen: 22
43.246.76.0/22 maxlen: 22
43.246.80.0/22 maxlen: 22
43.246.84.0/22 maxlen: 22
43.246.88.0/22 maxlen: 22
43.246.92.0/22 maxlen: 22
43.246.96.0/22 maxlen: 22
103.35.48.0/22 maxlen: 22
103.236.0.0/22 maxlen: 22
103.236.4.0/22 maxlen: 22
103.236.8.0/22 maxlen: 22
103.236.12.0/22 maxlen: 22
103.236.16.0/22 maxlen: 22
103.236.20.0/22 maxlen: 22
103.236.28.0/22 maxlen: 22
103.236.32.0/22 maxlen: 22
103.236.36.0/22 maxlen: 22
103.236.40.0/22 maxlen: 22
103.236.44.0/22 maxlen: 22
103.236.48.0/22 maxlen: 22
103.236.52.0/22 maxlen: 22
103.236.56.0/22 maxlen: 22
103.236.60.0/22 maxlen: 22
103.236.64.0/22 maxlen: 22
103.236.68.0/22 maxlen: 22
103.236.72.0/22 maxlen: 22
103.236.76.0/22 maxlen: 22
103.236.80.0/22 maxlen: 22
103.236.84.0/22 maxlen: 22
103.236.88.0/22 maxlen: 22
103.236.92.0/22 maxlen: 22
103.236.96.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 28818 (0x7092)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Jun 27 12:18:22 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=57A96F51E96D24DCFFBAC55ADF62CB967386A7A6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:3e:93:6a:85:2c:de:22:93:39:8b:b4:b1:08:
f8:6f:8c:6f:0b:2b:2c:39:ce:5d:26:77:ac:ee:3d:
44:3e:61:f4:34:0f:b5:8f:c1:71:58:2f:c9:43:3f:
10:cc:c9:1d:25:72:94:3f:a9:22:49:62:f7:3d:ab:
a9:34:e1:36:e4:f3:50:79:4e:ed:26:47:92:19:7a:
c3:a4:45:55:82:69:52:ec:8e:76:bc:12:fa:b2:bc:
a7:bd:25:ac:7e:08:d0:a5:36:ad:27:2d:ea:e3:f5:
e4:17:37:13:66:84:f1:f6:d5:d7:11:74:1f:5c:0c:
53:10:56:64:bb:a7:a4:6d:00:59:b8:10:41:ae:a4:
aa:f5:7a:31:de:55:35:7c:82:9a:39:c8:53:4f:8b:
8d:d6:67:f2:c6:64:c2:fa:db:54:68:8a:86:49:cb:
39:89:c7:62:18:67:f8:82:95:9b:29:a3:4f:3f:33:
02:3d:e3:c8:f9:cb:f4:a0:52:18:0d:c8:66:8f:be:
e0:c4:e5:e4:0d:da:30:61:ae:9f:5f:20:44:00:97:
d5:69:31:71:fb:36:3f:0f:df:e9:60:3f:8f:6f:7f:
23:5c:b4:d2:2f:d6:19:ac:69:aa:85:96:ef:2c:b2:
24:bd:27:ce:0d:8a:b9:cf:24:85:95:f8:c6:98:c5:
5d:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:A9:6F:51:E9:6D:24:DC:FF:BA:C5:5A:DF:62:CB:96:73:86:A7:A6
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/V6lvUeltJNz_usVa32LLlnOGp6Y.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.48.0/22
43.246.0.0/21
43.246.12.0-43.246.47.255
43.246.52.0-43.246.99.255
103.35.48.0/22
103.236.0.0-103.236.23.255
103.236.28.0-103.236.99.255
Signature Algorithm: sha256WithRSAEncryption
29:3b:2f:f5:1e:43:94:d5:6a:3e:fa:5e:57:33:7e:ca:37:75:
06:5a:6d:3f:cc:70:44:a7:c1:f9:a5:0a:8f:2c:b1:50:69:aa:
ea:63:66:b5:03:69:6a:a1:66:8c:d9:8c:dc:46:c2:d7:aa:61:
dd:83:98:70:76:78:fd:11:c3:39:1e:91:8d:99:d0:f2:53:e5:
58:a1:27:83:08:c5:79:b4:06:61:75:a9:7a:34:d8:8d:d8:35:
e1:8e:58:90:7a:58:9d:a2:a0:2a:71:fc:8b:be:a4:de:4f:dc:
71:f9:6a:bf:9e:94:a4:13:cf:d2:7d:17:84:61:bd:f6:f5:3b:
b4:8e:c2:0b:10:9e:1a:3b:8d:27:f1:55:9b:56:c4:a6:d7:77:
0f:73:44:15:7b:a5:fe:26:16:aa:f2:94:bf:6f:e2:33:05:73:
6c:62:4f:20:e8:c3:9b:72:7d:21:c7:21:4e:28:da:81:1e:d4:
4b:c1:30:3b:4c:5d:9e:f0:ae:48:ee:e8:07:54:c4:c3:34:fb:
6b:2f:21:04:5c:05:29:a8:81:fb:23:b6:97:60:ce:5a:7a:19:
49:9a:39:c5:30:bc:f2:0f:67:6f:ab:6c:07:ca:23:92:be:44:
94:43:f9:9b:a7:34:0e:29:eb:61:92:a7:73:09:33:bb:fc:2c:
ae:c3:b0:22
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgICcJIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNTA2Mjcx
MjE4MjJaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDU3QTk2RjUxRTk2RDI0
RENGRkJBQzU1QURGNjJDQjk2NzM4NkE3QTYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCcPpNqhSzeIpM5i7SxCPhvjG8LKyw5zl0md6zuPUQ+YfQ0D7WP
wXFYL8lDPxDMyR0lcpQ/qSJJYvc9q6k04Tbk81B5Tu0mR5IZesOkRVWCaVLsjna8
EvqyvKe9Jax+CNClNq0nLerj9eQXNxNmhPH21dcRdB9cDFMQVmS7p6RtAFm4EEGu
pKr1ejHeVTV8gpo5yFNPi43WZ/LGZML621RoioZJyzmJx2IYZ/iClZspo08/MwI9
48j5y/SgUhgNyGaPvuDE5eQN2jBhrp9fIEQAl9VpMXH7Nj8P3+lgP49vfyNctNIv
1hmsaaqFlu8ssiS9J84NirnPJIWV+MaYxV1FAgMBAAGjggI0MIICMDAdBgNVHQ4E
FgQUV6lvUeltJNz/usVa32LLlnOGp6YwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1Y2bHZVZWx0Sk56X3Vz
VmEzMkxMbG5PR3A2WS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwYgYIKwYBBQUHAQcBAf8EUzBRME8EAgABMEkD
BAIr7zADBAMr9gAwDAMEAiv2DAMEBCv2IDAMAwQCK/Y0AwQCK/ZgAwQCZyMwMAsD
AwJn7AMEA2fsEDAMAwQCZ+wcAwQCZ+xgMA0GCSqGSIb3DQEBCwUAA4IBAQApOy/1
HkOU1Wo++l5XM37KN3UGWm0/zHBEp8H5pQqPLLFQaarqY2a1A2lqoWaM2YzcRsLX
qmHdg5hwdnj9EcM5HpGNmdDyU+VYoSeDCMV5tAZhdal6NNiN2DXhjliQelidoqAq
cfyLvqTeT9xx+Wq/npSkE8/SfReEYb329Tu0jsILEJ4aO40n8VWbVsSm13cPc0QV
e6X+Jhaq8pS/b+IzBXNsYk8g6MObcn0hxyFOKNqBHtRLwTA7TF2e8K5I7ugHVMTD
NPtrLyEEXAUpqIH7I7aXYM5aehlJmjnFMLzyD2dvq2wHyiOSvkSUQ/mbpzQOKeth
kqdzCTO7/Cyuw7Ai
-----END CERTIFICATE-----
Generated at Sun Jul 20 12:38:38 2025 by rpki-client