Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/VLBli8A4W8T3RD0pJfSJLGNUrOM.roa
File: VLBli8A4W8T3RD0pJfSJLGNUrOM.roa (raw, json)
Hash identifier: 9LjNRf7TwlvGX0Bn6ju14Rm4LYP9Xi1BpI/BTFPL+hY=
Subject key identifier: 54:B0:65:8B:C0:38:5B:C4:F7:44:3D:29:25:F4:89:2C:63:54:AC:E3
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 6E6E
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/VLBli8A4W8T3RD0pJfSJLGNUrOM.roa
Signing time: Sun 22 Jun 2025 01:17:57 +0000
ROA not before: Sun 22 Jun 2025 01:17:57 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 24426
IP address blocks: 43.239.48.0/22 maxlen: 22
43.246.0.0/22 maxlen: 22
43.246.4.0/22 maxlen: 22
43.246.12.0/22 maxlen: 22
43.246.16.0/22 maxlen: 22
43.246.20.0/22 maxlen: 22
43.246.24.0/22 maxlen: 22
43.246.28.0/22 maxlen: 22
43.246.32.0/22 maxlen: 22
43.246.36.0/22 maxlen: 22
43.246.40.0/22 maxlen: 22
43.246.44.0/22 maxlen: 22
43.246.52.0/22 maxlen: 22
43.246.56.0/22 maxlen: 22
43.246.60.0/22 maxlen: 22
43.246.64.0/22 maxlen: 22
43.246.68.0/22 maxlen: 22
43.246.72.0/22 maxlen: 22
43.246.76.0/22 maxlen: 22
43.246.80.0/22 maxlen: 22
43.246.84.0/22 maxlen: 22
43.246.88.0/22 maxlen: 22
43.246.92.0/22 maxlen: 22
43.246.96.0/22 maxlen: 22
103.35.48.0/22 maxlen: 22
103.236.0.0/22 maxlen: 22
103.236.4.0/22 maxlen: 22
103.236.8.0/22 maxlen: 22
103.236.12.0/22 maxlen: 22
103.236.16.0/22 maxlen: 22
103.236.20.0/22 maxlen: 22
103.236.28.0/22 maxlen: 22
103.236.32.0/22 maxlen: 22
103.236.36.0/22 maxlen: 22
103.236.40.0/22 maxlen: 22
103.236.44.0/22 maxlen: 22
103.236.48.0/22 maxlen: 22
103.236.52.0/22 maxlen: 22
103.236.56.0/22 maxlen: 22
103.236.60.0/22 maxlen: 22
103.236.64.0/22 maxlen: 22
103.236.68.0/22 maxlen: 22
103.236.72.0/22 maxlen: 22
103.236.76.0/22 maxlen: 22
103.236.80.0/22 maxlen: 22
103.236.84.0/22 maxlen: 22
103.236.88.0/22 maxlen: 22
103.236.92.0/22 maxlen: 22
103.236.96.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 28270 (0x6e6e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Jun 22 01:17:57 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=54B0658BC0385BC4F7443D2925F4892C6354ACE3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:63:14:48:e8:4b:6f:49:3e:38:21:64:a2:06:
1e:1d:4d:ba:46:d9:a8:96:d3:c5:25:be:4d:ce:a5:
cb:df:be:b4:67:5b:09:89:3a:c2:81:93:59:ac:95:
86:06:88:1e:84:ae:e8:2b:66:2f:7a:f9:fd:9a:29:
f3:1d:53:7e:ab:35:56:cb:be:8f:b5:d8:f4:c0:1b:
51:3d:b2:5e:34:0b:cd:b3:43:b7:f5:5f:39:af:a7:
1d:b2:88:76:b9:32:5d:e3:64:f4:46:11:11:34:5f:
36:fe:9e:6e:f2:7d:ee:11:85:c0:7d:3f:65:c5:89:
9a:21:1a:00:b1:bc:d1:16:85:0a:f8:c0:30:81:95:
cb:7d:b6:44:72:43:ba:0a:c6:58:76:e2:02:97:12:
ce:3a:37:48:c2:50:a6:5f:f8:70:9a:37:81:c4:f1:
0b:55:00:aa:dc:fb:0c:24:4a:64:46:64:24:08:c5:
4f:e4:f4:2b:d9:4a:57:4a:3f:24:d2:93:6c:98:60:
60:cc:dc:e9:1a:b2:cd:bb:1b:30:51:20:42:42:db:
2e:50:66:31:e0:bc:cd:d7:12:21:8f:17:19:cb:c6:
f6:2b:d1:05:cb:a5:1f:93:4a:a3:86:8e:88:96:d4:
9d:bf:7f:28:50:2a:3d:ad:6f:ce:f0:df:f7:82:55:
87:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:B0:65:8B:C0:38:5B:C4:F7:44:3D:29:25:F4:89:2C:63:54:AC:E3
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/VLBli8A4W8T3RD0pJfSJLGNUrOM.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.48.0/22
43.246.0.0/21
43.246.12.0-43.246.47.255
43.246.52.0-43.246.99.255
103.35.48.0/22
103.236.0.0-103.236.23.255
103.236.28.0-103.236.99.255
Signature Algorithm: sha256WithRSAEncryption
5d:9b:fb:4e:62:3a:1c:d5:36:1f:7d:8b:26:1a:34:3d:06:02:
be:69:35:23:18:67:68:26:b1:34:05:fa:ef:58:23:7b:2a:6e:
34:0f:04:dd:9e:92:e8:70:01:96:5a:79:f9:91:42:8f:dc:35:
cc:bc:73:1b:b0:61:3f:dd:2a:82:d1:69:47:18:36:d7:d6:06:
77:b3:b9:74:06:4d:2d:e1:01:08:fc:e6:09:08:b9:63:12:2b:
43:8c:75:e4:9f:bb:b0:32:2e:9b:37:5d:62:62:8d:28:40:20:
26:bb:14:b7:ab:0a:d7:f7:54:99:55:21:10:27:c3:0a:46:dc:
e8:0e:47:b1:03:aa:ec:8d:a1:65:21:ae:64:4a:6a:23:38:af:
12:0f:8c:c8:ce:99:50:55:6c:7f:9c:7d:49:01:30:14:9c:65:
cc:5c:2b:99:31:48:d0:a9:26:3c:77:79:04:3e:78:18:83:ce:
15:8f:9a:47:4f:7a:a4:89:40:cb:e3:3c:38:31:72:51:c2:c7:
d8:39:23:b7:bd:ef:8b:f5:cd:c4:b2:e1:b5:1e:6c:24:82:8f:
7b:15:1d:9b:a4:c6:6f:88:26:cc:f9:d8:b8:5e:02:cb:41:83:
47:88:b1:57:94:bd:65:26:ad:66:6b:dc:57:6a:1b:cb:1c:ed:
15:da:15:3f
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgICbm4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNTA2MjIw
MTE3NTdaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDU0QjA2NThCQzAzODVC
QzRGNzQ0M0QyOTI1RjQ4OTJDNjM1NEFDRTMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDrYxRI6EtvST44IWSiBh4dTbpG2aiW08Ulvk3OpcvfvrRnWwmJ
OsKBk1mslYYGiB6ErugrZi96+f2aKfMdU36rNVbLvo+12PTAG1E9sl40C82zQ7f1
Xzmvpx2yiHa5Ml3jZPRGERE0Xzb+nm7yfe4RhcB9P2XFiZohGgCxvNEWhQr4wDCB
lct9tkRyQ7oKxlh24gKXEs46N0jCUKZf+HCaN4HE8QtVAKrc+wwkSmRGZCQIxU/k
9CvZSldKPyTSk2yYYGDM3Okass27GzBRIEJC2y5QZjHgvM3XEiGPFxnLxvYr0QXL
pR+TSqOGjoiW1J2/fyhQKj2tb87w3/eCVYcDAgMBAAGjggI0MIICMDAdBgNVHQ4E
FgQUVLBli8A4W8T3RD0pJfSJLGNUrOMwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1ZMQmxpOEE0VzhUM1JE
MHBKZlNKTEdOVXJPTS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwYgYIKwYBBQUHAQcBAf8EUzBRME8EAgABMEkD
BAIr7zADBAMr9gAwDAMEAiv2DAMEBCv2IDAMAwQCK/Y0AwQCK/ZgAwQCZyMwMAsD
AwJn7AMEA2fsEDAMAwQCZ+wcAwQCZ+xgMA0GCSqGSIb3DQEBCwUAA4IBAQBdm/tO
Yjoc1TYffYsmGjQ9BgK+aTUjGGdoJrE0BfrvWCN7Km40DwTdnpLocAGWWnn5kUKP
3DXMvHMbsGE/3SqC0WlHGDbX1gZ3s7l0Bk0t4QEI/OYJCLljEitDjHXkn7uwMi6b
N11iYo0oQCAmuxS3qwrX91SZVSEQJ8MKRtzoDkexA6rsjaFlIa5kSmojOK8SD4zI
zplQVWx/nH1JATAUnGXMXCuZMUjQqSY8d3kEPngYg84Vj5pHT3qkiUDL4zw4MXJR
wsfYOSO3ve+L9c3EsuG1Hmwkgo97FR2bpMZviCbM+di4XgLLQYNHiLFXlL1lJq1m
a9xXahvLHO0V2hU/
-----END CERTIFICATE-----
Generated at Sun Jul 20 12:54:54 2025 by rpki-client