Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/cvRF57O8AMWAZ-797Y076mjw5SE.roa
File: cvRF57O8AMWAZ-797Y076mjw5SE.roa (raw, json)
Hash identifier: nwgo1E2ixgPmFhlsqB9aDhyeRPfepZWVhLtoQuqnneA=
Subject key identifier: 72:F4:45:E7:B3:BC:00:C5:80:67:EE:FD:ED:8D:3B:EA:68:F0:E5:21
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 69D2
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/cvRF57O8AMWAZ-797Y076mjw5SE.roa
Signing time: Mon 09 Jun 2025 06:41:57 +0000
ROA not before: Mon 09 Jun 2025 06:41:57 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 24426
IP address blocks: 43.239.48.0/22 maxlen: 22
43.246.0.0/22 maxlen: 22
43.246.4.0/22 maxlen: 22
43.246.12.0/22 maxlen: 22
43.246.16.0/22 maxlen: 22
43.246.20.0/22 maxlen: 22
43.246.24.0/22 maxlen: 22
43.246.28.0/22 maxlen: 22
43.246.32.0/22 maxlen: 22
43.246.36.0/22 maxlen: 22
43.246.40.0/22 maxlen: 22
43.246.44.0/22 maxlen: 22
43.246.52.0/22 maxlen: 22
43.246.56.0/22 maxlen: 22
43.246.60.0/22 maxlen: 22
43.246.64.0/22 maxlen: 22
43.246.68.0/22 maxlen: 22
43.246.72.0/22 maxlen: 22
43.246.76.0/22 maxlen: 22
43.246.80.0/22 maxlen: 22
43.246.84.0/22 maxlen: 22
43.246.88.0/22 maxlen: 22
43.246.92.0/22 maxlen: 22
43.246.96.0/22 maxlen: 22
103.35.48.0/22 maxlen: 22
103.236.0.0/22 maxlen: 22
103.236.4.0/22 maxlen: 22
103.236.8.0/22 maxlen: 22
103.236.12.0/22 maxlen: 22
103.236.16.0/22 maxlen: 22
103.236.20.0/22 maxlen: 22
103.236.28.0/22 maxlen: 22
103.236.32.0/22 maxlen: 22
103.236.36.0/22 maxlen: 22
103.236.40.0/22 maxlen: 22
103.236.44.0/22 maxlen: 22
103.236.48.0/22 maxlen: 22
103.236.52.0/22 maxlen: 22
103.236.56.0/22 maxlen: 22
103.236.60.0/22 maxlen: 22
103.236.64.0/22 maxlen: 22
103.236.68.0/22 maxlen: 22
103.236.72.0/22 maxlen: 22
103.236.76.0/22 maxlen: 22
103.236.80.0/22 maxlen: 22
103.236.84.0/22 maxlen: 22
103.236.88.0/22 maxlen: 22
103.236.92.0/22 maxlen: 22
103.236.96.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 27090 (0x69d2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Jun 9 06:41:57 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=72F445E7B3BC00C58067EEFDED8D3BEA68F0E521
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:25:b0:39:0b:31:5a:cc:d1:39:38:02:01:30:
5f:ce:34:27:d2:d1:ce:53:b2:f7:d8:f4:d9:c6:b1:
bb:97:5c:49:03:a0:11:bc:ce:19:e4:f3:ac:1b:14:
a2:b3:95:9f:0d:0b:9b:c1:05:0c:8b:8d:0d:36:03:
3d:1e:41:a8:b2:88:bb:08:a5:42:32:ef:3d:1d:4b:
38:f8:db:a2:2f:1c:ac:69:8d:b2:c7:7b:62:c0:f4:
f9:83:df:fa:f3:c5:0d:78:e8:b3:d7:c8:83:a2:2b:
44:33:a3:12:a8:21:4a:b7:af:8b:a3:1c:20:95:32:
e8:c2:26:69:51:03:a0:34:e3:ee:39:a2:9a:5f:b8:
dd:61:77:61:45:97:17:7b:1d:0d:d0:57:89:64:02:
ba:d1:51:e4:b4:79:1f:6d:ba:56:fe:11:5c:1f:3e:
5b:30:2d:b9:25:e9:88:b9:bd:be:3d:77:0c:64:0e:
4a:d1:85:8f:ac:a5:f1:31:02:39:94:70:35:6e:d1:
63:fd:39:83:58:ef:0b:1c:86:db:50:99:12:ba:23:
03:01:c9:b0:12:f0:e9:e1:a5:20:de:91:25:81:0e:
b7:77:7d:ef:a5:5d:3e:96:83:20:e7:dd:88:78:1a:
91:71:f8:a1:13:bc:02:2c:7f:e6:a3:04:f0:f3:cb:
c9:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:F4:45:E7:B3:BC:00:C5:80:67:EE:FD:ED:8D:3B:EA:68:F0:E5:21
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/cvRF57O8AMWAZ-797Y076mjw5SE.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.48.0/22
43.246.0.0/21
43.246.12.0-43.246.47.255
43.246.52.0-43.246.99.255
103.35.48.0/22
103.236.0.0-103.236.23.255
103.236.28.0-103.236.99.255
Signature Algorithm: sha256WithRSAEncryption
a3:53:d9:82:64:8f:e1:a4:d9:a6:61:a5:42:dc:00:b7:93:ee:
46:fb:f1:ad:0e:8d:24:51:98:74:97:57:2a:8e:f6:fb:5c:3a:
25:2e:0d:0d:8f:3f:35:05:1b:90:7c:88:93:0e:19:e9:28:e7:
6b:83:5c:2a:d9:23:6c:75:c2:e1:f8:27:6b:1b:80:d8:d0:f4:
cc:8b:1d:5b:7b:80:2e:12:63:4f:ec:39:8e:bd:60:83:f5:7e:
21:cd:9e:6f:ae:0d:c3:48:19:c1:c9:10:68:d0:19:22:d2:b6:
6b:34:22:f3:db:6b:18:68:eb:d4:6f:b5:88:d3:5f:eb:0e:ee:
4f:33:c6:ad:2d:80:8a:e3:fe:eb:76:b2:1e:a2:44:e1:a5:19:
ab:20:95:4b:d1:bd:d4:d0:9f:8c:2f:40:6b:36:65:f3:29:72:
95:a6:0a:65:30:d1:68:78:cf:a4:06:2e:e6:19:e6:e5:51:21:
74:1c:22:23:78:b6:8d:07:f6:c9:b7:d6:85:8a:15:b9:7e:76:
07:b0:5c:6f:b3:77:37:fa:f9:2b:fb:70:54:17:4a:a3:40:46:
70:f8:c4:e7:f4:43:6c:95:b6:44:fe:73:f4:bc:63:76:4f:40:
20:40:6b:17:be:8d:e1:fc:39:6d:85:5a:69:f9:17:14:54:31:
d0:f1:8d:d5
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgICadIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNTA2MDkw
NjQxNTdaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDcyRjQ0NUU3QjNCQzAw
QzU4MDY3RUVGREVEOEQzQkVBNjhGMEU1MjEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDBJbA5CzFazNE5OAIBMF/ONCfS0c5TsvfY9NnGsbuXXEkDoBG8
zhnk86wbFKKzlZ8NC5vBBQyLjQ02Az0eQaiyiLsIpUIy7z0dSzj426IvHKxpjbLH
e2LA9PmD3/rzxQ146LPXyIOiK0QzoxKoIUq3r4ujHCCVMujCJmlRA6A04+45oppf
uN1hd2FFlxd7HQ3QV4lkArrRUeS0eR9tulb+EVwfPlswLbkl6Yi5vb49dwxkDkrR
hY+spfExAjmUcDVu0WP9OYNY7wschttQmRK6IwMBybAS8OnhpSDekSWBDrd3fe+l
XT6WgyDn3Yh4GpFx+KETvAIsf+ajBPDzy8nfAgMBAAGjggI0MIICMDAdBgNVHQ4E
FgQUcvRF57O8AMWAZ+797Y076mjw5SEwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2N2UkY1N084QU1XQVot
Nzk3WTA3Nm1qdzVTRS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwYgYIKwYBBQUHAQcBAf8EUzBRME8EAgABMEkD
BAIr7zADBAMr9gAwDAMEAiv2DAMEBCv2IDAMAwQCK/Y0AwQCK/ZgAwQCZyMwMAsD
AwJn7AMEA2fsEDAMAwQCZ+wcAwQCZ+xgMA0GCSqGSIb3DQEBCwUAA4IBAQCjU9mC
ZI/hpNmmYaVC3AC3k+5G+/GtDo0kUZh0l1cqjvb7XDolLg0Njz81BRuQfIiTDhnp
KOdrg1wq2SNsdcLh+CdrG4DY0PTMix1be4AuEmNP7DmOvWCD9X4hzZ5vrg3DSBnB
yRBo0Bki0rZrNCLz22sYaOvUb7WI01/rDu5PM8atLYCK4/7rdrIeokThpRmrIJVL
0b3U0J+ML0BrNmXzKXKVpgplMNFoeM+kBi7mGeblUSF0HCIjeLaNB/bJt9aFihW5
fnYHsFxvs3c3+vkr+3BUF0qjQEZw+MTn9ENslbZE/nP0vGN2T0AgQGsXvo3h/Dlt
hVpp+RcUVDHQ8Y3V
-----END CERTIFICATE-----
Generated at Sun Jul 20 16:34:51 2025 by rpki-client