Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/ar38uJRsjPwCq4g-bWLmoDwKBoA.roa
File: ar38uJRsjPwCq4g-bWLmoDwKBoA.roa (raw, json)
Hash identifier: VkNMPRll+bGrWSAa3Kl/11xSyv0QzMOKAKl7SKfUVhg=
Subject key identifier: 6A:BD:FC:B8:94:6C:8C:FC:02:AB:88:3E:6D:62:E6:A0:3C:0A:06:80
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 6650
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/ar38uJRsjPwCq4g-bWLmoDwKBoA.roa
Signing time: Fri 30 May 2025 22:12:49 +0000
ROA not before: Fri 30 May 2025 22:12:49 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 24426
IP address blocks: 43.239.48.0/22 maxlen: 22
43.246.0.0/22 maxlen: 22
43.246.4.0/22 maxlen: 22
43.246.12.0/22 maxlen: 22
43.246.16.0/22 maxlen: 22
43.246.20.0/22 maxlen: 22
43.246.24.0/22 maxlen: 22
43.246.28.0/22 maxlen: 22
43.246.32.0/22 maxlen: 22
43.246.36.0/22 maxlen: 22
43.246.40.0/22 maxlen: 22
43.246.44.0/22 maxlen: 22
43.246.52.0/22 maxlen: 22
43.246.56.0/22 maxlen: 22
43.246.60.0/22 maxlen: 22
43.246.64.0/22 maxlen: 22
43.246.68.0/22 maxlen: 22
43.246.72.0/22 maxlen: 22
43.246.76.0/22 maxlen: 22
43.246.80.0/22 maxlen: 22
43.246.84.0/22 maxlen: 22
43.246.88.0/22 maxlen: 22
43.246.92.0/22 maxlen: 22
43.246.96.0/22 maxlen: 22
103.35.48.0/22 maxlen: 22
103.236.0.0/22 maxlen: 22
103.236.4.0/22 maxlen: 22
103.236.8.0/22 maxlen: 22
103.236.12.0/22 maxlen: 22
103.236.16.0/22 maxlen: 22
103.236.20.0/22 maxlen: 22
103.236.28.0/22 maxlen: 22
103.236.32.0/22 maxlen: 22
103.236.36.0/22 maxlen: 22
103.236.40.0/22 maxlen: 22
103.236.44.0/22 maxlen: 22
103.236.48.0/22 maxlen: 22
103.236.52.0/22 maxlen: 22
103.236.56.0/22 maxlen: 22
103.236.60.0/22 maxlen: 22
103.236.64.0/22 maxlen: 22
103.236.68.0/22 maxlen: 22
103.236.72.0/22 maxlen: 22
103.236.76.0/22 maxlen: 22
103.236.80.0/22 maxlen: 22
103.236.84.0/22 maxlen: 22
103.236.88.0/22 maxlen: 22
103.236.92.0/22 maxlen: 22
103.236.96.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 26192 (0x6650)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 30 22:12:49 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=6ABDFCB8946C8CFC02AB883E6D62E6A03C0A0680
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:64:a2:49:c3:78:0f:c5:53:ac:db:e9:48:f2:
b6:bd:8c:02:c4:37:e6:f6:78:18:ef:7e:2d:f8:a6:
cd:ef:7b:96:68:08:74:6a:6d:33:8d:22:37:9e:7c:
60:e8:90:45:a8:00:cd:72:69:be:30:e4:56:a4:10:
da:88:fa:06:e1:3d:51:69:bf:4b:e2:55:ea:4f:f8:
25:f9:17:de:05:16:be:31:d2:d8:74:f7:d5:f7:d9:
fb:24:48:e7:e3:7f:1b:7c:7f:a3:b6:15:a0:ef:ad:
7c:4b:26:a3:54:a8:b4:7f:2b:21:69:71:ab:84:f6:
e6:06:f6:eb:6b:24:33:99:51:28:4e:1f:6e:70:e9:
be:7f:a3:08:9c:85:f7:6c:e1:e7:45:90:1d:d9:62:
fa:db:76:56:33:05:53:0e:4f:cd:ec:09:fa:db:3f:
60:e4:62:45:d2:62:c2:41:50:f9:53:85:92:ed:c2:
5c:b6:b0:36:9a:eb:6e:e8:7d:a3:b1:c2:98:3c:24:
47:50:28:ff:58:25:11:c5:d8:74:6a:68:1d:3b:66:
b9:ca:7f:97:20:64:5b:0a:0e:ed:03:02:54:d7:7f:
c2:93:93:65:79:50:2a:d2:22:a0:be:c0:60:2b:17:
15:fc:ae:0c:e9:c5:8e:8d:ce:45:8e:e7:6d:e6:c8:
51:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:BD:FC:B8:94:6C:8C:FC:02:AB:88:3E:6D:62:E6:A0:3C:0A:06:80
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/ar38uJRsjPwCq4g-bWLmoDwKBoA.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.48.0/22
43.246.0.0/21
43.246.12.0-43.246.47.255
43.246.52.0-43.246.99.255
103.35.48.0/22
103.236.0.0-103.236.23.255
103.236.28.0-103.236.99.255
Signature Algorithm: sha256WithRSAEncryption
4c:62:14:cb:62:59:a2:dc:cd:de:13:c2:54:9f:d3:6d:c6:72:
a2:bc:5c:b8:77:bd:f3:af:bc:40:0a:1b:6b:c1:03:b4:c1:45:
19:0d:87:fc:95:5c:74:de:9a:c2:8a:f3:d0:10:77:1e:d3:a0:
50:4d:2e:5e:75:2f:3e:0e:5b:a0:72:57:23:da:b7:99:ee:ab:
b2:24:f9:db:01:6e:56:34:0f:aa:5c:cc:ee:8e:a4:f5:10:4b:
4b:e1:97:18:8b:a3:e3:51:77:3f:60:bc:41:b9:77:e6:2c:fb:
a6:f5:4c:24:6a:7b:e5:1b:80:48:83:bc:8f:02:11:10:e6:40:
33:f8:9b:bd:9d:98:b1:98:59:5c:b7:fe:91:30:30:11:f8:2e:
4d:2d:a2:26:2a:ff:e7:91:fb:43:11:45:5e:7e:ae:f3:d1:c6:
03:8f:4e:81:9c:a9:08:33:68:e8:28:01:df:c7:d9:52:7d:8e:
95:76:28:0b:c4:68:49:1a:16:5f:d5:67:af:4f:3a:20:4f:0e:
4c:be:f1:62:21:ab:d1:76:0a:65:a8:80:5f:77:cf:e2:3a:df:
17:38:7e:8c:dc:b4:5e:b9:6a:f2:b4:fd:15:29:f3:40:93:d7:
a1:35:18:33:ee:90:2f:d2:7f:0e:a2:6e:4e:ad:85:97:c0:51:
91:8c:71:6b
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgICZlAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNTA1MzAy
MjEyNDlaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDZBQkRGQ0I4OTQ2QzhD
RkMwMkFCODgzRTZENjJFNkEwM0MwQTA2ODAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDfZKJJw3gPxVOs2+lI8ra9jALEN+b2eBjvfi34ps3ve5ZoCHRq
bTONIjeefGDokEWoAM1yab4w5FakENqI+gbhPVFpv0viVepP+CX5F94FFr4x0th0
99X32fskSOfjfxt8f6O2FaDvrXxLJqNUqLR/KyFpcauE9uYG9utrJDOZUShOH25w
6b5/owichfds4edFkB3ZYvrbdlYzBVMOT83sCfrbP2DkYkXSYsJBUPlThZLtwly2
sDaa627ofaOxwpg8JEdQKP9YJRHF2HRqaB07ZrnKf5cgZFsKDu0DAlTXf8KTk2V5
UCrSIqC+wGArFxX8rgzpxY6NzkWO523myFFrAgMBAAGjggI0MIICMDAdBgNVHQ4E
FgQUar38uJRsjPwCq4g+bWLmoDwKBoAwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2FyMzh1SlJzalB3Q3E0
Zy1iV0xtb0R3S0JvQS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwYgYIKwYBBQUHAQcBAf8EUzBRME8EAgABMEkD
BAIr7zADBAMr9gAwDAMEAiv2DAMEBCv2IDAMAwQCK/Y0AwQCK/ZgAwQCZyMwMAsD
AwJn7AMEA2fsEDAMAwQCZ+wcAwQCZ+xgMA0GCSqGSIb3DQEBCwUAA4IBAQBMYhTL
Ylmi3M3eE8JUn9NtxnKivFy4d73zr7xAChtrwQO0wUUZDYf8lVx03prCivPQEHce
06BQTS5edS8+Dlugclcj2reZ7quyJPnbAW5WNA+qXMzujqT1EEtL4ZcYi6PjUXc/
YLxBuXfmLPum9UwkanvlG4BIg7yPAhEQ5kAz+Ju9nZixmFlct/6RMDAR+C5NLaIm
Kv/nkftDEUVefq7z0cYDj06BnKkIM2joKAHfx9lSfY6VdigLxGhJGhZf1WevTzog
Tw5MvvFiIavRdgplqIBfd8/iOt8XOH6M3LReuWrytP0VKfNAk9ehNRgz7pAv0n8O
om5OrYWXwFGRjHFr
-----END CERTIFICATE-----
Generated at Wed Jun 4 01:09:32 2025 by rpki-client