Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/X5VIFob30wyQVV3Y_EUvaB4z2lE.roa
File: X5VIFob30wyQVV3Y_EUvaB4z2lE.roa (raw, json)
Hash identifier: 62E7HLv2zhSki3E0LUyLZwaF8ZHWxvGfd/C5yu8BgzE=
Subject key identifier: 5F:95:48:16:86:F7:D3:0C:90:55:5D:D8:FC:45:2F:68:1E:33:DA:51
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 74CC
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/X5VIFob30wyQVV3Y_EUvaB4z2lE.roa
Signing time: Tue 08 Jul 2025 18:45:03 +0000
ROA not before: Tue 08 Jul 2025 18:45:03 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 24426
IP address blocks: 43.239.48.0/22 maxlen: 22
43.246.0.0/22 maxlen: 22
43.246.4.0/22 maxlen: 22
43.246.12.0/22 maxlen: 22
43.246.16.0/22 maxlen: 22
43.246.20.0/22 maxlen: 22
43.246.24.0/22 maxlen: 22
43.246.28.0/22 maxlen: 22
43.246.32.0/22 maxlen: 22
43.246.36.0/22 maxlen: 22
43.246.40.0/22 maxlen: 22
43.246.44.0/22 maxlen: 22
43.246.52.0/22 maxlen: 22
43.246.56.0/22 maxlen: 22
43.246.60.0/22 maxlen: 22
43.246.64.0/22 maxlen: 22
43.246.68.0/22 maxlen: 22
43.246.72.0/22 maxlen: 22
43.246.76.0/22 maxlen: 22
43.246.80.0/22 maxlen: 22
43.246.84.0/22 maxlen: 22
43.246.88.0/22 maxlen: 22
43.246.92.0/22 maxlen: 22
43.246.96.0/22 maxlen: 22
103.35.48.0/22 maxlen: 22
103.236.0.0/22 maxlen: 22
103.236.4.0/22 maxlen: 22
103.236.8.0/22 maxlen: 22
103.236.12.0/22 maxlen: 22
103.236.16.0/22 maxlen: 22
103.236.20.0/22 maxlen: 22
103.236.28.0/22 maxlen: 22
103.236.32.0/22 maxlen: 22
103.236.36.0/22 maxlen: 22
103.236.40.0/22 maxlen: 22
103.236.44.0/22 maxlen: 22
103.236.48.0/22 maxlen: 22
103.236.52.0/22 maxlen: 22
103.236.56.0/22 maxlen: 22
103.236.60.0/22 maxlen: 22
103.236.64.0/22 maxlen: 22
103.236.68.0/22 maxlen: 22
103.236.72.0/22 maxlen: 22
103.236.76.0/22 maxlen: 22
103.236.80.0/22 maxlen: 22
103.236.84.0/22 maxlen: 22
103.236.88.0/22 maxlen: 22
103.236.92.0/22 maxlen: 22
103.236.96.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 29900 (0x74cc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Jul 8 18:45:03 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=5F95481686F7D30C90555DD8FC452F681E33DA51
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:9f:8a:e9:d7:b2:34:5d:86:f4:6c:df:f6:46:
f3:30:ff:b4:d1:df:59:26:00:bc:ce:60:08:1c:8c:
21:87:23:7b:b3:97:53:64:6a:c0:26:5f:59:f4:ed:
3d:b5:89:a3:44:a1:9a:d1:c1:6d:23:0e:41:a3:15:
e1:63:ad:77:04:76:7a:bd:60:23:5d:be:e7:54:99:
55:f1:d4:ae:bf:15:8f:80:72:b0:d7:60:d0:87:e6:
3f:2b:95:14:03:0d:da:e0:07:6e:7f:f4:bc:7a:f6:
25:e6:5d:00:b6:2d:ff:44:8d:18:37:c4:14:5d:2a:
87:e2:a6:73:2e:cf:cb:87:92:05:8d:a7:04:e1:2f:
0e:73:46:5a:22:68:28:b5:cb:78:cc:53:d1:29:e2:
cd:41:b0:fb:25:81:9d:d8:35:1f:39:dd:6e:0d:8e:
50:a6:e8:39:1e:84:fa:6f:f1:81:4e:13:51:64:bc:
83:0d:0e:54:92:1a:23:0e:9d:2e:19:97:52:5c:bf:
3c:db:be:12:95:e7:e1:e7:be:d6:df:5e:e1:f0:9b:
1d:6b:f8:9c:20:5f:94:41:44:cd:c6:20:d6:d4:52:
7c:9d:22:3c:17:2a:56:9b:cd:7e:8c:2e:b2:61:06:
da:46:fa:b5:65:82:a4:32:6b:55:bc:ed:9f:ac:dd:
83:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:95:48:16:86:F7:D3:0C:90:55:5D:D8:FC:45:2F:68:1E:33:DA:51
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/X5VIFob30wyQVV3Y_EUvaB4z2lE.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.48.0/22
43.246.0.0/21
43.246.12.0-43.246.47.255
43.246.52.0-43.246.99.255
103.35.48.0/22
103.236.0.0-103.236.23.255
103.236.28.0-103.236.99.255
Signature Algorithm: sha256WithRSAEncryption
16:96:f1:04:3b:b8:e0:ae:63:37:e3:4f:28:30:22:fb:5b:c5:
be:a1:53:aa:c6:ce:90:4c:e5:3f:4f:76:df:1d:25:a9:3e:76:
46:9e:98:43:70:e2:59:13:47:72:cb:23:8b:de:76:d8:42:0e:
e4:e3:06:35:d9:19:48:5f:f0:08:12:0b:b2:4d:74:0f:9c:13:
e9:7a:c4:6c:29:05:2a:2b:ad:84:3d:37:29:7e:14:7f:9c:2b:
92:b5:a7:82:c6:9b:22:57:94:d9:b3:b2:00:27:b0:42:ab:26:
42:4c:13:aa:c1:d2:34:19:e1:d1:19:31:47:46:85:a1:fe:59:
b1:86:e6:67:6c:a0:3a:fc:5b:e1:9c:a3:f8:89:5e:26:2a:59:
54:da:20:2f:93:5b:da:d1:a3:05:9d:8b:90:57:da:40:f0:2c:
d2:cc:6a:8b:e7:00:d2:c2:52:67:6b:78:70:5c:33:72:5c:84:
d1:24:a1:89:01:cc:74:7a:f0:ed:57:5c:0a:7b:d0:e9:40:f8:
3e:27:83:cd:58:e0:d8:73:29:0e:c5:9f:e1:6e:4a:91:d8:67:
e1:82:11:75:ca:8f:f3:54:18:20:27:d9:59:be:49:ba:8c:a5:
b1:57:48:4f:c6:10:be:38:67:36:3c:12:1e:b2:67:94:c0:32:
67:72:ca:2a
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgICdMwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNTA3MDgx
ODQ1MDNaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDVGOTU0ODE2ODZGN0Qz
MEM5MDU1NUREOEZDNDUyRjY4MUUzM0RBNTEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC+n4rp17I0XYb0bN/2RvMw/7TR31kmALzOYAgcjCGHI3uzl1Nk
asAmX1n07T21iaNEoZrRwW0jDkGjFeFjrXcEdnq9YCNdvudUmVXx1K6/FY+AcrDX
YNCH5j8rlRQDDdrgB25/9Lx69iXmXQC2Lf9EjRg3xBRdKofipnMuz8uHkgWNpwTh
Lw5zRloiaCi1y3jMU9Ep4s1BsPslgZ3YNR853W4NjlCm6DkehPpv8YFOE1FkvIMN
DlSSGiMOnS4Zl1JcvzzbvhKV5+HnvtbfXuHwmx1r+JwgX5RBRM3GINbUUnydIjwX
KlabzX6MLrJhBtpG+rVlgqQya1W87Z+s3YPVAgMBAAGjggI0MIICMDAdBgNVHQ4E
FgQUX5VIFob30wyQVV3Y/EUvaB4z2lEwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1g1VklGb2IzMHd5UVZW
M1lfRVV2YUI0ejJsRS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwYgYIKwYBBQUHAQcBAf8EUzBRME8EAgABMEkD
BAIr7zADBAMr9gAwDAMEAiv2DAMEBCv2IDAMAwQCK/Y0AwQCK/ZgAwQCZyMwMAsD
AwJn7AMEA2fsEDAMAwQCZ+wcAwQCZ+xgMA0GCSqGSIb3DQEBCwUAA4IBAQAWlvEE
O7jgrmM3408oMCL7W8W+oVOqxs6QTOU/T3bfHSWpPnZGnphDcOJZE0dyyyOL3nbY
Qg7k4wY12RlIX/AIEguyTXQPnBPpesRsKQUqK62EPTcpfhR/nCuStaeCxpsiV5TZ
s7IAJ7BCqyZCTBOqwdI0GeHRGTFHRoWh/lmxhuZnbKA6/FvhnKP4iV4mKllU2iAv
k1va0aMFnYuQV9pA8CzSzGqL5wDSwlJna3hwXDNyXITRJKGJAcx0evDtV1wKe9Dp
QPg+J4PNWODYcykOxZ/hbkqR2GfhghF1yo/zVBggJ9lZvkm6jKWxV0hPxhC+OGc2
PBIesmeUwDJncsoq
-----END CERTIFICATE-----
Generated at Sun Jul 20 12:35:10 2025 by rpki-client