Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/WgQhUx6elgK5q5DWM2xET0CcBlU.roa
File: WgQhUx6elgK5q5DWM2xET0CcBlU.roa (raw, json)
Hash identifier: RNPKTaGIc8gYcCuteoaCMykpagg3oxXdSxwO4fME+5Q=
Subject key identifier: 5A:04:21:53:1E:9E:96:02:B9:AB:90:D6:33:6C:44:4F:40:9C:06:55
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 77E6
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/WgQhUx6elgK5q5DWM2xET0CcBlU.roa
Signing time: Thu 17 Jul 2025 01:41:59 +0000
ROA not before: Thu 17 Jul 2025 01:41:59 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 24426
IP address blocks: 43.239.48.0/22 maxlen: 22
43.246.0.0/22 maxlen: 22
43.246.4.0/22 maxlen: 22
43.246.12.0/22 maxlen: 22
43.246.16.0/22 maxlen: 22
43.246.20.0/22 maxlen: 22
43.246.24.0/22 maxlen: 22
43.246.28.0/22 maxlen: 22
43.246.32.0/22 maxlen: 22
43.246.36.0/22 maxlen: 22
43.246.40.0/22 maxlen: 22
43.246.44.0/22 maxlen: 22
43.246.52.0/22 maxlen: 22
43.246.56.0/22 maxlen: 22
43.246.60.0/22 maxlen: 22
43.246.64.0/22 maxlen: 22
43.246.68.0/22 maxlen: 22
43.246.72.0/22 maxlen: 22
43.246.76.0/22 maxlen: 22
43.246.80.0/22 maxlen: 22
43.246.84.0/22 maxlen: 22
43.246.88.0/22 maxlen: 22
43.246.92.0/22 maxlen: 22
43.246.96.0/22 maxlen: 22
103.35.48.0/22 maxlen: 22
103.236.0.0/22 maxlen: 22
103.236.4.0/22 maxlen: 22
103.236.8.0/22 maxlen: 22
103.236.12.0/22 maxlen: 22
103.236.16.0/22 maxlen: 22
103.236.20.0/22 maxlen: 22
103.236.28.0/22 maxlen: 22
103.236.32.0/22 maxlen: 22
103.236.36.0/22 maxlen: 22
103.236.40.0/22 maxlen: 22
103.236.44.0/22 maxlen: 22
103.236.48.0/22 maxlen: 22
103.236.52.0/22 maxlen: 22
103.236.56.0/22 maxlen: 22
103.236.60.0/22 maxlen: 22
103.236.64.0/22 maxlen: 22
103.236.68.0/22 maxlen: 22
103.236.72.0/22 maxlen: 22
103.236.76.0/22 maxlen: 22
103.236.80.0/22 maxlen: 22
103.236.84.0/22 maxlen: 22
103.236.88.0/22 maxlen: 22
103.236.92.0/22 maxlen: 22
103.236.96.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 30694 (0x77e6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Jul 17 01:41:59 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=5A0421531E9E9602B9AB90D6336C444F409C0655
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:03:83:86:99:80:4d:c0:87:43:39:0b:d5:a1:
66:c8:0a:32:e7:71:99:5a:86:8e:e5:6f:91:e2:3b:
90:f2:7f:cb:00:d4:38:68:b5:8a:e7:ea:4c:ec:f9:
6f:02:6c:e4:7a:39:46:86:fb:26:32:42:e8:d4:7a:
d0:f9:ed:32:cb:e7:16:e5:b4:0a:cd:e3:a9:2d:97:
1b:38:5a:93:c7:17:4e:1f:9a:0e:ef:1c:b6:28:60:
08:89:99:09:1a:d3:c0:f1:12:79:bc:05:74:34:f0:
ec:d7:89:21:c1:68:10:8c:85:57:03:78:df:dd:6d:
b7:eb:ec:1d:2e:33:46:51:b9:a4:98:e1:ba:ef:dd:
34:ad:d9:d7:49:98:da:64:3c:3d:e3:c8:4d:4f:80:
23:c5:fc:8e:d1:c8:93:fa:79:55:88:0d:9e:e8:2f:
07:c1:8f:2a:0a:6e:98:07:32:71:0c:79:13:01:f1:
30:fc:9b:c9:36:fa:06:f4:d5:41:6e:4c:5b:62:f5:
79:4a:5f:3e:eb:25:27:48:6c:9f:87:4c:af:3a:96:
70:68:26:8b:44:8c:25:88:a3:aa:26:ff:c4:83:5f:
09:49:db:a6:17:8d:6c:d1:aa:97:38:48:19:0a:85:
f1:18:39:74:9d:48:f8:20:8a:b4:f2:b2:08:84:96:
9a:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:04:21:53:1E:9E:96:02:B9:AB:90:D6:33:6C:44:4F:40:9C:06:55
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/WgQhUx6elgK5q5DWM2xET0CcBlU.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.48.0/22
43.246.0.0/21
43.246.12.0-43.246.47.255
43.246.52.0-43.246.99.255
103.35.48.0/22
103.236.0.0-103.236.23.255
103.236.28.0-103.236.99.255
Signature Algorithm: sha256WithRSAEncryption
38:3c:f1:94:87:af:99:a2:d0:4c:e8:61:49:b4:e0:34:c2:6f:
3e:8a:c1:de:86:1c:7f:3e:1c:93:98:56:70:a0:76:30:aa:d4:
ae:11:48:51:59:56:ef:b6:38:ea:af:78:b7:95:73:08:c9:dc:
69:d5:21:9f:dd:ab:32:cb:cb:2b:16:e3:cd:fd:23:fb:b0:28:
09:58:be:d1:95:ce:57:ae:11:49:25:a3:97:ec:38:d1:3c:83:
27:1a:9f:7e:6e:d0:5c:b7:46:e0:37:3b:52:99:d2:4b:6f:4e:
d5:c4:63:da:ea:30:c9:a3:6a:80:36:4d:f1:2e:d9:28:ef:2b:
46:ff:74:9c:54:ea:0a:19:fa:d9:16:6c:97:8f:cf:8c:2d:78:
01:c9:41:7f:33:53:82:53:1d:1c:ad:23:fa:ad:f8:36:36:f9:
33:74:df:40:0c:c0:d2:60:4d:ee:fa:9a:f7:2d:96:fe:b0:23:
09:99:77:87:96:85:06:c4:97:81:9a:3d:2c:f6:a1:03:80:0d:
7a:30:07:c9:13:c1:9f:11:f2:d6:f2:e1:28:b5:9d:48:0c:56:
e7:5b:bb:77:ed:d5:12:db:d7:a5:45:b9:b3:96:2c:b2:ee:db:
37:3d:aa:fa:56:c0:e9:09:09:35:6c:eb:14:4f:ce:38:72:4a:
45:98:e3:84
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgICd+YwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNTA3MTcw
MTQxNTlaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDVBMDQyMTUzMUU5RTk2
MDJCOUFCOTBENjMzNkM0NDRGNDA5QzA2NTUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC+A4OGmYBNwIdDOQvVoWbICjLncZlaho7lb5HiO5Dyf8sA1Dho
tYrn6kzs+W8CbOR6OUaG+yYyQujUetD57TLL5xbltArN46ktlxs4WpPHF04fmg7v
HLYoYAiJmQka08DxEnm8BXQ08OzXiSHBaBCMhVcDeN/dbbfr7B0uM0ZRuaSY4brv
3TSt2ddJmNpkPD3jyE1PgCPF/I7RyJP6eVWIDZ7oLwfBjyoKbpgHMnEMeRMB8TD8
m8k2+gb01UFuTFti9XlKXz7rJSdIbJ+HTK86lnBoJotEjCWIo6om/8SDXwlJ26YX
jWzRqpc4SBkKhfEYOXSdSPggirTysgiElpplAgMBAAGjggI0MIICMDAdBgNVHQ4E
FgQUWgQhUx6elgK5q5DWM2xET0CcBlUwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1dnUWhVeDZlbGdLNXE1
RFdNMnhFVDBDY0JsVS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwYgYIKwYBBQUHAQcBAf8EUzBRME8EAgABMEkD
BAIr7zADBAMr9gAwDAMEAiv2DAMEBCv2IDAMAwQCK/Y0AwQCK/ZgAwQCZyMwMAsD
AwJn7AMEA2fsEDAMAwQCZ+wcAwQCZ+xgMA0GCSqGSIb3DQEBCwUAA4IBAQA4PPGU
h6+ZotBM6GFJtOA0wm8+isHehhx/PhyTmFZwoHYwqtSuEUhRWVbvtjjqr3i3lXMI
ydxp1SGf3asyy8srFuPN/SP7sCgJWL7Rlc5XrhFJJaOX7DjRPIMnGp9+btBct0bg
NztSmdJLb07VxGPa6jDJo2qANk3xLtko7ytG/3ScVOoKGfrZFmyXj8+MLXgByUF/
M1OCUx0crSP6rfg2NvkzdN9ADMDSYE3u+pr3LZb+sCMJmXeHloUGxJeBmj0s9qED
gA16MAfJE8GfEfLW8uEotZ1IDFbnW7t37dUS29elRbmzliyy7ts3Par6VsDpCQk1
bOsUT844ckpFmOOE
-----END CERTIFICATE-----
Generated at Sun Jul 20 12:47:37 2025 by rpki-client