Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/W95R5CYsFdyz6zNKCTb3eGDkv-U.roa
File: W95R5CYsFdyz6zNKCTb3eGDkv-U.roa (raw, json)
Hash identifier: KgwldaGW5+QdAKOU6FOuqJuz440iw1uFRcJqNKgxA0M=
Subject key identifier: 5B:DE:51:E4:26:2C:15:DC:B3:EB:33:4A:09:36:F7:78:60:E4:BF:E5
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 62F4
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/W95R5CYsFdyz6zNKCTb3eGDkv-U.roa
Signing time: Wed 21 May 2025 23:13:06 +0000
ROA not before: Wed 21 May 2025 23:13:06 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 24426
IP address blocks: 43.239.48.0/22 maxlen: 22
43.246.0.0/22 maxlen: 22
43.246.4.0/22 maxlen: 22
43.246.12.0/22 maxlen: 22
43.246.16.0/22 maxlen: 22
43.246.20.0/22 maxlen: 22
43.246.24.0/22 maxlen: 22
43.246.28.0/22 maxlen: 22
43.246.32.0/22 maxlen: 22
43.246.36.0/22 maxlen: 22
43.246.40.0/22 maxlen: 22
43.246.44.0/22 maxlen: 22
43.246.52.0/22 maxlen: 22
43.246.56.0/22 maxlen: 22
43.246.60.0/22 maxlen: 22
43.246.64.0/22 maxlen: 22
43.246.68.0/22 maxlen: 22
43.246.72.0/22 maxlen: 22
43.246.76.0/22 maxlen: 22
43.246.80.0/22 maxlen: 22
43.246.84.0/22 maxlen: 22
43.246.88.0/22 maxlen: 22
43.246.92.0/22 maxlen: 22
43.246.96.0/22 maxlen: 22
103.35.48.0/22 maxlen: 22
103.236.0.0/22 maxlen: 22
103.236.4.0/22 maxlen: 22
103.236.8.0/22 maxlen: 22
103.236.12.0/22 maxlen: 22
103.236.16.0/22 maxlen: 22
103.236.20.0/22 maxlen: 22
103.236.28.0/22 maxlen: 22
103.236.32.0/22 maxlen: 22
103.236.36.0/22 maxlen: 22
103.236.40.0/22 maxlen: 22
103.236.44.0/22 maxlen: 22
103.236.48.0/22 maxlen: 22
103.236.52.0/22 maxlen: 22
103.236.56.0/22 maxlen: 22
103.236.60.0/22 maxlen: 22
103.236.64.0/22 maxlen: 22
103.236.68.0/22 maxlen: 22
103.236.72.0/22 maxlen: 22
103.236.76.0/22 maxlen: 22
103.236.80.0/22 maxlen: 22
103.236.84.0/22 maxlen: 22
103.236.88.0/22 maxlen: 22
103.236.92.0/22 maxlen: 22
103.236.96.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 25332 (0x62f4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 21 23:13:06 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=5BDE51E4262C15DCB3EB334A0936F77860E4BFE5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:27:4f:d3:24:1c:0f:db:86:30:38:ac:7c:47:
fd:3e:45:85:73:f9:51:ea:c4:ce:52:10:36:e0:43:
3d:e8:6f:24:96:aa:99:b3:5e:ac:81:2f:a2:c0:a1:
78:fb:f5:2d:83:2d:9c:d6:8c:75:db:e0:a2:88:88:
de:0f:1b:b5:05:a8:42:4c:98:af:66:f1:bc:39:d0:
0a:4a:49:bf:c8:98:91:58:d5:d4:67:d5:f6:bf:20:
17:22:b3:0e:3b:23:62:19:72:65:2f:ff:ee:96:fb:
ce:66:70:b0:c9:23:1f:10:a0:49:81:22:fb:d9:dd:
52:85:60:a2:d9:aa:27:aa:5a:02:2d:64:af:a1:0b:
3d:fa:b3:a2:ad:7f:9c:1c:ab:fa:0a:01:88:ba:99:
93:66:e3:8d:b1:a4:cd:dd:e8:f5:ae:00:b0:0f:b0:
17:24:2d:df:33:b7:2e:c7:88:89:8d:a4:42:d0:0a:
20:7e:3b:5f:fb:ec:87:7a:62:88:05:fd:54:dc:d8:
b7:89:1d:8f:b5:8a:ed:21:ea:03:61:e7:0f:9d:e8:
80:3a:8e:23:1e:3e:ae:09:17:5b:6d:93:c9:ed:55:
0c:04:42:d2:37:4f:b7:e3:72:b8:e8:82:a5:f5:ca:
0c:15:b1:40:e5:08:7b:d6:a9:2e:e0:6c:f3:bc:d7:
06:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:DE:51:E4:26:2C:15:DC:B3:EB:33:4A:09:36:F7:78:60:E4:BF:E5
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/W95R5CYsFdyz6zNKCTb3eGDkv-U.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.48.0/22
43.246.0.0/21
43.246.12.0-43.246.47.255
43.246.52.0-43.246.99.255
103.35.48.0/22
103.236.0.0-103.236.23.255
103.236.28.0-103.236.99.255
Signature Algorithm: sha256WithRSAEncryption
93:86:4d:a0:60:76:d5:e8:bb:0a:5e:1c:25:72:c0:d0:9a:e0:
34:ca:a9:3a:f1:26:0d:a7:c5:76:fb:4d:e8:92:a1:bb:84:6c:
54:74:c1:a2:0b:ab:9a:2e:a0:9a:5c:1b:29:dd:5e:76:cb:e6:
a6:cd:0e:55:f8:9d:7c:cf:9b:07:bd:17:9e:d0:83:9b:26:ee:
9a:ab:4e:75:0e:16:0c:ac:aa:dd:01:f0:5d:a9:14:dd:3c:dc:
12:37:f4:df:64:48:0f:5a:56:4c:04:d6:40:29:c1:9d:28:2a:
70:ee:5a:03:eb:27:91:d7:65:9d:bf:fd:13:6b:d2:04:19:b7:
83:98:1e:ce:a0:32:b6:29:2e:b5:e2:9b:f3:02:85:88:9a:8a:
ca:a1:a5:5c:5a:5c:a6:8a:88:80:c0:8d:2f:0f:91:51:e4:c3:
80:22:e6:64:ea:4d:94:e1:9c:a2:1b:18:64:a2:f1:8f:c2:69:
a8:66:2b:74:da:6f:24:82:8b:1e:4b:ea:4c:27:fa:c4:70:c9:
d9:e7:aa:39:ce:09:f5:ce:46:bd:8b:e8:cd:59:d2:b6:df:27:
67:b5:e7:91:66:96:ed:71:de:a4:28:27:7a:c9:a9:dd:19:ad:
20:e8:bd:86:50:d1:ea:d4:6b:79:e3:33:ec:23:a4:84:d5:3a:
8c:26:01:33
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgICYvQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNTA1MjEy
MzEzMDZaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDVCREU1MUU0MjYyQzE1
RENCM0VCMzM0QTA5MzZGNzc4NjBFNEJGRTUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC4J0/TJBwP24YwOKx8R/0+RYVz+VHqxM5SEDbgQz3obySWqpmz
XqyBL6LAoXj79S2DLZzWjHXb4KKIiN4PG7UFqEJMmK9m8bw50ApKSb/ImJFY1dRn
1fa/IBcisw47I2IZcmUv/+6W+85mcLDJIx8QoEmBIvvZ3VKFYKLZqieqWgItZK+h
Cz36s6Ktf5wcq/oKAYi6mZNm442xpM3d6PWuALAPsBckLd8zty7HiImNpELQCiB+
O1/77Id6YogF/VTc2LeJHY+1iu0h6gNh5w+d6IA6jiMePq4JF1ttk8ntVQwEQtI3
T7fjcrjogqX1ygwVsUDlCHvWqS7gbPO81wb3AgMBAAGjggI0MIICMDAdBgNVHQ4E
FgQUW95R5CYsFdyz6zNKCTb3eGDkv+UwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1c5NVI1Q1lzRmR5ejZ6
TktDVGIzZUdEa3YtVS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwYgYIKwYBBQUHAQcBAf8EUzBRME8EAgABMEkD
BAIr7zADBAMr9gAwDAMEAiv2DAMEBCv2IDAMAwQCK/Y0AwQCK/ZgAwQCZyMwMAsD
AwJn7AMEA2fsEDAMAwQCZ+wcAwQCZ+xgMA0GCSqGSIb3DQEBCwUAA4IBAQCThk2g
YHbV6LsKXhwlcsDQmuA0yqk68SYNp8V2+03okqG7hGxUdMGiC6uaLqCaXBsp3V52
y+amzQ5V+J18z5sHvRee0IObJu6aq051DhYMrKrdAfBdqRTdPNwSN/TfZEgPWlZM
BNZAKcGdKCpw7loD6yeR12Wdv/0Ta9IEGbeDmB7OoDK2KS614pvzAoWImorKoaVc
WlymioiAwI0vD5FR5MOAIuZk6k2U4ZyiGxhkovGPwmmoZit02m8kgoseS+pMJ/rE
cMnZ56o5zgn1zka9i+jNWdK23ydnteeRZpbtcd6kKCd6yandGa0g6L2GUNHq1Gt5
4zPsI6SE1TqMJgEz
-----END CERTIFICATE-----
Generated at Wed Jun 4 01:08:22 2025 by rpki-client