Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/dABZDtCZbuznj7CdEM6Dbgxn8cU.roa
File: dABZDtCZbuznj7CdEM6Dbgxn8cU.roa (raw, json)
Hash identifier: cBTnMy5EzNv4NFf16t009gQveICpeVB6veJYOpw9azc=
Subject key identifier: 74:00:59:0E:D0:99:6E:EC:E7:8F:B0:9D:10:CE:83:6E:0C:67:F1:C5
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 7310
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/dABZDtCZbuznj7CdEM6Dbgxn8cU.roa
Signing time: Fri 04 Jul 2025 03:44:52 +0000
ROA not before: Fri 04 Jul 2025 03:44:52 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 24426
IP address blocks: 43.239.48.0/22 maxlen: 22
43.246.0.0/22 maxlen: 22
43.246.4.0/22 maxlen: 22
43.246.12.0/22 maxlen: 22
43.246.16.0/22 maxlen: 22
43.246.20.0/22 maxlen: 22
43.246.24.0/22 maxlen: 22
43.246.28.0/22 maxlen: 22
43.246.32.0/22 maxlen: 22
43.246.36.0/22 maxlen: 22
43.246.40.0/22 maxlen: 22
43.246.44.0/22 maxlen: 22
43.246.52.0/22 maxlen: 22
43.246.56.0/22 maxlen: 22
43.246.60.0/22 maxlen: 22
43.246.64.0/22 maxlen: 22
43.246.68.0/22 maxlen: 22
43.246.72.0/22 maxlen: 22
43.246.76.0/22 maxlen: 22
43.246.80.0/22 maxlen: 22
43.246.84.0/22 maxlen: 22
43.246.88.0/22 maxlen: 22
43.246.92.0/22 maxlen: 22
43.246.96.0/22 maxlen: 22
103.35.48.0/22 maxlen: 22
103.236.0.0/22 maxlen: 22
103.236.4.0/22 maxlen: 22
103.236.8.0/22 maxlen: 22
103.236.12.0/22 maxlen: 22
103.236.16.0/22 maxlen: 22
103.236.20.0/22 maxlen: 22
103.236.28.0/22 maxlen: 22
103.236.32.0/22 maxlen: 22
103.236.36.0/22 maxlen: 22
103.236.40.0/22 maxlen: 22
103.236.44.0/22 maxlen: 22
103.236.48.0/22 maxlen: 22
103.236.52.0/22 maxlen: 22
103.236.56.0/22 maxlen: 22
103.236.60.0/22 maxlen: 22
103.236.64.0/22 maxlen: 22
103.236.68.0/22 maxlen: 22
103.236.72.0/22 maxlen: 22
103.236.76.0/22 maxlen: 22
103.236.80.0/22 maxlen: 22
103.236.84.0/22 maxlen: 22
103.236.88.0/22 maxlen: 22
103.236.92.0/22 maxlen: 22
103.236.96.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 29456 (0x7310)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Jul 4 03:44:52 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=7400590ED0996EECE78FB09D10CE836E0C67F1C5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:d7:b5:d1:f2:53:5f:a8:ee:35:71:be:2d:68:
96:0e:54:b4:7e:9f:e2:07:52:1c:7d:2a:3f:54:9f:
8f:e0:ae:08:92:01:0b:25:70:75:1b:91:4f:5e:7b:
4d:c9:51:e2:05:8d:14:76:31:93:94:6d:4e:d7:d2:
f9:2a:1c:c0:89:68:94:74:07:e5:c0:1b:eb:40:48:
c8:6a:d1:7d:e9:02:f2:76:ab:52:59:8d:e5:2e:76:
3e:e5:35:ec:c9:36:1a:b0:fc:c8:3a:af:38:6b:9f:
36:88:60:b7:6d:be:dd:26:ac:f5:dc:b1:f9:d8:ef:
99:b3:a8:0b:89:8a:b3:f1:4a:2e:5e:88:30:e4:e2:
a6:62:0c:47:e4:c3:82:78:c0:b7:0b:ec:46:d7:ad:
03:d6:dd:2d:80:17:b9:c5:f6:5f:62:6d:ff:67:6b:
5c:b0:b9:0b:db:8f:ec:9a:73:de:bf:4f:cf:a4:ff:
4b:a5:6c:8d:9f:27:90:39:de:b5:57:f2:2f:62:98:
8f:f4:b8:37:ca:7c:03:23:79:bc:14:c0:87:c6:28:
4a:fb:bc:ee:10:09:16:43:04:04:ff:c8:51:08:cb:
99:71:83:a5:53:1a:23:90:c1:36:70:72:0b:10:e2:
8c:a1:c6:a6:12:28:82:22:3b:33:e8:80:bc:77:94:
12:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:00:59:0E:D0:99:6E:EC:E7:8F:B0:9D:10:CE:83:6E:0C:67:F1:C5
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/dABZDtCZbuznj7CdEM6Dbgxn8cU.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.48.0/22
43.246.0.0/21
43.246.12.0-43.246.47.255
43.246.52.0-43.246.99.255
103.35.48.0/22
103.236.0.0-103.236.23.255
103.236.28.0-103.236.99.255
Signature Algorithm: sha256WithRSAEncryption
b9:54:02:21:cb:cc:96:13:8f:e9:71:90:ad:a4:b6:3e:55:83:
9c:66:ef:17:53:63:a9:65:a4:25:9a:aa:c9:e9:4e:8a:32:bd:
20:4a:d5:b1:ab:ca:23:52:1d:06:24:7a:c6:b4:91:3d:c9:1b:
ca:4d:2f:92:50:a3:d4:79:60:2b:a0:6d:b2:5e:cd:ec:f9:b7:
df:40:e1:aa:e0:84:de:3e:7e:73:2b:ae:52:34:3f:bc:f8:8f:
20:60:80:e4:b5:d3:3f:d1:3b:99:de:dc:de:51:42:ac:ee:f5:
71:ef:67:72:1e:59:44:ef:4c:a2:8e:d3:cd:f2:aa:b3:3f:82:
a7:ea:9a:b0:41:5f:2f:39:fd:70:5a:7f:2c:93:71:f0:50:45:
7e:e5:59:89:6a:f0:39:28:b1:1a:0d:ad:82:11:81:40:e7:56:
90:9a:ed:d2:6e:6d:0e:5c:d2:71:af:d8:0e:89:60:fb:0b:10:
12:bd:35:a8:8e:c9:fb:a8:d8:b9:d4:89:a9:0f:7d:ed:f3:39:
40:1b:40:47:75:4b:60:3a:ab:d2:c3:ae:44:ec:e6:a3:a3:6f:
3c:2f:bc:3e:cc:12:7a:19:35:e4:f8:44:63:0c:4b:ed:89:9e:
3a:14:0e:5b:cd:42:0d:e7:0d:ea:e7:67:a5:91:fe:37:be:a6:
62:44:23:5a
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgICcxAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNTA3MDQw
MzQ0NTJaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDc0MDA1OTBFRDA5OTZF
RUNFNzhGQjA5RDEwQ0U4MzZFMEM2N0YxQzUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDt17XR8lNfqO41cb4taJYOVLR+n+IHUhx9Kj9Un4/grgiSAQsl
cHUbkU9ee03JUeIFjRR2MZOUbU7X0vkqHMCJaJR0B+XAG+tASMhq0X3pAvJ2q1JZ
jeUudj7lNezJNhqw/Mg6rzhrnzaIYLdtvt0mrPXcsfnY75mzqAuJirPxSi5eiDDk
4qZiDEfkw4J4wLcL7EbXrQPW3S2AF7nF9l9ibf9na1ywuQvbj+yac96/T8+k/0ul
bI2fJ5A53rVX8i9imI/0uDfKfAMjebwUwIfGKEr7vO4QCRZDBAT/yFEIy5lxg6VT
GiOQwTZwcgsQ4oyhxqYSKIIiOzPogLx3lBIxAgMBAAGjggI0MIICMDAdBgNVHQ4E
FgQUdABZDtCZbuznj7CdEM6Dbgxn8cUwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2RBQlpEdENaYnV6bmo3
Q2RFTTZEYmd4bjhjVS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwYgYIKwYBBQUHAQcBAf8EUzBRME8EAgABMEkD
BAIr7zADBAMr9gAwDAMEAiv2DAMEBCv2IDAMAwQCK/Y0AwQCK/ZgAwQCZyMwMAsD
AwJn7AMEA2fsEDAMAwQCZ+wcAwQCZ+xgMA0GCSqGSIb3DQEBCwUAA4IBAQC5VAIh
y8yWE4/pcZCtpLY+VYOcZu8XU2OpZaQlmqrJ6U6KMr0gStWxq8ojUh0GJHrGtJE9
yRvKTS+SUKPUeWAroG2yXs3s+bffQOGq4ITePn5zK65SND+8+I8gYIDktdM/0TuZ
3tzeUUKs7vVx72dyHllE70yijtPN8qqzP4Kn6pqwQV8vOf1wWn8sk3HwUEV+5VmJ
avA5KLEaDa2CEYFA51aQmu3Sbm0OXNJxr9gOiWD7CxASvTWojsn7qNi51ImpD33t
8zlAG0BHdUtgOqvSw65E7Oajo288L7w+zBJ6GTXk+ERjDEvtiZ46FA5bzUIN5w3q
52elkf43vqZiRCNa
-----END CERTIFICATE-----
Generated at Sun Jul 20 12:50:47 2025 by rpki-client