Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/VoL5xeeYmXm8CaSt8uMMgR3CUiA.roa
File: VoL5xeeYmXm8CaSt8uMMgR3CUiA.roa (raw, json)
Hash identifier: g2sA7aD4g7EMFYXQls3FdFPZGMuJxKER+TX7zRoGYmQ=
Subject key identifier: 56:82:F9:C5:E7:98:99:79:BC:09:A4:AD:F2:E3:0C:81:1D:C2:52:20
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 792C
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/VoL5xeeYmXm8CaSt8uMMgR3CUiA.roa
Signing time: Sun 20 Jul 2025 11:12:12 +0000
ROA not before: Sun 20 Jul 2025 11:12:12 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 24426
IP address blocks: 43.239.48.0/22 maxlen: 22
43.246.0.0/22 maxlen: 22
43.246.4.0/22 maxlen: 22
43.246.12.0/22 maxlen: 22
43.246.16.0/22 maxlen: 22
43.246.20.0/22 maxlen: 22
43.246.24.0/22 maxlen: 22
43.246.28.0/22 maxlen: 22
43.246.32.0/22 maxlen: 22
43.246.36.0/22 maxlen: 22
43.246.40.0/22 maxlen: 22
43.246.44.0/22 maxlen: 22
43.246.52.0/22 maxlen: 22
43.246.56.0/22 maxlen: 22
43.246.60.0/22 maxlen: 22
43.246.64.0/22 maxlen: 22
43.246.68.0/22 maxlen: 22
43.246.72.0/22 maxlen: 22
43.246.76.0/22 maxlen: 22
43.246.80.0/22 maxlen: 22
43.246.84.0/22 maxlen: 22
43.246.88.0/22 maxlen: 22
43.246.92.0/22 maxlen: 22
43.246.96.0/22 maxlen: 22
103.35.48.0/22 maxlen: 22
103.236.0.0/22 maxlen: 22
103.236.4.0/22 maxlen: 22
103.236.8.0/22 maxlen: 22
103.236.12.0/22 maxlen: 22
103.236.16.0/22 maxlen: 22
103.236.20.0/22 maxlen: 22
103.236.28.0/22 maxlen: 22
103.236.32.0/22 maxlen: 22
103.236.36.0/22 maxlen: 22
103.236.40.0/22 maxlen: 22
103.236.44.0/22 maxlen: 22
103.236.48.0/22 maxlen: 22
103.236.52.0/22 maxlen: 22
103.236.56.0/22 maxlen: 22
103.236.60.0/22 maxlen: 22
103.236.64.0/22 maxlen: 22
103.236.68.0/22 maxlen: 22
103.236.72.0/22 maxlen: 22
103.236.76.0/22 maxlen: 22
103.236.80.0/22 maxlen: 22
103.236.84.0/22 maxlen: 22
103.236.88.0/22 maxlen: 22
103.236.92.0/22 maxlen: 22
103.236.96.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 31020 (0x792c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Jul 20 11:12:12 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=5682F9C5E7989979BC09A4ADF2E30C811DC25220
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:71:10:07:f3:7b:18:a3:77:7b:a1:56:90:c0:
a5:29:87:a4:61:77:ce:91:b7:f0:fb:bc:d1:4a:10:
38:34:3b:d0:eb:3d:f6:0f:63:8e:b4:46:61:d0:a0:
97:e3:da:f6:ea:78:da:15:9f:bd:4e:c7:a2:03:f3:
75:6d:34:9b:0a:88:a7:c7:06:ff:86:b2:23:85:f0:
a5:da:17:28:a3:22:ae:a4:e9:86:cd:2f:06:5f:d8:
31:0b:94:f5:c1:07:37:26:74:e1:6e:16:ec:bf:d3:
38:ef:8c:68:62:a3:08:c9:b6:24:bd:5d:65:78:c5:
dd:ac:d1:3a:72:55:f5:b7:33:3c:78:36:d0:36:6c:
62:08:0e:2c:aa:1a:69:28:3c:83:3d:e5:0d:bb:43:
51:77:88:d6:d1:fa:3a:a3:04:9f:f9:1d:76:35:8d:
08:21:5c:fe:0f:03:ab:7a:29:53:58:58:a3:94:08:
a7:70:53:5e:59:1a:a3:2b:fb:79:a2:b3:b2:92:51:
f0:18:ae:2a:cb:5f:11:bf:e2:8f:34:0b:9c:a5:a7:
3d:1d:70:be:27:d6:f0:5b:25:b4:9d:9d:d1:1b:1f:
e8:cd:8f:3c:9f:87:03:5c:08:b2:ec:b6:29:ed:72:
2b:d7:08:8f:b8:b4:18:32:e1:00:fd:27:35:ef:60:
e6:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:82:F9:C5:E7:98:99:79:BC:09:A4:AD:F2:E3:0C:81:1D:C2:52:20
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/VoL5xeeYmXm8CaSt8uMMgR3CUiA.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.48.0/22
43.246.0.0/21
43.246.12.0-43.246.47.255
43.246.52.0-43.246.99.255
103.35.48.0/22
103.236.0.0-103.236.23.255
103.236.28.0-103.236.99.255
Signature Algorithm: sha256WithRSAEncryption
3c:3a:28:7e:9d:8f:39:48:40:ad:8c:4c:fa:a3:ac:6f:1a:cf:
1b:bc:b9:d0:4f:d5:c6:f9:44:c6:ec:63:5f:4b:c2:79:d9:55:
27:52:54:d7:4c:09:c1:02:2b:5a:58:7e:92:1d:26:61:bd:04:
cf:cd:37:01:c2:5a:47:09:78:e7:00:27:b8:b5:ff:c1:4a:c8:
95:01:e1:30:ac:b6:87:a5:c7:33:de:46:f2:a3:4e:fe:a8:c8:
c9:07:e1:6f:79:ea:30:d0:1c:5d:7f:b2:3f:f9:a6:4b:83:b4:
c7:c4:59:7e:dd:1b:81:08:c2:84:db:61:58:d8:d0:69:f2:08:
6f:fe:3f:15:76:f9:8e:4f:63:5c:8d:87:88:08:27:42:f3:ac:
5c:16:65:1e:e8:d6:e8:c3:77:67:c4:c4:34:e1:bf:7a:f0:45:
ba:03:ce:ab:5e:c7:85:ab:ec:fe:84:59:dd:08:d6:d2:79:72:
c2:88:b5:8a:d6:57:76:54:1d:7b:b4:c4:b5:9d:f0:5d:77:2a:
95:03:1f:68:c5:2b:21:a0:1c:20:24:78:e5:df:74:ec:9a:d3:
ec:0b:f8:e7:ce:9e:6a:ac:af:10:1e:40:cf:8e:69:f3:67:71:
a4:6f:9c:b7:c3:08:2c:dd:c6:15:41:f2:c4:20:d3:fc:65:9b:
31:60:b9:c9
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgICeSwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNTA3MjAx
MTEyMTJaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDU2ODJGOUM1RTc5ODk5
NzlCQzA5QTRBREYyRTMwQzgxMURDMjUyMjAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDKcRAH83sYo3d7oVaQwKUph6Rhd86Rt/D7vNFKEDg0O9DrPfYP
Y460RmHQoJfj2vbqeNoVn71Ox6ID83VtNJsKiKfHBv+GsiOF8KXaFyijIq6k6YbN
LwZf2DELlPXBBzcmdOFuFuy/0zjvjGhiowjJtiS9XWV4xd2s0TpyVfW3Mzx4NtA2
bGIIDiyqGmkoPIM95Q27Q1F3iNbR+jqjBJ/5HXY1jQghXP4PA6t6KVNYWKOUCKdw
U15ZGqMr+3mis7KSUfAYrirLXxG/4o80C5ylpz0dcL4n1vBbJbSdndEbH+jNjzyf
hwNcCLLstintcivXCI+4tBgy4QD9JzXvYOYvAgMBAAGjggI0MIICMDAdBgNVHQ4E
FgQUVoL5xeeYmXm8CaSt8uMMgR3CUiAwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1ZvTDV4ZWVZbVhtOENh
U3Q4dU1NZ1IzQ1VpQS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwYgYIKwYBBQUHAQcBAf8EUzBRME8EAgABMEkD
BAIr7zADBAMr9gAwDAMEAiv2DAMEBCv2IDAMAwQCK/Y0AwQCK/ZgAwQCZyMwMAsD
AwJn7AMEA2fsEDAMAwQCZ+wcAwQCZ+xgMA0GCSqGSIb3DQEBCwUAA4IBAQA8Oih+
nY85SECtjEz6o6xvGs8bvLnQT9XG+UTG7GNfS8J52VUnUlTXTAnBAitaWH6SHSZh
vQTPzTcBwlpHCXjnACe4tf/BSsiVAeEwrLaHpccz3kbyo07+qMjJB+Fveeow0Bxd
f7I/+aZLg7THxFl+3RuBCMKE22FY2NBp8ghv/j8VdvmOT2NcjYeICCdC86xcFmUe
6Nbow3dnxMQ04b968EW6A86rXseFq+z+hFndCNbSeXLCiLWK1ld2VB17tMS1nfBd
dyqVAx9oxSshoBwgJHjl33TsmtPsC/jnzp5qrK8QHkDPjmnzZ3Gkb5y3wwgs3cYV
QfLEINP8ZZsxYLnJ
-----END CERTIFICATE-----
Generated at Sun Jul 20 16:42:07 2025 by rpki-client