Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/WlwppKFBfEJPD0lVo54ksidEM5Q.roa
File: WlwppKFBfEJPD0lVo54ksidEM5Q.roa (raw, json)
Hash identifier: t00lPOsVmzJ7Y9hxxLTaKiuT1VRN49FN9isVkQFYzQA=
Subject key identifier: 5A:5C:29:A4:A1:41:7C:42:4F:0F:49:55:A3:9E:24:B2:27:44:33:94
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 6248
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/WlwppKFBfEJPD0lVo54ksidEM5Q.roa
Signing time: Tue 20 May 2025 04:13:59 +0000
ROA not before: Tue 20 May 2025 04:13:59 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 24426
IP address blocks: 43.239.48.0/22 maxlen: 22
43.246.0.0/22 maxlen: 22
43.246.4.0/22 maxlen: 22
43.246.12.0/22 maxlen: 22
43.246.16.0/22 maxlen: 22
43.246.20.0/22 maxlen: 22
43.246.24.0/22 maxlen: 22
43.246.28.0/22 maxlen: 22
43.246.32.0/22 maxlen: 22
43.246.36.0/22 maxlen: 22
43.246.40.0/22 maxlen: 22
43.246.44.0/22 maxlen: 22
43.246.52.0/22 maxlen: 22
43.246.56.0/22 maxlen: 22
43.246.60.0/22 maxlen: 22
43.246.64.0/22 maxlen: 22
43.246.68.0/22 maxlen: 22
43.246.72.0/22 maxlen: 22
43.246.76.0/22 maxlen: 22
43.246.80.0/22 maxlen: 22
43.246.84.0/22 maxlen: 22
43.246.88.0/22 maxlen: 22
43.246.92.0/22 maxlen: 22
43.246.96.0/22 maxlen: 22
103.35.48.0/22 maxlen: 22
103.236.0.0/22 maxlen: 22
103.236.4.0/22 maxlen: 22
103.236.8.0/22 maxlen: 22
103.236.12.0/22 maxlen: 22
103.236.16.0/22 maxlen: 22
103.236.20.0/22 maxlen: 22
103.236.28.0/22 maxlen: 22
103.236.32.0/22 maxlen: 22
103.236.36.0/22 maxlen: 22
103.236.40.0/22 maxlen: 22
103.236.44.0/22 maxlen: 22
103.236.48.0/22 maxlen: 22
103.236.52.0/22 maxlen: 22
103.236.56.0/22 maxlen: 22
103.236.60.0/22 maxlen: 22
103.236.64.0/22 maxlen: 22
103.236.68.0/22 maxlen: 22
103.236.72.0/22 maxlen: 22
103.236.76.0/22 maxlen: 22
103.236.80.0/22 maxlen: 22
103.236.84.0/22 maxlen: 22
103.236.88.0/22 maxlen: 22
103.236.92.0/22 maxlen: 22
103.236.96.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 25160 (0x6248)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 20 04:13:59 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=5A5C29A4A1417C424F0F4955A39E24B227443394
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:44:c9:3a:df:87:cd:25:b4:46:9c:8d:c4:5e:
b5:1f:81:14:e0:6e:97:a1:8d:ac:0e:44:39:8b:9f:
c3:22:b6:ba:3b:bf:e5:67:19:cb:8b:06:4d:c2:e4:
a0:99:85:fe:b8:c9:2f:a5:b1:14:f3:41:2f:5c:d9:
29:26:4a:93:87:21:6e:d5:21:8f:b9:e9:23:ce:36:
b2:02:f7:53:8f:b3:dd:95:31:f1:41:ac:2a:99:c8:
c9:a8:9b:af:7c:c0:d7:f8:ab:b0:29:ce:1d:ed:ab:
af:66:1f:44:af:dd:a2:f9:d9:dc:5c:19:61:0d:2b:
07:fc:8b:29:ce:58:82:66:64:7a:79:4b:b8:bc:83:
9b:45:6d:dc:b3:57:3b:6a:49:4e:f8:a1:89:84:71:
4a:88:3c:5b:fb:cd:f1:a1:b0:54:ca:24:a1:c4:a0:
24:46:7c:7a:20:80:dc:fd:87:1f:92:b5:5c:8f:58:
cd:36:c3:7d:51:97:32:99:77:b1:cf:0e:c1:77:eb:
6e:35:25:cc:06:5e:2c:df:3c:ef:2c:4a:9b:7d:82:
b4:d3:21:47:fa:47:47:7f:a2:d2:a9:3d:e9:2d:76:
91:93:88:e2:57:2a:29:a3:65:0c:f4:9a:b1:3d:04:
fc:ad:1b:ec:cc:ba:4d:5b:51:20:13:87:03:b4:4b:
41:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:5C:29:A4:A1:41:7C:42:4F:0F:49:55:A3:9E:24:B2:27:44:33:94
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/WlwppKFBfEJPD0lVo54ksidEM5Q.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.48.0/22
43.246.0.0/21
43.246.12.0-43.246.47.255
43.246.52.0-43.246.99.255
103.35.48.0/22
103.236.0.0-103.236.23.255
103.236.28.0-103.236.99.255
Signature Algorithm: sha256WithRSAEncryption
1a:b6:0e:64:2f:a7:d8:99:ca:c5:15:40:19:bc:ce:9a:34:88:
07:1e:99:52:7c:2d:fb:7d:78:22:48:f9:06:d2:f4:2e:a4:79:
44:3b:62:c8:75:28:5f:c5:e1:1d:6d:92:51:d7:a0:47:15:d0:
b0:ab:ab:1c:c1:e1:00:a7:7c:f7:41:99:26:5a:2e:02:2b:85:
cf:a1:dd:2e:8f:63:8d:5e:20:17:2c:c6:a2:95:b3:d6:5e:6e:
7c:6a:f4:9c:90:55:4f:2f:0c:e8:78:9a:3d:80:da:6c:37:ac:
94:95:04:eb:cf:9e:3b:7f:8c:48:52:1a:6a:75:43:7a:dd:b1:
15:b5:56:e4:44:d5:ac:ac:02:fe:54:18:76:e8:89:04:88:19:
7a:bb:3a:92:de:cf:71:94:7d:87:12:93:f5:db:7d:a8:14:a0:
55:ed:b8:f9:cd:3d:77:9c:2f:e2:a2:ff:14:39:1b:5e:6e:db:
91:a4:01:78:39:ea:35:e7:23:3f:5a:84:21:b9:3f:f2:26:63:
15:ac:2b:0d:88:ff:ec:2f:97:17:2c:d0:35:08:50:dc:80:4f:
1b:73:1d:54:05:87:6a:f4:4a:a6:fa:75:2b:10:a2:80:07:3a:
f3:1f:bf:7d:87:35:3b:eb:52:60:8f:6e:bb:f4:fe:eb:90:03:
e2:99:f6:a9
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgICYkgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNTA1MjAw
NDEzNTlaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDVBNUMyOUE0QTE0MTdD
NDI0RjBGNDk1NUEzOUUyNEIyMjc0NDMzOTQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDiRMk634fNJbRGnI3EXrUfgRTgbpehjawORDmLn8Mitro7v+Vn
GcuLBk3C5KCZhf64yS+lsRTzQS9c2SkmSpOHIW7VIY+56SPONrIC91OPs92VMfFB
rCqZyMmom698wNf4q7Apzh3tq69mH0Sv3aL52dxcGWENKwf8iynOWIJmZHp5S7i8
g5tFbdyzVztqSU74oYmEcUqIPFv7zfGhsFTKJKHEoCRGfHoggNz9hx+StVyPWM02
w31RlzKZd7HPDsF36241JcwGXizfPO8sSpt9grTTIUf6R0d/otKpPektdpGTiOJX
KimjZQz0mrE9BPytG+zMuk1bUSAThwO0S0F/AgMBAAGjggI0MIICMDAdBgNVHQ4E
FgQUWlwppKFBfEJPD0lVo54ksidEM5QwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1dsd3BwS0ZCZkVKUEQw
bFZvNTRrc2lkRU01US5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwYgYIKwYBBQUHAQcBAf8EUzBRME8EAgABMEkD
BAIr7zADBAMr9gAwDAMEAiv2DAMEBCv2IDAMAwQCK/Y0AwQCK/ZgAwQCZyMwMAsD
AwJn7AMEA2fsEDAMAwQCZ+wcAwQCZ+xgMA0GCSqGSIb3DQEBCwUAA4IBAQAatg5k
L6fYmcrFFUAZvM6aNIgHHplSfC37fXgiSPkG0vQupHlEO2LIdShfxeEdbZJR16BH
FdCwq6scweEAp3z3QZkmWi4CK4XPod0uj2ONXiAXLMailbPWXm58avSckFVPLwzo
eJo9gNpsN6yUlQTrz547f4xIUhpqdUN63bEVtVbkRNWsrAL+VBh26IkEiBl6uzqS
3s9xlH2HEpP1232oFKBV7bj5zT13nC/iov8UORtebtuRpAF4Oeo15yM/WoQhuT/y
JmMVrCsNiP/sL5cXLNA1CFDcgE8bcx1UBYdq9Eqm+nUrEKKABzrzH799hzU761Jg
j2679P7rkAPimfap
-----END CERTIFICATE-----
Generated at Wed Jun 4 01:19:34 2025 by rpki-client