Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/ccDy6TMYm9cm4FRjiM-b0pExtz8.roa
File: ccDy6TMYm9cm4FRjiM-b0pExtz8.roa (raw, json)
Hash identifier: +CyG3ezn+KCtbYSXocM0D7dGpC6cXI+nEp20MuS6BQI=
Subject key identifier: 71:C0:F2:E9:33:18:9B:D7:26:E0:54:63:88:CF:9B:D2:91:31:B7:3F
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 66EC
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/ccDy6TMYm9cm4FRjiM-b0pExtz8.roa
Signing time: Sun 01 Jun 2025 13:11:58 +0000
ROA not before: Sun 01 Jun 2025 13:11:58 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 24426
IP address blocks: 43.239.48.0/22 maxlen: 22
43.246.0.0/22 maxlen: 22
43.246.4.0/22 maxlen: 22
43.246.12.0/22 maxlen: 22
43.246.16.0/22 maxlen: 22
43.246.20.0/22 maxlen: 22
43.246.24.0/22 maxlen: 22
43.246.28.0/22 maxlen: 22
43.246.32.0/22 maxlen: 22
43.246.36.0/22 maxlen: 22
43.246.40.0/22 maxlen: 22
43.246.44.0/22 maxlen: 22
43.246.52.0/22 maxlen: 22
43.246.56.0/22 maxlen: 22
43.246.60.0/22 maxlen: 22
43.246.64.0/22 maxlen: 22
43.246.68.0/22 maxlen: 22
43.246.72.0/22 maxlen: 22
43.246.76.0/22 maxlen: 22
43.246.80.0/22 maxlen: 22
43.246.84.0/22 maxlen: 22
43.246.88.0/22 maxlen: 22
43.246.92.0/22 maxlen: 22
43.246.96.0/22 maxlen: 22
103.35.48.0/22 maxlen: 22
103.236.0.0/22 maxlen: 22
103.236.4.0/22 maxlen: 22
103.236.8.0/22 maxlen: 22
103.236.12.0/22 maxlen: 22
103.236.16.0/22 maxlen: 22
103.236.20.0/22 maxlen: 22
103.236.28.0/22 maxlen: 22
103.236.32.0/22 maxlen: 22
103.236.36.0/22 maxlen: 22
103.236.40.0/22 maxlen: 22
103.236.44.0/22 maxlen: 22
103.236.48.0/22 maxlen: 22
103.236.52.0/22 maxlen: 22
103.236.56.0/22 maxlen: 22
103.236.60.0/22 maxlen: 22
103.236.64.0/22 maxlen: 22
103.236.68.0/22 maxlen: 22
103.236.72.0/22 maxlen: 22
103.236.76.0/22 maxlen: 22
103.236.80.0/22 maxlen: 22
103.236.84.0/22 maxlen: 22
103.236.88.0/22 maxlen: 22
103.236.92.0/22 maxlen: 22
103.236.96.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 26348 (0x66ec)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Jun 1 13:11:58 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=71C0F2E933189BD726E0546388CF9BD29131B73F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:3b:2f:28:22:2d:01:3d:a1:e0:09:18:0c:ad:
cc:36:f1:7d:d1:b8:c4:b3:a0:61:e9:a5:91:a7:0c:
03:3e:c2:69:c1:cb:76:b3:94:55:43:6b:df:b9:97:
0a:99:64:a0:f7:af:a9:81:ee:37:1d:4e:6f:7a:e3:
cb:5e:de:c5:ff:2f:e5:e2:4a:62:59:21:d6:70:24:
10:7a:4c:19:24:75:04:3b:4b:83:2e:c5:5c:e2:2d:
b7:4c:62:db:0d:9c:98:71:8a:2f:bf:c0:31:51:58:
ba:20:d3:53:9a:e1:a7:3d:9d:8b:6c:b5:15:fe:05:
92:0f:40:e5:ab:f3:79:05:55:78:a2:03:ad:0a:25:
27:4c:0c:57:d8:02:e2:f8:51:f5:c7:3c:8f:4a:a6:
88:3b:94:f5:0c:38:92:4c:e7:6c:be:b5:9e:5f:b5:
3b:3c:c9:0e:60:c7:29:4d:3a:d7:b0:e7:30:1a:8e:
bc:28:ba:03:e8:e9:2e:0e:4c:6a:ab:98:c4:6c:0b:
69:ea:09:d9:ab:52:08:c7:7f:9c:d3:30:8b:eb:b8:
8f:a1:bc:4a:a4:03:cf:c5:19:36:1b:9d:74:3f:c5:
19:33:4e:ba:14:ad:d7:59:17:a1:7f:f7:28:75:29:
03:c0:4a:4b:1d:d8:7f:7c:f5:20:97:f9:3c:bb:c1:
8f:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:C0:F2:E9:33:18:9B:D7:26:E0:54:63:88:CF:9B:D2:91:31:B7:3F
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/ccDy6TMYm9cm4FRjiM-b0pExtz8.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.48.0/22
43.246.0.0/21
43.246.12.0-43.246.47.255
43.246.52.0-43.246.99.255
103.35.48.0/22
103.236.0.0-103.236.23.255
103.236.28.0-103.236.99.255
Signature Algorithm: sha256WithRSAEncryption
1d:06:5a:60:f2:84:45:27:34:e5:03:d5:1a:c0:f9:a6:22:37:
1f:9f:e7:11:3a:2a:84:48:de:35:19:46:66:86:26:50:8f:0d:
01:eb:3c:ed:3b:66:33:02:b5:0b:36:a8:12:cf:b4:a6:c5:4f:
6a:fb:c5:7f:bd:29:40:18:46:42:d5:91:31:03:52:63:97:3c:
f1:e5:7c:94:ee:09:6b:ce:6e:d8:f9:0d:30:0a:f2:9d:be:d3:
b6:17:3e:78:9a:aa:65:dd:32:2b:c7:1a:15:bf:91:ce:df:e1:
7d:4d:a6:ba:30:02:b7:25:3c:4a:c6:82:96:30:04:fc:88:ab:
56:30:e6:5d:96:04:37:b7:e9:f9:56:e2:54:b8:6e:93:e5:ad:
96:6f:3d:a4:7f:1e:c5:32:19:f7:72:b8:b8:2b:0b:3b:a3:68:
57:f9:df:3f:96:a3:76:e6:19:76:35:ca:90:71:b5:42:a7:b3:
e6:65:c7:dd:e5:56:15:a8:47:b2:cc:6a:bc:dc:2c:42:27:85:
8d:93:73:9e:03:e7:6a:af:5a:61:8f:92:86:ed:fb:33:1a:b6:
2c:45:f2:f2:4c:86:b9:c1:93:44:db:cc:81:48:c3:f1:06:ad:
31:1e:a6:9c:25:39:be:bf:21:81:5e:ae:3c:b1:a3:cd:32:f1:
a3:7b:55:6d
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgICZuwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNTA2MDEx
MzExNThaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDcxQzBGMkU5MzMxODlC
RDcyNkUwNTQ2Mzg4Q0Y5QkQyOTEzMUI3M0YwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDYOy8oIi0BPaHgCRgMrcw28X3RuMSzoGHppZGnDAM+wmnBy3az
lFVDa9+5lwqZZKD3r6mB7jcdTm9648te3sX/L+XiSmJZIdZwJBB6TBkkdQQ7S4Mu
xVziLbdMYtsNnJhxii+/wDFRWLog01Oa4ac9nYtstRX+BZIPQOWr83kFVXiiA60K
JSdMDFfYAuL4UfXHPI9Kpog7lPUMOJJM52y+tZ5ftTs8yQ5gxylNOtew5zAajrwo
ugPo6S4OTGqrmMRsC2nqCdmrUgjHf5zTMIvruI+hvEqkA8/FGTYbnXQ/xRkzTroU
rddZF6F/9yh1KQPASksd2H989SCX+Ty7wY9nAgMBAAGjggI0MIICMDAdBgNVHQ4E
FgQUccDy6TMYm9cm4FRjiM+b0pExtz8wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2NjRHk2VE1ZbTljbTRG
UmppTS1iMHBFeHR6OC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwYgYIKwYBBQUHAQcBAf8EUzBRME8EAgABMEkD
BAIr7zADBAMr9gAwDAMEAiv2DAMEBCv2IDAMAwQCK/Y0AwQCK/ZgAwQCZyMwMAsD
AwJn7AMEA2fsEDAMAwQCZ+wcAwQCZ+xgMA0GCSqGSIb3DQEBCwUAA4IBAQAdBlpg
8oRFJzTlA9UawPmmIjcfn+cROiqESN41GUZmhiZQjw0B6zztO2YzArULNqgSz7Sm
xU9q+8V/vSlAGEZC1ZExA1Jjlzzx5XyU7glrzm7Y+Q0wCvKdvtO2Fz54mqpl3TIr
xxoVv5HO3+F9Taa6MAK3JTxKxoKWMAT8iKtWMOZdlgQ3t+n5VuJUuG6T5a2Wbz2k
fx7FMhn3cri4Kws7o2hX+d8/lqN25hl2NcqQcbVCp7PmZcfd5VYVqEeyzGq83CxC
J4WNk3OeA+dqr1phj5KG7fszGrYsRfLyTIa5wZNE28yBSMPxBq0xHqacJTm+vyGB
Xq48saPNMvGje1Vt
-----END CERTIFICATE-----
Generated at Wed Jun 4 01:01:57 2025 by rpki-client