Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/VO1bJMHzNA294WHyPxTsSEReyBU.roa
File: VO1bJMHzNA294WHyPxTsSEReyBU.roa (raw, json)
Hash identifier: JElAU6p5xsDdI5Mx+xO/g6TFGgPFLCr/BFHJaKZohKc=
Subject key identifier: 54:ED:5B:24:C1:F3:34:0D:BD:E1:61:F2:3F:14:EC:48:44:5E:C8:15
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 727E
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/VO1bJMHzNA294WHyPxTsSEReyBU.roa
Signing time: Wed 02 Jul 2025 15:15:00 +0000
ROA not before: Wed 02 Jul 2025 15:15:00 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 24426
IP address blocks: 43.239.48.0/22 maxlen: 22
43.246.0.0/22 maxlen: 22
43.246.4.0/22 maxlen: 22
43.246.12.0/22 maxlen: 22
43.246.16.0/22 maxlen: 22
43.246.20.0/22 maxlen: 22
43.246.24.0/22 maxlen: 22
43.246.28.0/22 maxlen: 22
43.246.32.0/22 maxlen: 22
43.246.36.0/22 maxlen: 22
43.246.40.0/22 maxlen: 22
43.246.44.0/22 maxlen: 22
43.246.52.0/22 maxlen: 22
43.246.56.0/22 maxlen: 22
43.246.60.0/22 maxlen: 22
43.246.64.0/22 maxlen: 22
43.246.68.0/22 maxlen: 22
43.246.72.0/22 maxlen: 22
43.246.76.0/22 maxlen: 22
43.246.80.0/22 maxlen: 22
43.246.84.0/22 maxlen: 22
43.246.88.0/22 maxlen: 22
43.246.92.0/22 maxlen: 22
43.246.96.0/22 maxlen: 22
103.35.48.0/22 maxlen: 22
103.236.0.0/22 maxlen: 22
103.236.4.0/22 maxlen: 22
103.236.8.0/22 maxlen: 22
103.236.12.0/22 maxlen: 22
103.236.16.0/22 maxlen: 22
103.236.20.0/22 maxlen: 22
103.236.28.0/22 maxlen: 22
103.236.32.0/22 maxlen: 22
103.236.36.0/22 maxlen: 22
103.236.40.0/22 maxlen: 22
103.236.44.0/22 maxlen: 22
103.236.48.0/22 maxlen: 22
103.236.52.0/22 maxlen: 22
103.236.56.0/22 maxlen: 22
103.236.60.0/22 maxlen: 22
103.236.64.0/22 maxlen: 22
103.236.68.0/22 maxlen: 22
103.236.72.0/22 maxlen: 22
103.236.76.0/22 maxlen: 22
103.236.80.0/22 maxlen: 22
103.236.84.0/22 maxlen: 22
103.236.88.0/22 maxlen: 22
103.236.92.0/22 maxlen: 22
103.236.96.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 29310 (0x727e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Jul 2 15:15:00 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=54ED5B24C1F3340DBDE161F23F14EC48445EC815
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:3e:b2:e1:37:14:c8:26:58:14:08:c7:06:21:
7c:b0:66:79:d3:a8:ff:fe:69:2b:78:53:0a:eb:3d:
fc:a5:de:32:4d:40:59:a3:e8:6e:a7:6e:a2:d3:22:
51:35:9b:b9:54:55:32:96:52:15:2e:ae:d0:b0:62:
8e:e7:40:ee:b8:ad:5b:3a:04:b3:f0:4d:c0:77:e2:
fc:5e:76:77:e1:ff:c3:a0:f5:9a:30:68:77:ee:cc:
29:ad:c9:75:20:8a:4b:08:44:b6:e7:f1:f5:7b:62:
e8:d3:4a:e8:b9:a8:cc:e8:7e:cb:0d:48:9a:bb:3b:
ad:aa:79:e9:e6:17:dd:04:ee:20:b2:81:b9:7e:2d:
8c:75:1a:44:f2:ec:45:b7:53:4d:39:54:a1:97:52:
3f:9e:6f:f1:c5:52:c7:1f:6d:08:f6:7d:69:07:12:
e1:bd:36:d8:5e:fc:20:31:1c:97:79:c8:e5:df:e9:
32:39:52:b0:7d:3b:73:48:e4:53:d0:36:16:08:9b:
5a:6a:0b:e2:a5:37:48:82:cf:69:7b:58:76:03:c4:
54:1a:2d:af:23:bd:36:21:c0:f6:db:d5:46:0a:63:
c1:d7:24:3b:c1:4f:b3:99:1a:c5:c4:84:cd:8b:c7:
3d:df:c0:ce:72:c0:9b:8f:e8:b4:a2:0b:45:80:95:
39:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:ED:5B:24:C1:F3:34:0D:BD:E1:61:F2:3F:14:EC:48:44:5E:C8:15
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/VO1bJMHzNA294WHyPxTsSEReyBU.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.48.0/22
43.246.0.0/21
43.246.12.0-43.246.47.255
43.246.52.0-43.246.99.255
103.35.48.0/22
103.236.0.0-103.236.23.255
103.236.28.0-103.236.99.255
Signature Algorithm: sha256WithRSAEncryption
2b:11:02:44:66:0f:e7:3b:14:42:ab:75:d5:4b:2b:61:9a:56:
89:df:a3:36:45:a3:4e:7d:5b:19:aa:c7:5a:43:e8:1e:79:fb:
49:4b:09:d1:d8:38:32:20:51:25:26:be:03:ea:8b:d0:8d:b3:
41:8c:be:58:8a:9f:4f:c2:ac:07:e7:b8:06:d9:1c:55:31:23:
2c:bb:fd:61:8e:a2:4b:53:29:fc:1b:6b:b5:39:9d:eb:c0:5e:
a0:b6:41:46:42:69:d4:e1:94:37:36:14:d6:ae:45:3b:a3:7e:
fe:db:8f:5e:b6:46:d6:58:ff:c8:38:ae:47:61:30:dd:5a:2d:
0c:52:00:4f:99:b1:b2:c3:9f:d2:6e:6e:bf:df:c7:fc:8e:e4:
71:05:01:b1:c4:04:4a:a9:cb:a4:bc:ed:3d:94:b0:3b:8a:3b:
b2:a5:e6:4a:b0:d3:c9:ba:2b:c2:85:81:ba:28:27:49:6a:5a:
74:c3:7d:c6:0b:fe:85:d6:58:cd:73:c8:28:55:ec:01:7d:6e:
97:bb:a8:93:e8:0e:8b:c8:60:2a:7a:af:74:b9:3f:dd:9f:ef:
f2:6b:4a:38:a2:12:56:e7:4d:7b:25:16:a0:a7:80:20:7e:e0:
1c:87:74:d1:7e:eb:64:22:b8:2d:54:c8:90:90:b7:86:7d:58:
c3:8b:16:8b
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgICcn4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNTA3MDIx
NTE1MDBaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDU0RUQ1QjI0QzFGMzM0
MERCREUxNjFGMjNGMTRFQzQ4NDQ1RUM4MTUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDLPrLhNxTIJlgUCMcGIXywZnnTqP/+aSt4UwrrPfyl3jJNQFmj
6G6nbqLTIlE1m7lUVTKWUhUurtCwYo7nQO64rVs6BLPwTcB34vxednfh/8Og9Zow
aHfuzCmtyXUgiksIRLbn8fV7YujTSui5qMzofssNSJq7O62qeenmF90E7iCygbl+
LYx1GkTy7EW3U005VKGXUj+eb/HFUscfbQj2fWkHEuG9Nthe/CAxHJd5yOXf6TI5
UrB9O3NI5FPQNhYIm1pqC+KlN0iCz2l7WHYDxFQaLa8jvTYhwPbb1UYKY8HXJDvB
T7OZGsXEhM2Lxz3fwM5ywJuP6LSiC0WAlTnhAgMBAAGjggI0MIICMDAdBgNVHQ4E
FgQUVO1bJMHzNA294WHyPxTsSEReyBUwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1ZPMWJKTUh6TkEyOTRX
SHlQeFRzU0VSZXlCVS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwYgYIKwYBBQUHAQcBAf8EUzBRME8EAgABMEkD
BAIr7zADBAMr9gAwDAMEAiv2DAMEBCv2IDAMAwQCK/Y0AwQCK/ZgAwQCZyMwMAsD
AwJn7AMEA2fsEDAMAwQCZ+wcAwQCZ+xgMA0GCSqGSIb3DQEBCwUAA4IBAQArEQJE
Zg/nOxRCq3XVSythmlaJ36M2RaNOfVsZqsdaQ+geeftJSwnR2DgyIFElJr4D6ovQ
jbNBjL5Yip9PwqwH57gG2RxVMSMsu/1hjqJLUyn8G2u1OZ3rwF6gtkFGQmnU4ZQ3
NhTWrkU7o37+249etkbWWP/IOK5HYTDdWi0MUgBPmbGyw5/Sbm6/38f8juRxBQGx
xARKqcukvO09lLA7ijuypeZKsNPJuivChYG6KCdJalp0w33GC/6F1ljNc8goVewB
fW6Xu6iT6A6LyGAqeq90uT/dn+/ya0o4ohJW5017JRagp4AgfuAch3TRfutkIrgt
VMiQkLeGfVjDixaL
-----END CERTIFICATE-----
Generated at Sun Jul 20 12:39:16 2025 by rpki-client