Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/WZxEtLHqciXRpVS2noLi36_Vr94.roa
File: WZxEtLHqciXRpVS2noLi36_Vr94.roa (raw, json)
Hash identifier: jquAZ+d5E2ZhlSJSaAbpkb58L8bx58zAudLpXH0OzAU=
Subject key identifier: 59:9C:44:B4:B1:EA:72:25:D1:A5:54:B6:9E:82:E2:DF:AF:D5:AF:DE
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 745E
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/WZxEtLHqciXRpVS2noLi36_Vr94.roa
Signing time: Mon 07 Jul 2025 15:15:58 +0000
ROA not before: Mon 07 Jul 2025 15:15:58 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 24426
IP address blocks: 43.239.48.0/22 maxlen: 22
43.246.0.0/22 maxlen: 22
43.246.4.0/22 maxlen: 22
43.246.12.0/22 maxlen: 22
43.246.16.0/22 maxlen: 22
43.246.20.0/22 maxlen: 22
43.246.24.0/22 maxlen: 22
43.246.28.0/22 maxlen: 22
43.246.32.0/22 maxlen: 22
43.246.36.0/22 maxlen: 22
43.246.40.0/22 maxlen: 22
43.246.44.0/22 maxlen: 22
43.246.52.0/22 maxlen: 22
43.246.56.0/22 maxlen: 22
43.246.60.0/22 maxlen: 22
43.246.64.0/22 maxlen: 22
43.246.68.0/22 maxlen: 22
43.246.72.0/22 maxlen: 22
43.246.76.0/22 maxlen: 22
43.246.80.0/22 maxlen: 22
43.246.84.0/22 maxlen: 22
43.246.88.0/22 maxlen: 22
43.246.92.0/22 maxlen: 22
43.246.96.0/22 maxlen: 22
103.35.48.0/22 maxlen: 22
103.236.0.0/22 maxlen: 22
103.236.4.0/22 maxlen: 22
103.236.8.0/22 maxlen: 22
103.236.12.0/22 maxlen: 22
103.236.16.0/22 maxlen: 22
103.236.20.0/22 maxlen: 22
103.236.28.0/22 maxlen: 22
103.236.32.0/22 maxlen: 22
103.236.36.0/22 maxlen: 22
103.236.40.0/22 maxlen: 22
103.236.44.0/22 maxlen: 22
103.236.48.0/22 maxlen: 22
103.236.52.0/22 maxlen: 22
103.236.56.0/22 maxlen: 22
103.236.60.0/22 maxlen: 22
103.236.64.0/22 maxlen: 22
103.236.68.0/22 maxlen: 22
103.236.72.0/22 maxlen: 22
103.236.76.0/22 maxlen: 22
103.236.80.0/22 maxlen: 22
103.236.84.0/22 maxlen: 22
103.236.88.0/22 maxlen: 22
103.236.92.0/22 maxlen: 22
103.236.96.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 29790 (0x745e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Jul 7 15:15:58 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=599C44B4B1EA7225D1A554B69E82E2DFAFD5AFDE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:d8:45:b7:f9:05:7e:8c:d5:b8:3e:f3:48:9b:
8b:62:2d:9f:2a:08:c1:3c:81:24:77:c1:78:d9:bb:
4d:dd:13:32:0d:2d:ce:85:d0:66:d8:c1:bd:c6:dd:
9b:a2:01:58:7c:48:b9:b7:59:80:51:b0:dd:9d:3a:
36:eb:47:41:b1:a4:0f:3c:b4:d9:32:74:c2:87:d0:
ac:82:59:7f:28:b7:d5:e0:a1:19:e6:15:0b:b8:fc:
39:72:d7:46:6f:9b:9c:94:5f:12:60:c3:ec:54:40:
5d:98:40:f2:7e:e7:ad:a5:22:74:d3:3f:6a:81:6d:
be:5b:23:5b:02:13:e8:58:7d:a6:63:93:5b:cd:7a:
57:96:6d:5b:29:a1:9c:7a:fe:93:df:e5:b8:ce:87:
b3:f2:1e:37:64:eb:fd:ab:43:c6:90:fb:95:d3:5a:
b5:11:72:49:a5:ef:5a:59:8d:59:9c:88:5d:ff:53:
5a:52:11:a9:d6:b0:55:78:40:8d:06:74:3f:70:6d:
06:fa:2e:1f:d8:13:0e:e1:10:3d:3b:13:e2:3d:dc:
69:0d:9c:a8:7d:2d:3d:74:c0:43:c8:4b:71:3e:1b:
1e:22:16:1e:4d:5e:7e:6c:9d:7f:36:87:1a:eb:f3:
1b:fc:53:fb:4a:f7:8a:b6:43:ca:74:e7:a2:46:5e:
1d:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:9C:44:B4:B1:EA:72:25:D1:A5:54:B6:9E:82:E2:DF:AF:D5:AF:DE
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/WZxEtLHqciXRpVS2noLi36_Vr94.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.48.0/22
43.246.0.0/21
43.246.12.0-43.246.47.255
43.246.52.0-43.246.99.255
103.35.48.0/22
103.236.0.0-103.236.23.255
103.236.28.0-103.236.99.255
Signature Algorithm: sha256WithRSAEncryption
a9:3b:45:35:e0:bc:e9:56:da:06:f6:a4:70:fb:53:5c:06:ee:
cb:b7:d5:14:e5:eb:66:dd:2b:69:10:13:36:84:1b:62:eb:09:
57:14:4d:c8:95:8b:a4:fd:0e:79:28:14:cf:d6:28:b2:5b:68:
40:81:a4:b0:32:72:7f:c4:de:bf:6c:f3:b5:d4:f4:4b:5a:e7:
3a:70:62:06:b3:8d:a1:c2:b6:73:8d:15:df:30:9e:d6:13:be:
74:06:a8:43:8b:8a:c8:07:ae:69:69:5a:98:50:2c:30:ec:85:
41:cf:89:2e:22:a0:0c:86:07:41:d7:37:ce:a5:50:15:66:6f:
f9:89:91:fd:1a:c8:3a:ae:ba:13:6c:c2:e6:2a:ff:f8:10:6a:
10:14:5d:1b:a2:86:00:2f:c7:3c:e8:27:85:68:4b:f6:34:9a:
ad:b6:d6:69:0e:b6:be:ed:9a:93:2f:ba:83:51:34:9f:c6:b4:
4f:b1:55:99:52:ae:9f:24:df:db:79:66:1c:50:f2:3f:26:da:
75:ed:b3:76:6b:47:20:b1:de:82:4e:27:6b:df:73:da:95:3f:
85:05:a7:61:f3:43:62:c2:23:60:10:e0:28:e8:3d:98:b4:ec:
0e:17:c5:00:64:b7:49:d1:22:c0:f4:8b:ae:f5:a2:c5:e2:a7:
90:32:92:55
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgICdF4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNTA3MDcx
NTE1NThaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDU5OUM0NEI0QjFFQTcy
MjVEMUE1NTRCNjlFODJFMkRGQUZENUFGREUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCn2EW3+QV+jNW4PvNIm4tiLZ8qCME8gSR3wXjZu03dEzINLc6F
0GbYwb3G3ZuiAVh8SLm3WYBRsN2dOjbrR0GxpA88tNkydMKH0KyCWX8ot9XgoRnm
FQu4/Dly10Zvm5yUXxJgw+xUQF2YQPJ+562lInTTP2qBbb5bI1sCE+hYfaZjk1vN
eleWbVspoZx6/pPf5bjOh7PyHjdk6/2rQ8aQ+5XTWrURckml71pZjVmciF3/U1pS
EanWsFV4QI0GdD9wbQb6Lh/YEw7hED07E+I93GkNnKh9LT10wEPIS3E+Gx4iFh5N
Xn5snX82hxrr8xv8U/tK94q2Q8p056JGXh05AgMBAAGjggI0MIICMDAdBgNVHQ4E
FgQUWZxEtLHqciXRpVS2noLi36/Vr94wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1daeEV0TEhxY2lYUnBW
UzJub0xpMzZfVnI5NC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwYgYIKwYBBQUHAQcBAf8EUzBRME8EAgABMEkD
BAIr7zADBAMr9gAwDAMEAiv2DAMEBCv2IDAMAwQCK/Y0AwQCK/ZgAwQCZyMwMAsD
AwJn7AMEA2fsEDAMAwQCZ+wcAwQCZ+xgMA0GCSqGSIb3DQEBCwUAA4IBAQCpO0U1
4LzpVtoG9qRw+1NcBu7Lt9UU5etm3StpEBM2hBti6wlXFE3IlYuk/Q55KBTP1iiy
W2hAgaSwMnJ/xN6/bPO11PRLWuc6cGIGs42hwrZzjRXfMJ7WE750BqhDi4rIB65p
aVqYUCww7IVBz4kuIqAMhgdB1zfOpVAVZm/5iZH9Gsg6rroTbMLmKv/4EGoQFF0b
ooYAL8c86CeFaEv2NJqtttZpDra+7ZqTL7qDUTSfxrRPsVWZUq6fJN/beWYcUPI/
Jtp17bN2a0cgsd6CTidr33PalT+FBadh80NiwiNgEOAo6D2YtOwOF8UAZLdJ0SLA
9Iuu9aLF4qeQMpJV
-----END CERTIFICATE-----
Generated at Sun Jul 20 12:50:35 2025 by rpki-client