Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/_uMn45V-Q2gAueLsCeEDvSgTYRg.roa
File: _uMn45V-Q2gAueLsCeEDvSgTYRg.roa (raw, json)
Hash identifier: rPBEA6c3hbpT814OFdZdTZ8prgFniIhhz4ZTecEJVqU=
Subject key identifier: FE:E3:27:E3:95:7E:43:68:00:B9:E2:EC:09:E1:03:BD:28:13:61:18
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 74D4
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/_uMn45V-Q2gAueLsCeEDvSgTYRg.roa
Signing time: Tue 08 Jul 2025 20:45:09 +0000
ROA not before: Tue 08 Jul 2025 20:45:09 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 24426
IP address blocks: 43.239.48.0/22 maxlen: 22
43.246.0.0/22 maxlen: 22
43.246.4.0/22 maxlen: 22
43.246.12.0/22 maxlen: 22
43.246.16.0/22 maxlen: 22
43.246.20.0/22 maxlen: 22
43.246.24.0/22 maxlen: 22
43.246.28.0/22 maxlen: 22
43.246.32.0/22 maxlen: 22
43.246.36.0/22 maxlen: 22
43.246.40.0/22 maxlen: 22
43.246.44.0/22 maxlen: 22
43.246.52.0/22 maxlen: 22
43.246.56.0/22 maxlen: 22
43.246.60.0/22 maxlen: 22
43.246.64.0/22 maxlen: 22
43.246.68.0/22 maxlen: 22
43.246.72.0/22 maxlen: 22
43.246.76.0/22 maxlen: 22
43.246.80.0/22 maxlen: 22
43.246.84.0/22 maxlen: 22
43.246.88.0/22 maxlen: 22
43.246.92.0/22 maxlen: 22
43.246.96.0/22 maxlen: 22
103.35.48.0/22 maxlen: 22
103.236.0.0/22 maxlen: 22
103.236.4.0/22 maxlen: 22
103.236.8.0/22 maxlen: 22
103.236.12.0/22 maxlen: 22
103.236.16.0/22 maxlen: 22
103.236.20.0/22 maxlen: 22
103.236.28.0/22 maxlen: 22
103.236.32.0/22 maxlen: 22
103.236.36.0/22 maxlen: 22
103.236.40.0/22 maxlen: 22
103.236.44.0/22 maxlen: 22
103.236.48.0/22 maxlen: 22
103.236.52.0/22 maxlen: 22
103.236.56.0/22 maxlen: 22
103.236.60.0/22 maxlen: 22
103.236.64.0/22 maxlen: 22
103.236.68.0/22 maxlen: 22
103.236.72.0/22 maxlen: 22
103.236.76.0/22 maxlen: 22
103.236.80.0/22 maxlen: 22
103.236.84.0/22 maxlen: 22
103.236.88.0/22 maxlen: 22
103.236.92.0/22 maxlen: 22
103.236.96.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 29908 (0x74d4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Jul 8 20:45:09 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=FEE327E3957E436800B9E2EC09E103BD28136118
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:f5:64:ca:2c:d5:c7:1a:2b:57:04:d4:75:35:
d9:a6:e1:a2:16:0f:d2:50:2b:a9:04:a8:de:b8:23:
f5:a1:c4:69:b0:b6:70:af:10:9d:86:b0:3c:ce:5c:
9c:d6:38:b6:04:e1:aa:c0:65:fc:17:71:32:d1:66:
02:48:9e:76:ed:26:c2:c6:87:08:32:b1:b5:0b:e6:
75:b0:e9:1a:94:d0:a6:0c:11:b0:bb:e5:f0:d3:48:
84:06:27:da:07:b6:e9:63:ea:b5:e8:41:19:5f:c0:
4c:ee:bb:2b:55:dc:f2:af:83:30:eb:76:c9:3d:9b:
2d:29:d0:aa:47:3c:b3:25:d4:30:76:60:95:67:12:
af:04:1a:4e:3d:6b:33:09:7c:44:02:80:23:48:d8:
31:0a:77:7a:db:cc:6e:4a:06:49:05:8e:0a:28:24:
ed:0b:f4:35:23:69:39:b0:d1:bc:5d:48:53:cd:a3:
a7:34:7a:0e:56:f9:88:95:fa:b4:63:2b:ae:61:25:
96:70:52:30:52:b0:fd:96:58:11:06:d4:40:10:af:
f9:c0:a2:d7:b3:68:33:05:95:b3:0b:81:77:88:c9:
3a:bc:b8:60:c3:c6:96:02:a0:1e:7a:49:70:71:67:
c0:04:4b:70:0e:5c:61:d6:79:60:4f:d5:46:9f:78:
d1:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:E3:27:E3:95:7E:43:68:00:B9:E2:EC:09:E1:03:BD:28:13:61:18
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/_uMn45V-Q2gAueLsCeEDvSgTYRg.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.48.0/22
43.246.0.0/21
43.246.12.0-43.246.47.255
43.246.52.0-43.246.99.255
103.35.48.0/22
103.236.0.0-103.236.23.255
103.236.28.0-103.236.99.255
Signature Algorithm: sha256WithRSAEncryption
5a:a7:fc:64:54:bb:50:28:20:77:6e:e4:21:36:95:53:76:03:
d5:c8:fc:20:90:c1:a9:c0:88:4f:74:0c:ce:7e:16:db:ad:e0:
29:89:f0:39:76:bc:ba:35:61:a5:17:cd:af:0d:ad:67:9e:8e:
4d:98:f3:1e:81:d7:93:08:e1:e3:a9:53:5a:81:88:34:32:6a:
a9:ef:b9:c1:86:7d:10:2a:c7:6f:08:2e:dd:fc:de:e3:e1:f0:
17:e5:2b:d1:b1:d5:8a:84:da:52:72:02:cc:c5:8f:49:df:10:
ef:43:9e:8e:28:e5:c8:94:ab:ce:bb:35:ac:e3:37:49:c3:fb:
64:76:62:7a:a7:1f:97:45:1c:de:c7:6c:6b:15:d8:d5:53:fb:
fa:83:47:03:55:39:4e:f9:f1:85:37:e7:a7:68:aa:5d:a8:15:
c6:16:95:4c:ae:54:4e:c6:6c:5b:8c:bf:6a:ff:6d:d2:8e:cf:
61:69:cb:c8:45:97:9f:1b:bb:68:f7:19:a2:d2:04:1a:ef:4b:
ab:a7:af:5d:2a:e4:87:c3:dc:00:1a:40:58:64:05:67:ad:18:
66:f7:83:d6:0f:2e:d1:15:27:09:df:c0:49:a5:3f:e7:b4:c4:
19:49:26:b1:61:21:e8:70:9a:42:7a:ad:09:aa:b6:1f:e1:18:
06:20:18:74
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgICdNQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNTA3MDgy
MDQ1MDlaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKEZFRTMyN0UzOTU3RTQz
NjgwMEI5RTJFQzA5RTEwM0JEMjgxMzYxMTgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCy9WTKLNXHGitXBNR1Ndmm4aIWD9JQK6kEqN64I/WhxGmwtnCv
EJ2GsDzOXJzWOLYE4arAZfwXcTLRZgJInnbtJsLGhwgysbUL5nWw6RqU0KYMEbC7
5fDTSIQGJ9oHtulj6rXoQRlfwEzuuytV3PKvgzDrdsk9my0p0KpHPLMl1DB2YJVn
Eq8EGk49azMJfEQCgCNI2DEKd3rbzG5KBkkFjgooJO0L9DUjaTmw0bxdSFPNo6c0
eg5W+YiV+rRjK65hJZZwUjBSsP2WWBEG1EAQr/nAotezaDMFlbMLgXeIyTq8uGDD
xpYCoB56SXBxZ8AES3AOXGHWeWBP1UafeNE1AgMBAAGjggI0MIICMDAdBgNVHQ4E
FgQU/uMn45V+Q2gAueLsCeEDvSgTYRgwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L191TW40NVYtUTJnQXVl
THNDZUVEdlNnVFlSZy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwYgYIKwYBBQUHAQcBAf8EUzBRME8EAgABMEkD
BAIr7zADBAMr9gAwDAMEAiv2DAMEBCv2IDAMAwQCK/Y0AwQCK/ZgAwQCZyMwMAsD
AwJn7AMEA2fsEDAMAwQCZ+wcAwQCZ+xgMA0GCSqGSIb3DQEBCwUAA4IBAQBap/xk
VLtQKCB3buQhNpVTdgPVyPwgkMGpwIhPdAzOfhbbreApifA5dry6NWGlF82vDa1n
no5NmPMegdeTCOHjqVNagYg0Mmqp77nBhn0QKsdvCC7d/N7j4fAX5SvRsdWKhNpS
cgLMxY9J3xDvQ56OKOXIlKvOuzWs4zdJw/tkdmJ6px+XRRzex2xrFdjVU/v6g0cD
VTlO+fGFN+enaKpdqBXGFpVMrlROxmxbjL9q/23Sjs9hacvIRZefG7to9xmi0gQa
70urp69dKuSHw9wAGkBYZAVnrRhm94PWDy7RFScJ38BJpT/ntMQZSSaxYSHocJpC
eq0JqrYf4RgGIBh0
-----END CERTIFICATE-----
Generated at Sun Jul 20 12:32:51 2025 by rpki-client