Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/cmC6vDU22Umoaf7ydi9u_ne2dcY.roa
File: cmC6vDU22Umoaf7ydi9u_ne2dcY.roa (raw, json)
Hash identifier: j2NjyvSqZcwBN97q9w3Jx4B361VDv1WVxMgCH/F5hd8=
Subject key identifier: 72:60:BA:BC:35:36:D9:49:A8:69:FE:F2:76:2F:6E:FE:77:B6:75:C6
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 75A4
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/cmC6vDU22Umoaf7ydi9u_ne2dcY.roa
Signing time: Fri 11 Jul 2025 00:45:12 +0000
ROA not before: Fri 11 Jul 2025 00:45:12 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 24426
IP address blocks: 43.239.48.0/22 maxlen: 22
43.246.0.0/22 maxlen: 22
43.246.4.0/22 maxlen: 22
43.246.12.0/22 maxlen: 22
43.246.16.0/22 maxlen: 22
43.246.20.0/22 maxlen: 22
43.246.24.0/22 maxlen: 22
43.246.28.0/22 maxlen: 22
43.246.32.0/22 maxlen: 22
43.246.36.0/22 maxlen: 22
43.246.40.0/22 maxlen: 22
43.246.44.0/22 maxlen: 22
43.246.52.0/22 maxlen: 22
43.246.56.0/22 maxlen: 22
43.246.60.0/22 maxlen: 22
43.246.64.0/22 maxlen: 22
43.246.68.0/22 maxlen: 22
43.246.72.0/22 maxlen: 22
43.246.76.0/22 maxlen: 22
43.246.80.0/22 maxlen: 22
43.246.84.0/22 maxlen: 22
43.246.88.0/22 maxlen: 22
43.246.92.0/22 maxlen: 22
43.246.96.0/22 maxlen: 22
103.35.48.0/22 maxlen: 22
103.236.0.0/22 maxlen: 22
103.236.4.0/22 maxlen: 22
103.236.8.0/22 maxlen: 22
103.236.12.0/22 maxlen: 22
103.236.16.0/22 maxlen: 22
103.236.20.0/22 maxlen: 22
103.236.28.0/22 maxlen: 22
103.236.32.0/22 maxlen: 22
103.236.36.0/22 maxlen: 22
103.236.40.0/22 maxlen: 22
103.236.44.0/22 maxlen: 22
103.236.48.0/22 maxlen: 22
103.236.52.0/22 maxlen: 22
103.236.56.0/22 maxlen: 22
103.236.60.0/22 maxlen: 22
103.236.64.0/22 maxlen: 22
103.236.68.0/22 maxlen: 22
103.236.72.0/22 maxlen: 22
103.236.76.0/22 maxlen: 22
103.236.80.0/22 maxlen: 22
103.236.84.0/22 maxlen: 22
103.236.88.0/22 maxlen: 22
103.236.92.0/22 maxlen: 22
103.236.96.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 30116 (0x75a4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Jul 11 00:45:12 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=7260BABC3536D949A869FEF2762F6EFE77B675C6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:ae:80:10:a8:c0:ca:7d:d4:b2:a0:ef:a4:cb:
5b:1a:07:a8:a8:df:09:c8:a1:4c:8c:74:f4:c2:a0:
ab:85:9e:28:16:c2:1d:ee:d0:a9:03:d4:6e:99:72:
65:ff:dd:a8:99:de:69:1d:a9:8a:cd:14:f1:58:97:
ac:7a:d3:ac:42:68:47:5a:53:85:b5:29:e4:6a:dc:
96:c0:13:d9:69:d6:a3:85:6f:87:ef:4b:e1:bf:84:
53:76:c8:7b:8a:04:77:28:c2:03:7b:ea:2b:61:cd:
3e:99:36:d5:8c:8d:b3:25:ef:42:5b:1a:47:23:b6:
4c:cd:05:3f:59:39:8f:7b:53:8b:26:8a:6c:e2:59:
f2:ce:7b:f4:fe:ba:1a:c5:b1:dd:83:08:ef:3a:3c:
34:78:92:46:f7:15:a5:80:2c:ea:ec:76:3f:cd:ec:
b2:ae:f5:0d:90:48:92:3a:dd:e7:b1:68:bd:53:0e:
ea:4e:9a:fc:56:8d:6a:2d:2a:f3:d0:1b:f8:8e:ff:
dc:fe:13:47:e0:a8:cc:5b:38:dd:bb:34:7f:79:bb:
8a:bd:ee:cb:3b:2f:f4:22:80:b5:44:eb:dc:b4:b1:
6a:c8:0c:32:41:cf:ea:bb:82:f2:92:cf:91:12:b7:
0b:75:4a:04:8d:a5:0c:7c:72:67:dc:7f:a4:80:7f:
3a:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:60:BA:BC:35:36:D9:49:A8:69:FE:F2:76:2F:6E:FE:77:B6:75:C6
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/cmC6vDU22Umoaf7ydi9u_ne2dcY.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.48.0/22
43.246.0.0/21
43.246.12.0-43.246.47.255
43.246.52.0-43.246.99.255
103.35.48.0/22
103.236.0.0-103.236.23.255
103.236.28.0-103.236.99.255
Signature Algorithm: sha256WithRSAEncryption
38:7b:fa:31:58:37:6c:ad:e8:8d:3f:96:91:0c:75:d3:e1:33:
8b:da:36:b1:47:29:68:a9:10:ad:f0:06:4c:c0:3b:c2:5a:1c:
bd:07:33:86:ce:17:e4:b6:a7:67:d8:fd:48:3a:d6:8e:b3:cb:
ce:6c:81:cd:af:10:28:ed:90:28:b0:49:fb:cc:0b:73:e4:e1:
3f:8c:1a:27:1f:b6:91:d1:71:ec:cc:65:e3:84:a7:93:b2:3d:
90:82:19:2f:7a:77:d2:06:53:10:32:ef:b8:cb:7d:f5:5e:50:
11:8a:e6:f8:5a:14:c6:9f:51:61:54:c0:e1:af:40:66:75:aa:
58:c5:58:94:a9:31:19:8e:6a:84:5e:7a:16:3a:7c:3a:2b:79:
a9:eb:47:d5:a8:1b:85:3f:b0:a8:91:bb:24:2b:4c:59:a2:23:
95:73:e9:b5:72:52:cb:4a:ac:40:5e:90:dd:82:f6:02:8a:4b:
02:8a:5c:cc:1b:02:ce:7c:93:0d:5d:d7:9f:96:d0:c6:99:76:
42:f3:7c:dd:28:62:64:ed:a3:e4:0f:4f:96:90:ef:e7:52:00:
22:3c:21:e9:dd:77:63:09:48:6c:88:b9:46:ac:c1:cd:70:79:
6d:70:d9:80:90:e5:7a:f9:20:08:35:30:78:d8:81:2f:39:ca:
31:be:9b:57
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgICdaQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNTA3MTEw
MDQ1MTJaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDcyNjBCQUJDMzUzNkQ5
NDlBODY5RkVGMjc2MkY2RUZFNzdCNjc1QzYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC/roAQqMDKfdSyoO+ky1saB6io3wnIoUyMdPTCoKuFnigWwh3u
0KkD1G6ZcmX/3aiZ3mkdqYrNFPFYl6x606xCaEdaU4W1KeRq3JbAE9lp1qOFb4fv
S+G/hFN2yHuKBHcowgN76ithzT6ZNtWMjbMl70JbGkcjtkzNBT9ZOY97U4smimzi
WfLOe/T+uhrFsd2DCO86PDR4kkb3FaWALOrsdj/N7LKu9Q2QSJI63eexaL1TDupO
mvxWjWotKvPQG/iO/9z+E0fgqMxbON27NH95u4q97ss7L/QigLVE69y0sWrIDDJB
z+q7gvKSz5EStwt1SgSNpQx8cmfcf6SAfzoLAgMBAAGjggI0MIICMDAdBgNVHQ4E
FgQUcmC6vDU22Umoaf7ydi9u/ne2dcYwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2NtQzZ2RFUyMlVtb2Fm
N3lkaTl1X25lMmRjWS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwYgYIKwYBBQUHAQcBAf8EUzBRME8EAgABMEkD
BAIr7zADBAMr9gAwDAMEAiv2DAMEBCv2IDAMAwQCK/Y0AwQCK/ZgAwQCZyMwMAsD
AwJn7AMEA2fsEDAMAwQCZ+wcAwQCZ+xgMA0GCSqGSIb3DQEBCwUAA4IBAQA4e/ox
WDdsreiNP5aRDHXT4TOL2jaxRyloqRCt8AZMwDvCWhy9BzOGzhfktqdn2P1IOtaO
s8vObIHNrxAo7ZAosEn7zAtz5OE/jBonH7aR0XHszGXjhKeTsj2QghkvenfSBlMQ
Mu+4y331XlARiub4WhTGn1FhVMDhr0BmdapYxViUqTEZjmqEXnoWOnw6K3mp60fV
qBuFP7CokbskK0xZoiOVc+m1clLLSqxAXpDdgvYCiksCilzMGwLOfJMNXdefltDG
mXZC83zdKGJk7aPkD0+WkO/nUgAiPCHp3XdjCUhsiLlGrMHNcHltcNmAkOV6+SAI
NTB42IEvOcoxvptX
-----END CERTIFICATE-----
Generated at Sun Jul 20 12:55:41 2025 by rpki-client