Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/YEvuJuomuVIglsy83SOvid_nE-U.roa
File: YEvuJuomuVIglsy83SOvid_nE-U.roa (raw, json)
Hash identifier: 28hRruF4hzN+82MLvLe07+FO29BzrxZ46Wlnqxx5W5I=
Subject key identifier: 60:4B:EE:26:EA:26:B9:52:20:96:CC:BC:DD:23:AF:89:DF:E7:13:E5
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 62B8
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/YEvuJuomuVIglsy83SOvid_nE-U.roa
Signing time: Wed 21 May 2025 08:10:42 +0000
ROA not before: Wed 21 May 2025 08:10:42 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 24426
IP address blocks: 43.239.48.0/22 maxlen: 22
43.246.0.0/22 maxlen: 22
43.246.4.0/22 maxlen: 22
43.246.12.0/22 maxlen: 22
43.246.16.0/22 maxlen: 22
43.246.20.0/22 maxlen: 22
43.246.24.0/22 maxlen: 22
43.246.28.0/22 maxlen: 22
43.246.32.0/22 maxlen: 22
43.246.36.0/22 maxlen: 22
43.246.40.0/22 maxlen: 22
43.246.44.0/22 maxlen: 22
43.246.52.0/22 maxlen: 22
43.246.56.0/22 maxlen: 22
43.246.60.0/22 maxlen: 22
43.246.64.0/22 maxlen: 22
43.246.68.0/22 maxlen: 22
43.246.72.0/22 maxlen: 22
43.246.76.0/22 maxlen: 22
43.246.80.0/22 maxlen: 22
43.246.84.0/22 maxlen: 22
43.246.88.0/22 maxlen: 22
43.246.92.0/22 maxlen: 22
43.246.96.0/22 maxlen: 22
103.35.48.0/22 maxlen: 22
103.236.0.0/22 maxlen: 22
103.236.4.0/22 maxlen: 22
103.236.8.0/22 maxlen: 22
103.236.12.0/22 maxlen: 22
103.236.16.0/22 maxlen: 22
103.236.20.0/22 maxlen: 22
103.236.28.0/22 maxlen: 22
103.236.32.0/22 maxlen: 22
103.236.36.0/22 maxlen: 22
103.236.40.0/22 maxlen: 22
103.236.44.0/22 maxlen: 22
103.236.48.0/22 maxlen: 22
103.236.52.0/22 maxlen: 22
103.236.56.0/22 maxlen: 22
103.236.60.0/22 maxlen: 22
103.236.64.0/22 maxlen: 22
103.236.68.0/22 maxlen: 22
103.236.72.0/22 maxlen: 22
103.236.76.0/22 maxlen: 22
103.236.80.0/22 maxlen: 22
103.236.84.0/22 maxlen: 22
103.236.88.0/22 maxlen: 22
103.236.92.0/22 maxlen: 22
103.236.96.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 25272 (0x62b8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 21 08:10:42 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=604BEE26EA26B9522096CCBCDD23AF89DFE713E5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:3a:98:c3:25:47:90:c4:55:b4:c8:2e:9f:a3:
0a:45:aa:ff:00:32:d6:4b:bd:2f:6d:66:5c:94:d4:
b0:8b:e1:95:5a:0d:05:2a:11:7f:41:d2:49:7c:e0:
f1:e4:10:d1:8c:d6:5e:fd:70:4a:cb:9b:35:b3:32:
36:97:87:f8:57:d3:d4:85:b0:af:0f:a3:73:25:e8:
bd:53:38:d7:cb:c5:43:3d:4f:85:c4:7e:17:71:bd:
99:43:2f:a9:ab:63:02:9c:c8:f4:5d:a1:9d:1d:a3:
e9:73:51:dc:db:cf:c7:3d:11:af:82:ed:a1:e5:99:
f1:54:bb:12:79:91:e2:61:34:d2:d3:ed:d6:e7:9d:
62:8a:42:e8:45:2a:9f:39:a0:47:30:d6:85:df:1e:
9b:40:64:2c:f6:89:16:16:ae:97:fa:1e:55:b9:42:
e8:34:16:e5:16:1a:78:a3:35:c9:80:40:3e:7d:9e:
fc:33:58:55:14:67:74:2c:21:86:e4:bc:3d:5d:fb:
64:69:d5:de:88:78:22:b9:be:b1:10:6a:ee:2d:39:
01:3c:df:3f:48:f4:d7:ae:3a:d0:87:80:e1:12:47:
ff:b5:f5:56:8f:f9:3d:3e:d1:6e:85:3b:5f:ab:98:
60:80:3f:79:25:7a:f4:d7:37:05:20:ba:b3:fc:50:
be:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:4B:EE:26:EA:26:B9:52:20:96:CC:BC:DD:23:AF:89:DF:E7:13:E5
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/YEvuJuomuVIglsy83SOvid_nE-U.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.48.0/22
43.246.0.0/21
43.246.12.0-43.246.47.255
43.246.52.0-43.246.99.255
103.35.48.0/22
103.236.0.0-103.236.23.255
103.236.28.0-103.236.99.255
Signature Algorithm: sha256WithRSAEncryption
77:15:6f:26:d3:99:91:3f:6c:8f:43:2b:cd:0c:bf:1a:74:c9:
c6:b6:cd:d9:8e:e9:1a:33:55:d1:6d:03:40:27:6d:d3:61:5a:
73:46:16:11:dc:9d:2c:58:ef:07:e9:68:6c:9c:a5:d0:3b:50:
07:9e:f8:52:59:4d:02:8d:52:f1:63:4d:e8:ee:6c:f0:e3:22:
1d:e3:2a:f7:9e:8d:94:4f:6c:14:c0:c3:a3:bb:e4:64:29:0e:
49:dc:97:00:e4:4e:fe:75:3a:67:07:d5:72:14:aa:a6:6d:77:
28:52:68:bd:0b:91:50:f9:87:9c:ba:6d:ab:79:04:91:c3:66:
7b:c9:4b:f3:d1:f1:ec:16:69:5e:5f:5f:bd:53:d7:3a:4d:21:
78:8d:3a:be:60:2d:e2:f4:24:07:a4:67:33:39:e0:f9:50:35:
bc:bf:9f:1b:f4:d6:c2:7f:4b:53:26:ad:f8:eb:6f:c2:92:d9:
36:cc:13:58:6b:6f:4a:cd:73:7c:ab:d3:51:e9:cf:5d:26:3e:
e5:ce:b4:df:f3:8e:87:46:7c:f1:0d:01:2d:67:24:1d:d7:d4:
4c:1f:6a:8d:ba:f4:58:5f:ef:bf:10:b5:bd:91:50:77:b1:48:
4f:83:7a:67:7e:8b:e8:15:2d:9d:90:41:f9:35:c1:65:62:c0:
dc:5f:72:30
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgICYrgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNTA1MjEw
ODEwNDJaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDYwNEJFRTI2RUEyNkI5
NTIyMDk2Q0NCQ0REMjNBRjg5REZFNzEzRTUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDuOpjDJUeQxFW0yC6fowpFqv8AMtZLvS9tZlyU1LCL4ZVaDQUq
EX9B0kl84PHkENGM1l79cErLmzWzMjaXh/hX09SFsK8Po3Ml6L1TONfLxUM9T4XE
fhdxvZlDL6mrYwKcyPRdoZ0do+lzUdzbz8c9Ea+C7aHlmfFUuxJ5keJhNNLT7dbn
nWKKQuhFKp85oEcw1oXfHptAZCz2iRYWrpf6HlW5Qug0FuUWGnijNcmAQD59nvwz
WFUUZ3QsIYbkvD1d+2Rp1d6IeCK5vrEQau4tOQE83z9I9NeuOtCHgOESR/+19VaP
+T0+0W6FO1+rmGCAP3klevTXNwUgurP8UL6lAgMBAAGjggI0MIICMDAdBgNVHQ4E
FgQUYEvuJuomuVIglsy83SOvid/nE+UwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1lFdnVKdW9tdVZJZ2xz
eTgzU092aWRfbkUtVS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwYgYIKwYBBQUHAQcBAf8EUzBRME8EAgABMEkD
BAIr7zADBAMr9gAwDAMEAiv2DAMEBCv2IDAMAwQCK/Y0AwQCK/ZgAwQCZyMwMAsD
AwJn7AMEA2fsEDAMAwQCZ+wcAwQCZ+xgMA0GCSqGSIb3DQEBCwUAA4IBAQB3FW8m
05mRP2yPQyvNDL8adMnGts3ZjukaM1XRbQNAJ23TYVpzRhYR3J0sWO8H6WhsnKXQ
O1AHnvhSWU0CjVLxY03o7mzw4yId4yr3no2UT2wUwMOju+RkKQ5J3JcA5E7+dTpn
B9VyFKqmbXcoUmi9C5FQ+Yecum2reQSRw2Z7yUvz0fHsFmleX1+9U9c6TSF4jTq+
YC3i9CQHpGczOeD5UDW8v58b9NbCf0tTJq3462/Cktk2zBNYa29KzXN8q9NR6c9d
Jj7lzrTf846HRnzxDQEtZyQd19RMH2qNuvRYX++/ELW9kVB3sUhPg3pnfovoFS2d
kEH5NcFlYsDcX3Iw
-----END CERTIFICATE-----
Generated at Wed Jun 4 02:49:46 2025 by rpki-client