Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/WyAWd9WRbHHylVKj7jiDwpTh1P8.roa
File: WyAWd9WRbHHylVKj7jiDwpTh1P8.roa (raw, json)
Hash identifier: CGbxCreXBRktJBZuKZl72hlC5+LgWJ4fNRTzvxYx7ho=
Subject key identifier: 5B:20:16:77:D5:91:6C:71:F2:95:52:A3:EE:38:83:C2:94:E1:D4:FF
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 6362
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/WyAWd9WRbHHylVKj7jiDwpTh1P8.roa
Signing time: Fri 23 May 2025 02:40:42 +0000
ROA not before: Fri 23 May 2025 02:40:42 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 24426
IP address blocks: 43.239.48.0/22 maxlen: 22
43.246.0.0/22 maxlen: 22
43.246.4.0/22 maxlen: 22
43.246.12.0/22 maxlen: 22
43.246.16.0/22 maxlen: 22
43.246.20.0/22 maxlen: 22
43.246.24.0/22 maxlen: 22
43.246.28.0/22 maxlen: 22
43.246.32.0/22 maxlen: 22
43.246.36.0/22 maxlen: 22
43.246.40.0/22 maxlen: 22
43.246.44.0/22 maxlen: 22
43.246.52.0/22 maxlen: 22
43.246.56.0/22 maxlen: 22
43.246.60.0/22 maxlen: 22
43.246.64.0/22 maxlen: 22
43.246.68.0/22 maxlen: 22
43.246.72.0/22 maxlen: 22
43.246.76.0/22 maxlen: 22
43.246.80.0/22 maxlen: 22
43.246.84.0/22 maxlen: 22
43.246.88.0/22 maxlen: 22
43.246.92.0/22 maxlen: 22
43.246.96.0/22 maxlen: 22
103.35.48.0/22 maxlen: 22
103.236.0.0/22 maxlen: 22
103.236.4.0/22 maxlen: 22
103.236.8.0/22 maxlen: 22
103.236.12.0/22 maxlen: 22
103.236.16.0/22 maxlen: 22
103.236.20.0/22 maxlen: 22
103.236.28.0/22 maxlen: 22
103.236.32.0/22 maxlen: 22
103.236.36.0/22 maxlen: 22
103.236.40.0/22 maxlen: 22
103.236.44.0/22 maxlen: 22
103.236.48.0/22 maxlen: 22
103.236.52.0/22 maxlen: 22
103.236.56.0/22 maxlen: 22
103.236.60.0/22 maxlen: 22
103.236.64.0/22 maxlen: 22
103.236.68.0/22 maxlen: 22
103.236.72.0/22 maxlen: 22
103.236.76.0/22 maxlen: 22
103.236.80.0/22 maxlen: 22
103.236.84.0/22 maxlen: 22
103.236.88.0/22 maxlen: 22
103.236.92.0/22 maxlen: 22
103.236.96.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 25442 (0x6362)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 23 02:40:42 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=5B201677D5916C71F29552A3EE3883C294E1D4FF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:d5:d8:a9:73:6c:11:07:dd:ea:d7:41:e9:7e:
45:17:2e:2e:a6:6b:f4:cf:3f:54:76:a0:42:77:3a:
23:25:64:c2:be:2d:26:98:de:2a:06:7f:0d:0c:13:
41:59:5c:60:6b:01:96:c6:00:aa:57:de:7a:02:64:
f9:f0:d3:b3:89:4b:36:a0:c9:1f:74:22:ac:9f:9a:
21:36:43:26:8f:44:bd:3c:b6:01:e8:07:c6:a8:cb:
a9:d1:1f:9a:ad:ad:6a:85:90:e1:75:4c:c9:b5:d2:
ce:c0:c6:f7:2c:fd:4a:75:4a:e2:8c:0a:3e:47:53:
9c:43:da:85:74:81:75:0f:3a:8a:e3:95:56:f9:68:
14:3b:76:1e:3a:2c:13:c8:f0:e7:f8:0f:2a:0d:34:
0d:36:aa:df:92:7d:1a:1f:07:7c:72:d1:37:43:f4:
15:18:28:e5:5b:c4:5e:dd:83:6f:6e:6f:36:1b:45:
da:d1:45:9c:e3:d0:c5:ba:48:9a:cf:00:be:41:10:
d0:62:0b:ad:26:64:35:60:e9:a8:7c:b7:5e:52:4c:
8d:3e:42:09:8d:2d:da:cc:ec:f6:e7:0c:8b:25:0e:
5c:07:72:ef:bc:47:7d:87:e9:e3:14:d1:0b:d0:5e:
f0:59:62:b3:01:e1:fb:80:cf:40:33:eb:3e:16:08:
10:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:20:16:77:D5:91:6C:71:F2:95:52:A3:EE:38:83:C2:94:E1:D4:FF
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/WyAWd9WRbHHylVKj7jiDwpTh1P8.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.48.0/22
43.246.0.0/21
43.246.12.0-43.246.47.255
43.246.52.0-43.246.99.255
103.35.48.0/22
103.236.0.0-103.236.23.255
103.236.28.0-103.236.99.255
Signature Algorithm: sha256WithRSAEncryption
95:f8:c6:5d:f3:68:3f:7f:db:ab:78:1c:e4:6b:fd:fb:77:d9:
e4:6c:13:cd:97:78:2b:9f:43:51:09:38:0f:39:cb:d5:30:3d:
66:a7:a0:a3:8a:0d:ef:18:74:e0:2f:f6:51:4a:c7:6c:b9:f2:
6d:cf:fd:68:b4:e1:55:0e:56:95:a2:5e:16:9d:3e:f8:32:07:
ab:89:1f:fe:29:d4:56:78:57:c0:19:2e:a6:d5:8f:5a:e8:96:
e5:bc:ac:fc:7e:17:0a:29:3f:0e:0d:07:3e:91:c4:e1:03:50:
38:6d:28:80:17:29:c3:dc:78:1f:9a:9b:0d:e6:33:9c:cd:90:
51:8e:a1:90:8f:5d:5a:b1:e3:44:9b:5d:ab:7a:6d:ad:c6:a7:
7a:4c:6d:32:44:9b:27:e4:fb:f6:bf:c5:0a:73:dd:76:4d:09:
a6:5d:92:f5:4e:cb:31:2a:4b:80:f1:0b:c5:e0:0b:32:ad:31:
5d:be:60:dd:c7:f5:5a:cb:8f:da:4e:36:b2:6a:22:10:83:81:
21:6b:27:ab:37:26:61:47:5c:1f:d2:a7:23:5a:55:73:29:d7:
8b:15:ec:86:61:2e:ed:42:1a:4b:ef:de:4c:1f:97:c9:08:4f:
90:2b:82:ac:2d:6e:15:05:45:d5:bc:ff:12:f7:52:bf:61:6f:
3f:95:b9:6e
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgICY2IwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNTA1MjMw
MjQwNDJaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDVCMjAxNjc3RDU5MTZD
NzFGMjk1NTJBM0VFMzg4M0MyOTRFMUQ0RkYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDV1dipc2wRB93q10HpfkUXLi6ma/TPP1R2oEJ3OiMlZMK+LSaY
3ioGfw0ME0FZXGBrAZbGAKpX3noCZPnw07OJSzagyR90IqyfmiE2QyaPRL08tgHo
B8aoy6nRH5qtrWqFkOF1TMm10s7Axvcs/Up1SuKMCj5HU5xD2oV0gXUPOorjlVb5
aBQ7dh46LBPI8Of4DyoNNA02qt+SfRofB3xy0TdD9BUYKOVbxF7dg29ubzYbRdrR
RZzj0MW6SJrPAL5BENBiC60mZDVg6ah8t15STI0+QgmNLdrM7PbnDIslDlwHcu+8
R32H6eMU0QvQXvBZYrMB4fuAz0Az6z4WCBCRAgMBAAGjggI0MIICMDAdBgNVHQ4E
FgQUWyAWd9WRbHHylVKj7jiDwpTh1P8wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1d5QVdkOVdSYkhIeWxW
S2o3amlEd3BUaDFQOC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwYgYIKwYBBQUHAQcBAf8EUzBRME8EAgABMEkD
BAIr7zADBAMr9gAwDAMEAiv2DAMEBCv2IDAMAwQCK/Y0AwQCK/ZgAwQCZyMwMAsD
AwJn7AMEA2fsEDAMAwQCZ+wcAwQCZ+xgMA0GCSqGSIb3DQEBCwUAA4IBAQCV+MZd
82g/f9ureBzka/37d9nkbBPNl3grn0NRCTgPOcvVMD1mp6Cjig3vGHTgL/ZRSsds
ufJtz/1otOFVDlaVol4WnT74MgeriR/+KdRWeFfAGS6m1Y9a6JblvKz8fhcKKT8O
DQc+kcThA1A4bSiAFynD3HgfmpsN5jOczZBRjqGQj11aseNEm12rem2txqd6TG0y
RJsn5Pv2v8UKc912TQmmXZL1TssxKkuA8QvF4AsyrTFdvmDdx/Vay4/aTjayaiIQ
g4EhayerNyZhR1wf0qcjWlVzKdeLFeyGYS7tQhpL795MH5fJCE+QK4KsLW4VBUXV
vP8S91K/YW8/lblu
-----END CERTIFICATE-----
Generated at Wed Jun 4 01:14:28 2025 by rpki-client