Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/VM38x_b__YtdcEUtNYkybHFubxU.roa
File: VM38x_b__YtdcEUtNYkybHFubxU.roa (raw, json)
Hash identifier: Rb010APEUQYSaB+Zo4+i81sAhBMyRiiuEq6clwhVi9A=
Subject key identifier: 54:CD:FC:C7:F6:FF:FD:8B:5D:70:45:2D:35:89:32:6C:71:6E:6F:15
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 76E0
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/VM38x_b__YtdcEUtNYkybHFubxU.roa
Signing time: Mon 14 Jul 2025 08:11:55 +0000
ROA not before: Mon 14 Jul 2025 08:11:55 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 24426
IP address blocks: 43.239.48.0/22 maxlen: 22
43.246.0.0/22 maxlen: 22
43.246.4.0/22 maxlen: 22
43.246.12.0/22 maxlen: 22
43.246.16.0/22 maxlen: 22
43.246.20.0/22 maxlen: 22
43.246.24.0/22 maxlen: 22
43.246.28.0/22 maxlen: 22
43.246.32.0/22 maxlen: 22
43.246.36.0/22 maxlen: 22
43.246.40.0/22 maxlen: 22
43.246.44.0/22 maxlen: 22
43.246.52.0/22 maxlen: 22
43.246.56.0/22 maxlen: 22
43.246.60.0/22 maxlen: 22
43.246.64.0/22 maxlen: 22
43.246.68.0/22 maxlen: 22
43.246.72.0/22 maxlen: 22
43.246.76.0/22 maxlen: 22
43.246.80.0/22 maxlen: 22
43.246.84.0/22 maxlen: 22
43.246.88.0/22 maxlen: 22
43.246.92.0/22 maxlen: 22
43.246.96.0/22 maxlen: 22
103.35.48.0/22 maxlen: 22
103.236.0.0/22 maxlen: 22
103.236.4.0/22 maxlen: 22
103.236.8.0/22 maxlen: 22
103.236.12.0/22 maxlen: 22
103.236.16.0/22 maxlen: 22
103.236.20.0/22 maxlen: 22
103.236.28.0/22 maxlen: 22
103.236.32.0/22 maxlen: 22
103.236.36.0/22 maxlen: 22
103.236.40.0/22 maxlen: 22
103.236.44.0/22 maxlen: 22
103.236.48.0/22 maxlen: 22
103.236.52.0/22 maxlen: 22
103.236.56.0/22 maxlen: 22
103.236.60.0/22 maxlen: 22
103.236.64.0/22 maxlen: 22
103.236.68.0/22 maxlen: 22
103.236.72.0/22 maxlen: 22
103.236.76.0/22 maxlen: 22
103.236.80.0/22 maxlen: 22
103.236.84.0/22 maxlen: 22
103.236.88.0/22 maxlen: 22
103.236.92.0/22 maxlen: 22
103.236.96.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 30432 (0x76e0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Jul 14 08:11:55 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=54CDFCC7F6FFFD8B5D70452D3589326C716E6F15
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:83:27:81:a9:45:96:bd:fb:71:5a:72:f4:e1:
97:23:aa:13:96:22:56:18:37:71:26:39:1c:de:75:
35:3a:48:c8:f6:f9:bb:11:0d:29:44:3e:6c:4a:37:
a5:1f:f3:2f:28:8f:4b:f4:9f:7c:3d:0b:a5:cb:bf:
4d:65:02:af:5c:77:b2:b2:64:38:1a:29:31:a6:dc:
4a:f4:15:73:b9:06:38:73:5f:1c:40:55:26:6c:c9:
e9:e0:08:9c:05:39:5f:45:9b:33:1c:19:61:f3:31:
4f:56:19:08:07:1d:21:03:18:19:93:ab:ce:dc:9d:
4d:be:b9:ae:95:69:fd:1b:13:bb:9d:88:8b:ba:a1:
0a:f2:63:b9:30:84:d9:06:65:86:7c:3d:10:3a:d3:
1f:c0:31:fb:e4:5b:3e:c3:db:5a:b8:05:fd:80:f3:
9c:62:10:ad:ae:94:f3:83:7c:4f:82:21:97:b1:e0:
cf:75:13:05:4a:98:a1:12:ce:d2:87:ef:f2:9f:cb:
3c:a9:c8:ce:ec:63:2d:83:3f:b5:6b:c8:eb:f8:a8:
b6:8c:a4:73:f1:16:8b:b4:30:b0:e3:6d:94:1c:c4:
08:8e:5f:d5:d5:12:95:76:94:a7:e2:97:f6:1d:71:
8f:01:01:dd:4c:8d:3e:af:19:8a:8c:ba:f1:99:a0:
0e:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:CD:FC:C7:F6:FF:FD:8B:5D:70:45:2D:35:89:32:6C:71:6E:6F:15
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/VM38x_b__YtdcEUtNYkybHFubxU.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.48.0/22
43.246.0.0/21
43.246.12.0-43.246.47.255
43.246.52.0-43.246.99.255
103.35.48.0/22
103.236.0.0-103.236.23.255
103.236.28.0-103.236.99.255
Signature Algorithm: sha256WithRSAEncryption
93:46:96:0e:b7:90:75:74:6f:56:20:bf:ed:45:0d:bb:63:21:
6c:d0:a1:6f:7d:a7:99:31:94:21:30:c1:63:f3:ac:c7:6f:b2:
a4:5d:72:ac:e3:87:5b:14:12:ab:4d:71:29:53:04:e7:ca:9e:
9e:97:30:d7:8f:b7:e4:22:f7:d8:15:e6:58:ce:ef:2e:2d:93:
12:48:5f:9d:ac:38:2c:a4:64:69:54:0a:5b:47:24:8e:95:af:
4b:59:74:c0:3a:e5:49:fa:ee:2d:87:77:90:b8:5e:68:0e:a4:
77:7e:ce:9a:58:da:0e:d0:2e:0f:b4:e4:6c:68:7f:a1:97:48:
a3:98:4d:18:14:1e:f6:b9:53:2b:ba:80:2c:28:1a:2b:26:e8:
7e:53:01:1d:f2:ee:bd:5f:d0:96:a8:ca:6e:a5:07:55:ff:af:
87:32:e8:50:63:ce:ba:d8:1d:36:c0:5b:1a:04:ad:45:62:53:
8f:94:08:87:4f:bf:06:e4:68:0d:48:27:76:a3:bc:3d:18:a3:
b3:d8:b9:18:62:bf:44:c5:2e:7b:2f:71:32:51:3a:06:51:10:
c1:f1:b4:3e:ae:99:c5:26:3f:2a:be:8c:2c:4b:4b:bd:cb:ba:
d0:4e:30:4e:ec:11:e2:a5:1d:1c:1d:f1:0c:8f:94:41:be:b0:
a1:8c:f4:e1
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgICduAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNTA3MTQw
ODExNTVaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDU0Q0RGQ0M3RjZGRkZE
OEI1RDcwNDUyRDM1ODkzMjZDNzE2RTZGMTUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC1gyeBqUWWvftxWnL04ZcjqhOWIlYYN3EmORzedTU6SMj2+bsR
DSlEPmxKN6Uf8y8oj0v0n3w9C6XLv01lAq9cd7KyZDgaKTGm3Er0FXO5BjhzXxxA
VSZsyengCJwFOV9FmzMcGWHzMU9WGQgHHSEDGBmTq87cnU2+ua6Vaf0bE7udiIu6
oQryY7kwhNkGZYZ8PRA60x/AMfvkWz7D21q4Bf2A85xiEK2ulPODfE+CIZex4M91
EwVKmKESztKH7/KfyzypyM7sYy2DP7VryOv4qLaMpHPxFou0MLDjbZQcxAiOX9XV
EpV2lKfil/YdcY8BAd1MjT6vGYqMuvGZoA4LAgMBAAGjggI0MIICMDAdBgNVHQ4E
FgQUVM38x/b//YtdcEUtNYkybHFubxUwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1ZNMzh4X2JfX1l0ZGNF
VXROWWt5YkhGdWJ4VS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwYgYIKwYBBQUHAQcBAf8EUzBRME8EAgABMEkD
BAIr7zADBAMr9gAwDAMEAiv2DAMEBCv2IDAMAwQCK/Y0AwQCK/ZgAwQCZyMwMAsD
AwJn7AMEA2fsEDAMAwQCZ+wcAwQCZ+xgMA0GCSqGSIb3DQEBCwUAA4IBAQCTRpYO
t5B1dG9WIL/tRQ27YyFs0KFvfaeZMZQhMMFj86zHb7KkXXKs44dbFBKrTXEpUwTn
yp6elzDXj7fkIvfYFeZYzu8uLZMSSF+drDgspGRpVApbRySOla9LWXTAOuVJ+u4t
h3eQuF5oDqR3fs6aWNoO0C4PtORsaH+hl0ijmE0YFB72uVMruoAsKBorJuh+UwEd
8u69X9CWqMpupQdV/6+HMuhQY8662B02wFsaBK1FYlOPlAiHT78G5GgNSCd2o7w9
GKOz2LkYYr9ExS57L3EyUToGURDB8bQ+rpnFJj8qvowsS0u9y7rQTjBO7BHipR0c
HfEMj5RBvrChjPTh
-----END CERTIFICATE-----
Generated at Sun Jul 20 12:43:21 2025 by rpki-client