Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/VYy2pTTgGFvO_4sy7ITaDpspMeA.roa
File: VYy2pTTgGFvO_4sy7ITaDpspMeA.roa (raw, json)
Hash identifier: ndszrhGXJe491ad1SPyYV2/aoRUHoYpbmbBHNcWcptY=
Subject key identifier: 55:8C:B6:A5:34:E0:18:5B:CE:FF:8B:32:EC:84:DA:0E:9B:29:31:E0
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 7058
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/VYy2pTTgGFvO_4sy7ITaDpspMeA.roa
Signing time: Thu 26 Jun 2025 21:44:37 +0000
ROA not before: Thu 26 Jun 2025 21:44:37 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 24426
IP address blocks: 43.239.48.0/22 maxlen: 22
43.246.0.0/22 maxlen: 22
43.246.4.0/22 maxlen: 22
43.246.12.0/22 maxlen: 22
43.246.16.0/22 maxlen: 22
43.246.20.0/22 maxlen: 22
43.246.24.0/22 maxlen: 22
43.246.28.0/22 maxlen: 22
43.246.32.0/22 maxlen: 22
43.246.36.0/22 maxlen: 22
43.246.40.0/22 maxlen: 22
43.246.44.0/22 maxlen: 22
43.246.52.0/22 maxlen: 22
43.246.56.0/22 maxlen: 22
43.246.60.0/22 maxlen: 22
43.246.64.0/22 maxlen: 22
43.246.68.0/22 maxlen: 22
43.246.72.0/22 maxlen: 22
43.246.76.0/22 maxlen: 22
43.246.80.0/22 maxlen: 22
43.246.84.0/22 maxlen: 22
43.246.88.0/22 maxlen: 22
43.246.92.0/22 maxlen: 22
43.246.96.0/22 maxlen: 22
103.35.48.0/22 maxlen: 22
103.236.0.0/22 maxlen: 22
103.236.4.0/22 maxlen: 22
103.236.8.0/22 maxlen: 22
103.236.12.0/22 maxlen: 22
103.236.16.0/22 maxlen: 22
103.236.20.0/22 maxlen: 22
103.236.28.0/22 maxlen: 22
103.236.32.0/22 maxlen: 22
103.236.36.0/22 maxlen: 22
103.236.40.0/22 maxlen: 22
103.236.44.0/22 maxlen: 22
103.236.48.0/22 maxlen: 22
103.236.52.0/22 maxlen: 22
103.236.56.0/22 maxlen: 22
103.236.60.0/22 maxlen: 22
103.236.64.0/22 maxlen: 22
103.236.68.0/22 maxlen: 22
103.236.72.0/22 maxlen: 22
103.236.76.0/22 maxlen: 22
103.236.80.0/22 maxlen: 22
103.236.84.0/22 maxlen: 22
103.236.88.0/22 maxlen: 22
103.236.92.0/22 maxlen: 22
103.236.96.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 28760 (0x7058)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Jun 26 21:44:37 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=558CB6A534E0185BCEFF8B32EC84DA0E9B2931E0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:06:01:58:20:b6:4b:58:e4:8d:7b:d6:f9:34:
f7:0c:39:18:89:69:fb:f0:5a:77:01:c8:7e:7e:b6:
79:25:ca:b6:d6:fa:56:6c:f7:96:04:9c:10:34:89:
55:a9:6c:25:e9:92:25:23:77:9f:58:91:c9:11:fc:
b0:6f:99:c9:81:b5:2d:ef:9f:4b:e4:e8:56:f7:1f:
d8:5c:07:02:c9:5c:95:6b:a0:5c:63:54:a9:10:4b:
41:77:ea:88:d6:d2:54:08:a7:5c:72:64:7c:e2:1e:
9a:cc:82:b0:16:a9:7a:c8:7b:a7:0d:0e:f1:ac:ac:
94:e2:a0:fc:0f:a0:e0:25:be:f3:28:71:53:0b:1b:
b7:b7:d8:b4:48:9b:b4:cb:8f:6d:3d:55:58:62:72:
e3:ea:7d:41:3e:42:13:ec:f2:53:8d:e2:a7:f7:21:
0f:11:00:2c:39:a0:28:ff:ed:e4:7a:18:29:fe:fb:
4f:9c:86:e3:3a:49:d1:9f:f8:2b:61:2b:f2:fe:ac:
4d:e3:e6:b3:d4:ae:53:59:b4:1c:e1:b4:7d:3c:d5:
f7:59:04:0e:b3:f4:1d:d9:33:4e:28:c2:30:75:09:
b9:c8:f7:08:55:5c:b7:14:43:93:7b:52:e7:06:4e:
0d:61:2b:8f:ef:8f:1e:87:16:ab:e9:67:c6:96:ce:
7a:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:8C:B6:A5:34:E0:18:5B:CE:FF:8B:32:EC:84:DA:0E:9B:29:31:E0
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/VYy2pTTgGFvO_4sy7ITaDpspMeA.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.48.0/22
43.246.0.0/21
43.246.12.0-43.246.47.255
43.246.52.0-43.246.99.255
103.35.48.0/22
103.236.0.0-103.236.23.255
103.236.28.0-103.236.99.255
Signature Algorithm: sha256WithRSAEncryption
92:dc:b6:69:8e:8b:8d:79:3c:09:d0:45:d2:f2:41:2c:bc:84:
96:75:2e:76:06:e1:33:aa:60:1e:a4:56:fe:7b:43:0e:09:57:
50:8e:18:47:60:7e:0d:36:38:9a:47:99:18:79:d9:41:ae:8b:
c1:5d:ed:67:67:e4:50:07:0c:e3:8e:cd:20:e5:70:03:38:a3:
bb:c0:6e:24:a0:d0:3c:14:bf:60:d5:b1:b3:97:a5:1a:31:ee:
06:33:32:c4:16:72:50:5f:bf:9b:96:f3:9b:d0:06:21:d6:bb:
fe:4e:00:cd:8e:a8:58:be:b8:d3:71:20:9f:f7:d5:da:4e:20:
17:0e:64:ba:f7:39:c1:68:46:18:f0:a3:6e:0f:44:73:05:da:
40:2d:d1:c1:67:6d:b3:21:70:a7:4e:5b:f9:72:2a:74:dc:ad:
58:bd:b2:0a:26:7c:3e:24:60:46:d8:e9:d9:ab:89:c9:fd:43:
a0:75:ff:42:2b:a4:92:87:34:33:83:d7:f4:47:81:2b:40:46:
df:e9:3c:ab:62:d4:27:1e:82:1d:8b:fe:8b:6c:51:3d:a5:88:
97:86:09:e3:f5:fc:f7:cc:e6:80:ae:b8:9a:13:2c:a7:b9:d5:
2d:ab:73:5a:4a:1e:57:97:0e:1a:76:8c:3e:ca:b7:95:f1:f0:
bd:df:d5:78
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgICcFgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNTA2MjYy
MTQ0MzdaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDU1OENCNkE1MzRFMDE4
NUJDRUZGOEIzMkVDODREQTBFOUIyOTMxRTAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDlBgFYILZLWOSNe9b5NPcMORiJafvwWncByH5+tnklyrbW+lZs
95YEnBA0iVWpbCXpkiUjd59YkckR/LBvmcmBtS3vn0vk6Fb3H9hcBwLJXJVroFxj
VKkQS0F36ojW0lQIp1xyZHziHprMgrAWqXrIe6cNDvGsrJTioPwPoOAlvvMocVML
G7e32LRIm7TLj209VVhicuPqfUE+QhPs8lON4qf3IQ8RACw5oCj/7eR6GCn++0+c
huM6SdGf+CthK/L+rE3j5rPUrlNZtBzhtH081fdZBA6z9B3ZM04owjB1CbnI9whV
XLcUQ5N7UucGTg1hK4/vjx6HFqvpZ8aWznrFAgMBAAGjggI0MIICMDAdBgNVHQ4E
FgQUVYy2pTTgGFvO/4sy7ITaDpspMeAwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1ZZeTJwVFRnR0Z2T180
c3k3SVRhRHBzcE1lQS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwYgYIKwYBBQUHAQcBAf8EUzBRME8EAgABMEkD
BAIr7zADBAMr9gAwDAMEAiv2DAMEBCv2IDAMAwQCK/Y0AwQCK/ZgAwQCZyMwMAsD
AwJn7AMEA2fsEDAMAwQCZ+wcAwQCZ+xgMA0GCSqGSIb3DQEBCwUAA4IBAQCS3LZp
jouNeTwJ0EXS8kEsvISWdS52BuEzqmAepFb+e0MOCVdQjhhHYH4NNjiaR5kYedlB
rovBXe1nZ+RQBwzjjs0g5XADOKO7wG4koNA8FL9g1bGzl6UaMe4GMzLEFnJQX7+b
lvOb0AYh1rv+TgDNjqhYvrjTcSCf99XaTiAXDmS69znBaEYY8KNuD0RzBdpALdHB
Z22zIXCnTlv5cip03K1YvbIKJnw+JGBG2OnZq4nJ/UOgdf9CK6SShzQzg9f0R4Er
QEbf6TyrYtQnHoIdi/6LbFE9pYiXhgnj9fz3zOaArriaEyynudUtq3NaSh5Xlw4a
dow+yreV8fC939V4
-----END CERTIFICATE-----
Generated at Sun Jul 20 12:46:46 2025 by rpki-client