Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/cwBQ812kARLHC79z3ZlWD54bHiY.roa
File: cwBQ812kARLHC79z3ZlWD54bHiY.roa (raw, json)
Hash identifier: fVVpDI6xaTA7pkeITPHgg2uA1PHHTQGSnqFM1K+Lm8E=
Subject key identifier: 73:00:50:F3:5D:A4:01:12:C7:0B:BF:73:DD:99:56:0F:9E:1B:1E:26
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 6360
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/cwBQ812kARLHC79z3ZlWD54bHiY.roa
Signing time: Fri 23 May 2025 02:10:52 +0000
ROA not before: Fri 23 May 2025 02:10:52 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 24426
IP address blocks: 43.239.48.0/22 maxlen: 22
43.246.0.0/22 maxlen: 22
43.246.4.0/22 maxlen: 22
43.246.12.0/22 maxlen: 22
43.246.16.0/22 maxlen: 22
43.246.20.0/22 maxlen: 22
43.246.24.0/22 maxlen: 22
43.246.28.0/22 maxlen: 22
43.246.32.0/22 maxlen: 22
43.246.36.0/22 maxlen: 22
43.246.40.0/22 maxlen: 22
43.246.44.0/22 maxlen: 22
43.246.52.0/22 maxlen: 22
43.246.56.0/22 maxlen: 22
43.246.60.0/22 maxlen: 22
43.246.64.0/22 maxlen: 22
43.246.68.0/22 maxlen: 22
43.246.72.0/22 maxlen: 22
43.246.76.0/22 maxlen: 22
43.246.80.0/22 maxlen: 22
43.246.84.0/22 maxlen: 22
43.246.88.0/22 maxlen: 22
43.246.92.0/22 maxlen: 22
43.246.96.0/22 maxlen: 22
103.35.48.0/22 maxlen: 22
103.236.0.0/22 maxlen: 22
103.236.4.0/22 maxlen: 22
103.236.8.0/22 maxlen: 22
103.236.12.0/22 maxlen: 22
103.236.16.0/22 maxlen: 22
103.236.20.0/22 maxlen: 22
103.236.28.0/22 maxlen: 22
103.236.32.0/22 maxlen: 22
103.236.36.0/22 maxlen: 22
103.236.40.0/22 maxlen: 22
103.236.44.0/22 maxlen: 22
103.236.48.0/22 maxlen: 22
103.236.52.0/22 maxlen: 22
103.236.56.0/22 maxlen: 22
103.236.60.0/22 maxlen: 22
103.236.64.0/22 maxlen: 22
103.236.68.0/22 maxlen: 22
103.236.72.0/22 maxlen: 22
103.236.76.0/22 maxlen: 22
103.236.80.0/22 maxlen: 22
103.236.84.0/22 maxlen: 22
103.236.88.0/22 maxlen: 22
103.236.92.0/22 maxlen: 22
103.236.96.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 25440 (0x6360)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 23 02:10:52 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=730050F35DA40112C70BBF73DD99560F9E1B1E26
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:5f:25:58:5c:fd:07:24:6a:f9:ad:51:36:c3:
82:cf:d2:a9:c0:2e:2f:ae:3d:05:e0:8c:0f:37:23:
7a:a8:7a:bd:92:a8:03:a0:06:66:71:72:16:b7:04:
c9:a4:43:7b:42:d4:a9:cb:56:8d:7e:ab:c4:71:85:
28:bf:40:5e:94:3b:c6:f5:ab:9e:ea:1e:d7:ac:51:
5d:5d:36:8e:f8:72:5c:73:b3:23:fa:1c:a1:34:61:
d8:48:06:50:0b:ee:cc:d0:0e:14:c5:37:d1:64:76:
79:48:38:1d:33:06:31:86:59:f3:fb:7b:d3:10:50:
e5:f5:26:fd:3c:05:dd:bd:12:75:b0:d2:fd:e3:e0:
da:44:38:a9:32:75:f6:be:be:52:5d:a6:54:01:8d:
e8:a7:62:ae:b6:b1:e7:8b:a2:72:6b:40:c0:52:6a:
d6:2a:c6:9d:a3:b9:5c:63:20:ea:ee:42:66:30:08:
cd:4f:68:50:c0:d3:31:f1:a6:88:b5:d7:97:ff:90:
52:64:45:c2:52:d6:8a:0c:d2:9b:81:77:2b:b9:78:
0d:f7:71:2f:18:52:4b:c5:7a:58:43:8b:21:ce:ed:
7b:17:e6:73:41:39:05:ce:04:35:8f:5a:eb:a7:14:
09:44:3c:ca:13:9b:35:03:21:dd:2e:a8:f2:41:9a:
3c:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:00:50:F3:5D:A4:01:12:C7:0B:BF:73:DD:99:56:0F:9E:1B:1E:26
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/cwBQ812kARLHC79z3ZlWD54bHiY.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.48.0/22
43.246.0.0/21
43.246.12.0-43.246.47.255
43.246.52.0-43.246.99.255
103.35.48.0/22
103.236.0.0-103.236.23.255
103.236.28.0-103.236.99.255
Signature Algorithm: sha256WithRSAEncryption
7f:97:46:26:ff:8a:dc:de:37:f0:ba:4c:0d:18:28:e5:ce:5e:
17:46:1f:0d:e8:8a:66:e3:af:04:2a:b4:60:3d:4d:44:d5:57:
76:a9:17:68:39:8b:4f:10:f4:d1:9f:2a:ee:5e:a8:b8:12:08:
fc:2a:48:8d:0e:c1:b7:02:d7:23:49:41:ef:2f:77:31:17:70:
2e:eb:1a:d9:4b:a2:63:42:4b:1c:0b:d1:0c:f0:c9:f7:f5:89:
5f:31:7e:41:53:38:9a:4e:a1:4e:6e:18:aa:59:5f:ee:11:5d:
8a:8a:a4:72:ed:19:60:ec:06:ba:11:57:16:a0:36:be:3b:64:
e8:12:cf:b1:87:3d:08:f1:7a:4d:76:97:73:3f:6b:94:3c:b3:
45:3e:f4:17:18:f3:02:f8:1a:d1:81:c4:35:d2:42:12:51:cd:
00:9e:48:ce:47:b8:b9:8d:d9:87:79:3b:8b:ee:41:4f:bc:6d:
4e:0c:ee:05:f2:d1:dd:6c:6c:71:fa:cb:5d:98:c6:e9:dd:d7:
ad:33:5d:09:24:f5:12:9a:75:24:a1:5d:4c:74:9a:40:59:26:
93:54:29:2e:28:1b:0a:29:b5:f9:09:3a:4c:68:f6:81:44:95:
8e:d3:03:8d:94:00:7f:d5:ad:27:0c:32:07:b9:7a:84:3d:e0:
86:08:a3:4c
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgICY2AwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNTA1MjMw
MjEwNTJaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDczMDA1MEYzNURBNDAx
MTJDNzBCQkY3M0REOTk1NjBGOUUxQjFFMjYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDLXyVYXP0HJGr5rVE2w4LP0qnALi+uPQXgjA83I3qoer2SqAOg
BmZxcha3BMmkQ3tC1KnLVo1+q8RxhSi/QF6UO8b1q57qHtesUV1dNo74clxzsyP6
HKE0YdhIBlAL7szQDhTFN9FkdnlIOB0zBjGGWfP7e9MQUOX1Jv08Bd29EnWw0v3j
4NpEOKkydfa+vlJdplQBjeinYq62seeLonJrQMBSatYqxp2juVxjIOruQmYwCM1P
aFDA0zHxpoi115f/kFJkRcJS1ooM0puBdyu5eA33cS8YUkvFelhDiyHO7XsX5nNB
OQXOBDWPWuunFAlEPMoTmzUDId0uqPJBmjxZAgMBAAGjggI0MIICMDAdBgNVHQ4E
FgQUcwBQ812kARLHC79z3ZlWD54bHiYwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2N3QlE4MTJrQVJMSEM3
OXozWmxXRDU0YkhpWS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwYgYIKwYBBQUHAQcBAf8EUzBRME8EAgABMEkD
BAIr7zADBAMr9gAwDAMEAiv2DAMEBCv2IDAMAwQCK/Y0AwQCK/ZgAwQCZyMwMAsD
AwJn7AMEA2fsEDAMAwQCZ+wcAwQCZ+xgMA0GCSqGSIb3DQEBCwUAA4IBAQB/l0Ym
/4rc3jfwukwNGCjlzl4XRh8N6Ipm468EKrRgPU1E1Vd2qRdoOYtPEPTRnyruXqi4
Egj8KkiNDsG3AtcjSUHvL3cxF3Au6xrZS6JjQkscC9EM8Mn39YlfMX5BUziaTqFO
bhiqWV/uEV2KiqRy7Rlg7Aa6EVcWoDa+O2ToEs+xhz0I8XpNdpdzP2uUPLNFPvQX
GPMC+BrRgcQ10kISUc0AnkjOR7i5jdmHeTuL7kFPvG1ODO4F8tHdbGxx+stdmMbp
3detM10JJPUSmnUkoV1MdJpAWSaTVCkuKBsKKbX5CTpMaPaBRJWO0wONlAB/1a0n
DDIHuXqEPeCGCKNM
-----END CERTIFICATE-----
Generated at Wed Jun 4 01:21:27 2025 by rpki-client