Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/cHpDAhvwlPt1PPOGGdGVXilHdxA.roa
File: cHpDAhvwlPt1PPOGGdGVXilHdxA.roa (raw, json)
Hash identifier: Ua6OtGX7gN26fFXg4v56oe4GJG/7kGOLYEmJSZ7KFw0=
Subject key identifier: 70:7A:43:02:1B:F0:94:FB:75:3C:F3:86:19:D1:95:5E:29:47:77:10
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 6496
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/cHpDAhvwlPt1PPOGGdGVXilHdxA.roa
Signing time: Mon 26 May 2025 07:41:06 +0000
ROA not before: Mon 26 May 2025 07:41:06 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 24426
IP address blocks: 43.239.48.0/22 maxlen: 22
43.246.0.0/22 maxlen: 22
43.246.4.0/22 maxlen: 22
43.246.12.0/22 maxlen: 22
43.246.16.0/22 maxlen: 22
43.246.20.0/22 maxlen: 22
43.246.24.0/22 maxlen: 22
43.246.28.0/22 maxlen: 22
43.246.32.0/22 maxlen: 22
43.246.36.0/22 maxlen: 22
43.246.40.0/22 maxlen: 22
43.246.44.0/22 maxlen: 22
43.246.52.0/22 maxlen: 22
43.246.56.0/22 maxlen: 22
43.246.60.0/22 maxlen: 22
43.246.64.0/22 maxlen: 22
43.246.68.0/22 maxlen: 22
43.246.72.0/22 maxlen: 22
43.246.76.0/22 maxlen: 22
43.246.80.0/22 maxlen: 22
43.246.84.0/22 maxlen: 22
43.246.88.0/22 maxlen: 22
43.246.92.0/22 maxlen: 22
43.246.96.0/22 maxlen: 22
103.35.48.0/22 maxlen: 22
103.236.0.0/22 maxlen: 22
103.236.4.0/22 maxlen: 22
103.236.8.0/22 maxlen: 22
103.236.12.0/22 maxlen: 22
103.236.16.0/22 maxlen: 22
103.236.20.0/22 maxlen: 22
103.236.28.0/22 maxlen: 22
103.236.32.0/22 maxlen: 22
103.236.36.0/22 maxlen: 22
103.236.40.0/22 maxlen: 22
103.236.44.0/22 maxlen: 22
103.236.48.0/22 maxlen: 22
103.236.52.0/22 maxlen: 22
103.236.56.0/22 maxlen: 22
103.236.60.0/22 maxlen: 22
103.236.64.0/22 maxlen: 22
103.236.68.0/22 maxlen: 22
103.236.72.0/22 maxlen: 22
103.236.76.0/22 maxlen: 22
103.236.80.0/22 maxlen: 22
103.236.84.0/22 maxlen: 22
103.236.88.0/22 maxlen: 22
103.236.92.0/22 maxlen: 22
103.236.96.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 25750 (0x6496)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 26 07:41:06 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=707A43021BF094FB753CF38619D1955E29477710
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:3b:54:d1:e6:d6:ed:35:2b:73:b2:72:86:28:
dc:81:4f:89:ee:ce:3d:19:8c:ec:f6:86:2f:62:13:
5a:32:53:34:26:94:62:0f:64:9e:28:f4:86:94:cc:
f9:c3:fe:63:a4:7c:40:72:ab:65:a4:43:3f:05:06:
da:d2:bf:46:b8:cc:93:e3:05:98:2c:aa:bb:1d:d5:
cd:45:bb:aa:11:30:58:4d:59:bb:45:df:51:01:59:
52:28:a5:90:56:d3:92:c2:f3:a6:67:28:ec:51:78:
ca:d0:85:bd:e5:9f:dc:e1:b7:30:2d:d0:d1:a4:53:
f0:5a:1b:01:e8:65:f3:a1:f8:05:6e:8e:c7:ff:06:
6c:9b:49:b8:2b:83:1f:13:3d:5a:07:c1:26:d2:8e:
10:32:5c:59:fb:61:f5:77:8c:d5:12:ee:66:05:0f:
98:2d:44:7a:97:cb:c9:e7:cf:a2:30:fa:f3:e6:10:
3b:e9:90:6e:3a:5b:48:be:21:81:e4:07:f0:27:b9:
ed:c2:95:53:71:fb:8e:19:71:6f:42:8a:13:89:cf:
42:06:e2:99:f4:36:e2:cc:d3:02:ff:6f:bc:50:45:
84:8c:9e:91:d5:ca:50:18:fb:3a:9d:e5:8f:73:a8:
29:6b:c3:5b:26:6f:ad:30:02:92:3f:73:01:cb:51:
c2:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:7A:43:02:1B:F0:94:FB:75:3C:F3:86:19:D1:95:5E:29:47:77:10
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/cHpDAhvwlPt1PPOGGdGVXilHdxA.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.48.0/22
43.246.0.0/21
43.246.12.0-43.246.47.255
43.246.52.0-43.246.99.255
103.35.48.0/22
103.236.0.0-103.236.23.255
103.236.28.0-103.236.99.255
Signature Algorithm: sha256WithRSAEncryption
0e:64:8a:0b:4a:a8:ab:d8:87:ad:bb:ba:4c:b7:3f:0e:e7:55:
10:d6:0b:33:2a:24:0c:f8:d4:60:c3:20:75:1e:eb:2e:77:73:
fb:c2:d0:56:5c:d3:45:43:f0:f5:a9:7b:25:95:47:1c:68:54:
eb:0f:fc:a5:e0:4e:1f:ef:10:86:73:96:6c:1d:09:25:7a:e6:
c9:88:07:23:48:8f:47:d4:e4:2c:d5:14:3a:93:f2:fb:9c:20:
9f:e2:83:18:1f:37:54:ee:17:bf:04:54:7b:c1:77:63:e5:f5:
a8:5e:44:a4:e0:48:88:33:98:42:20:14:05:cd:50:4b:ee:3a:
2e:4e:85:a2:89:54:66:2c:2a:83:1d:6a:5b:bb:20:cf:5d:7b:
71:07:7c:93:80:6f:df:10:8e:bc:22:40:ae:fe:08:65:09:1b:
60:76:30:64:90:93:be:64:cb:7a:b7:c0:88:3e:dc:7b:15:1f:
28:a4:bf:b5:41:2d:ab:d6:13:ca:34:b7:30:84:cc:f8:64:6c:
90:8b:5c:f4:13:ec:7b:93:4f:89:80:a6:85:86:59:a8:cf:00:
98:7d:34:dd:04:2e:7e:f9:74:85:30:6a:d7:57:54:5b:b6:56:
b8:62:70:9a:dc:46:a1:a1:6d:a6:26:2c:87:fc:3d:8e:93:9e:
3b:fe:fb:c0
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgICZJYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNTA1MjYw
NzQxMDZaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDcwN0E0MzAyMUJGMDk0
RkI3NTNDRjM4NjE5RDE5NTVFMjk0Nzc3MTAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCSO1TR5tbtNStzsnKGKNyBT4nuzj0ZjOz2hi9iE1oyUzQmlGIP
ZJ4o9IaUzPnD/mOkfEByq2WkQz8FBtrSv0a4zJPjBZgsqrsd1c1Fu6oRMFhNWbtF
31EBWVIopZBW05LC86ZnKOxReMrQhb3ln9zhtzAt0NGkU/BaGwHoZfOh+AVujsf/
BmybSbgrgx8TPVoHwSbSjhAyXFn7YfV3jNUS7mYFD5gtRHqXy8nnz6Iw+vPmEDvp
kG46W0i+IYHkB/Anue3ClVNx+44ZcW9CihOJz0IG4pn0NuLM0wL/b7xQRYSMnpHV
ylAY+zqd5Y9zqClrw1smb60wApI/cwHLUcJPAgMBAAGjggI0MIICMDAdBgNVHQ4E
FgQUcHpDAhvwlPt1PPOGGdGVXilHdxAwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2NIcERBaHZ3bFB0MVBQ
T0dHZEdWWGlsSGR4QS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwYgYIKwYBBQUHAQcBAf8EUzBRME8EAgABMEkD
BAIr7zADBAMr9gAwDAMEAiv2DAMEBCv2IDAMAwQCK/Y0AwQCK/ZgAwQCZyMwMAsD
AwJn7AMEA2fsEDAMAwQCZ+wcAwQCZ+xgMA0GCSqGSIb3DQEBCwUAA4IBAQAOZIoL
Sqir2Ietu7pMtz8O51UQ1gszKiQM+NRgwyB1Husud3P7wtBWXNNFQ/D1qXsllUcc
aFTrD/yl4E4f7xCGc5ZsHQkleubJiAcjSI9H1OQs1RQ6k/L7nCCf4oMYHzdU7he/
BFR7wXdj5fWoXkSk4EiIM5hCIBQFzVBL7jouToWiiVRmLCqDHWpbuyDPXXtxB3yT
gG/fEI68IkCu/ghlCRtgdjBkkJO+ZMt6t8CIPtx7FR8opL+1QS2r1hPKNLcwhMz4
ZGyQi1z0E+x7k0+JgKaFhlmozwCYfTTdBC5++XSFMGrXV1Rbtla4YnCa3EahoW2m
JiyH/D2Ok547/vvA
-----END CERTIFICATE-----
Generated at Wed Jun 4 00:58:54 2025 by rpki-client