Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/WxYs-91VjcCqRHxgpdhpsvxrt6I.roa
File: WxYs-91VjcCqRHxgpdhpsvxrt6I.roa (raw, json)
Hash identifier: tFmyvZBx9jwGOp2FzMIA9yA3hRKA5oWvkL4U4YC5ORw=
Subject key identifier: 5B:16:2C:FB:DD:55:8D:C0:AA:44:7C:60:A5:D8:69:B2:FC:6B:B7:A2
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 77CC
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/WxYs-91VjcCqRHxgpdhpsvxrt6I.roa
Signing time: Wed 16 Jul 2025 19:11:57 +0000
ROA not before: Wed 16 Jul 2025 19:11:57 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 24426
IP address blocks: 43.239.48.0/22 maxlen: 22
43.246.0.0/22 maxlen: 22
43.246.4.0/22 maxlen: 22
43.246.12.0/22 maxlen: 22
43.246.16.0/22 maxlen: 22
43.246.20.0/22 maxlen: 22
43.246.24.0/22 maxlen: 22
43.246.28.0/22 maxlen: 22
43.246.32.0/22 maxlen: 22
43.246.36.0/22 maxlen: 22
43.246.40.0/22 maxlen: 22
43.246.44.0/22 maxlen: 22
43.246.52.0/22 maxlen: 22
43.246.56.0/22 maxlen: 22
43.246.60.0/22 maxlen: 22
43.246.64.0/22 maxlen: 22
43.246.68.0/22 maxlen: 22
43.246.72.0/22 maxlen: 22
43.246.76.0/22 maxlen: 22
43.246.80.0/22 maxlen: 22
43.246.84.0/22 maxlen: 22
43.246.88.0/22 maxlen: 22
43.246.92.0/22 maxlen: 22
43.246.96.0/22 maxlen: 22
103.35.48.0/22 maxlen: 22
103.236.0.0/22 maxlen: 22
103.236.4.0/22 maxlen: 22
103.236.8.0/22 maxlen: 22
103.236.12.0/22 maxlen: 22
103.236.16.0/22 maxlen: 22
103.236.20.0/22 maxlen: 22
103.236.28.0/22 maxlen: 22
103.236.32.0/22 maxlen: 22
103.236.36.0/22 maxlen: 22
103.236.40.0/22 maxlen: 22
103.236.44.0/22 maxlen: 22
103.236.48.0/22 maxlen: 22
103.236.52.0/22 maxlen: 22
103.236.56.0/22 maxlen: 22
103.236.60.0/22 maxlen: 22
103.236.64.0/22 maxlen: 22
103.236.68.0/22 maxlen: 22
103.236.72.0/22 maxlen: 22
103.236.76.0/22 maxlen: 22
103.236.80.0/22 maxlen: 22
103.236.84.0/22 maxlen: 22
103.236.88.0/22 maxlen: 22
103.236.92.0/22 maxlen: 22
103.236.96.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 30668 (0x77cc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Jul 16 19:11:57 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=5B162CFBDD558DC0AA447C60A5D869B2FC6BB7A2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:02:b6:90:89:16:86:3b:ae:32:4e:ee:29:03:
13:29:b5:66:dc:d2:76:31:05:45:7c:46:25:94:f5:
76:d5:c6:0d:4b:b3:e5:83:67:a4:dc:b5:42:c7:95:
f3:9d:b8:6a:1a:8c:4a:7e:f1:b9:f6:59:b5:0b:cf:
85:28:21:ac:f7:8c:e2:7c:98:ae:c8:1d:4a:53:ce:
6a:42:ef:fb:02:8a:87:17:07:34:a5:fd:cd:b8:bf:
3d:1f:dd:9c:db:18:c0:c9:c2:02:fe:a6:76:2d:33:
31:0f:a1:5a:ee:85:6b:ef:f6:9a:f7:1d:e3:79:01:
3a:79:01:d2:49:9c:57:73:38:d5:6a:91:78:ee:3d:
70:ee:da:7a:2d:6b:58:36:11:7f:45:d9:bf:bc:79:
37:ac:36:65:af:3d:14:f1:b3:5e:66:b0:eb:cb:33:
cb:09:d8:bb:29:9f:f4:2e:c9:12:a7:ea:52:1b:53:
75:1c:7b:ec:45:63:33:4a:eb:11:9b:05:d8:a3:4e:
fc:8c:f6:b2:39:0a:56:4e:00:fe:b8:89:44:da:8d:
2a:10:17:27:b1:44:6f:2e:7a:57:e0:fc:e5:4d:b9:
ee:ef:1f:69:22:3f:0a:bc:12:ab:67:ae:fa:d8:fc:
74:68:bf:79:b2:87:2b:bb:5c:09:45:7f:a3:cb:28:
b0:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:16:2C:FB:DD:55:8D:C0:AA:44:7C:60:A5:D8:69:B2:FC:6B:B7:A2
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/WxYs-91VjcCqRHxgpdhpsvxrt6I.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.48.0/22
43.246.0.0/21
43.246.12.0-43.246.47.255
43.246.52.0-43.246.99.255
103.35.48.0/22
103.236.0.0-103.236.23.255
103.236.28.0-103.236.99.255
Signature Algorithm: sha256WithRSAEncryption
4c:89:2b:64:0d:3a:b4:ba:16:2c:29:de:f9:0d:b3:17:88:57:
dc:46:b2:82:b2:86:09:84:f5:5a:d9:fc:e6:e9:34:49:25:96:
f5:65:b0:2a:1d:55:80:16:e8:40:4c:54:ba:ac:8a:06:8f:7b:
d6:24:f4:c5:31:93:ec:f3:98:6b:ed:26:f4:b7:43:60:c6:e0:
34:0e:fe:1d:ec:8a:48:25:61:3b:bc:5d:e8:5c:df:17:ee:3c:
c8:e4:5b:3f:53:2d:4c:e1:b8:c3:23:56:b3:2d:0d:d2:00:1f:
c2:92:ca:a8:fd:02:f2:9b:92:19:9f:df:4b:fd:38:fb:1c:b9:
f0:67:72:d7:db:9e:61:9f:01:5a:b4:f5:49:50:b5:74:9f:f8:
77:6f:94:96:bd:24:5d:6a:aa:58:f8:b2:57:04:c1:43:60:b6:
b5:70:38:c3:61:03:19:91:50:22:a3:83:af:68:db:d9:fb:77:
4b:a4:14:0b:25:e7:04:f0:cb:51:33:c5:f9:ad:fa:3f:0e:82:
15:c2:2d:6e:44:b8:6f:b1:1d:2a:d4:f6:6f:c3:19:7b:17:3f:
c9:79:a1:ad:04:cc:8b:5f:f8:c9:bc:fe:f3:3b:a2:ff:04:fe:
5b:74:64:c8:cc:0a:06:dd:56:a8:4e:76:fb:a8:1a:b1:3b:ca:
1a:fa:05:6a
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgICd8wwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNTA3MTYx
OTExNTdaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDVCMTYyQ0ZCREQ1NThE
QzBBQTQ0N0M2MEE1RDg2OUIyRkM2QkI3QTIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCtAraQiRaGO64yTu4pAxMptWbc0nYxBUV8RiWU9XbVxg1Ls+WD
Z6TctULHlfOduGoajEp+8bn2WbULz4UoIaz3jOJ8mK7IHUpTzmpC7/sCiocXBzSl
/c24vz0f3ZzbGMDJwgL+pnYtMzEPoVruhWvv9pr3HeN5ATp5AdJJnFdzONVqkXju
PXDu2nota1g2EX9F2b+8eTesNmWvPRTxs15msOvLM8sJ2Lspn/QuyRKn6lIbU3Uc
e+xFYzNK6xGbBdijTvyM9rI5ClZOAP64iUTajSoQFyexRG8uelfg/OVNue7vH2ki
Pwq8EqtnrvrY/HRov3myhyu7XAlFf6PLKLApAgMBAAGjggI0MIICMDAdBgNVHQ4E
FgQUWxYs+91VjcCqRHxgpdhpsvxrt6IwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1d4WXMtOTFWamNDcVJI
eGdwZGhwc3Z4cnQ2SS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwYgYIKwYBBQUHAQcBAf8EUzBRME8EAgABMEkD
BAIr7zADBAMr9gAwDAMEAiv2DAMEBCv2IDAMAwQCK/Y0AwQCK/ZgAwQCZyMwMAsD
AwJn7AMEA2fsEDAMAwQCZ+wcAwQCZ+xgMA0GCSqGSIb3DQEBCwUAA4IBAQBMiStk
DTq0uhYsKd75DbMXiFfcRrKCsoYJhPVa2fzm6TRJJZb1ZbAqHVWAFuhATFS6rIoG
j3vWJPTFMZPs85hr7Sb0t0NgxuA0Dv4d7IpIJWE7vF3oXN8X7jzI5Fs/Uy1M4bjD
I1azLQ3SAB/Cksqo/QLym5IZn99L/Tj7HLnwZ3LX255hnwFatPVJULV0n/h3b5SW
vSRdaqpY+LJXBMFDYLa1cDjDYQMZkVAio4OvaNvZ+3dLpBQLJecE8MtRM8X5rfo/
DoIVwi1uRLhvsR0q1PZvwxl7Fz/JeaGtBMyLX/jJvP7zO6L/BP5bdGTIzAoG3Vao
Tnb7qBqxO8oa+gVq
-----END CERTIFICATE-----
Generated at Sun Jul 20 12:47:44 2025 by rpki-client