Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/daJfmWdKa0Px-7TR4MnUOea3x7U.roa
File: daJfmWdKa0Px-7TR4MnUOea3x7U.roa (raw, json)
Hash identifier: g/lRWwdPuQXDJIGrJ6f+KB+xOvT+3JWnY73tgl+m6AA=
Subject key identifier: 75:A2:5F:99:67:4A:6B:43:F1:FB:B4:D1:E0:C9:D4:39:E6:B7:C7:B5
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 7654
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/daJfmWdKa0Px-7TR4MnUOea3x7U.roa
Signing time: Sat 12 Jul 2025 21:11:48 +0000
ROA not before: Sat 12 Jul 2025 21:11:48 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 24426
IP address blocks: 43.239.48.0/22 maxlen: 22
43.246.0.0/22 maxlen: 22
43.246.4.0/22 maxlen: 22
43.246.12.0/22 maxlen: 22
43.246.16.0/22 maxlen: 22
43.246.20.0/22 maxlen: 22
43.246.24.0/22 maxlen: 22
43.246.28.0/22 maxlen: 22
43.246.32.0/22 maxlen: 22
43.246.36.0/22 maxlen: 22
43.246.40.0/22 maxlen: 22
43.246.44.0/22 maxlen: 22
43.246.52.0/22 maxlen: 22
43.246.56.0/22 maxlen: 22
43.246.60.0/22 maxlen: 22
43.246.64.0/22 maxlen: 22
43.246.68.0/22 maxlen: 22
43.246.72.0/22 maxlen: 22
43.246.76.0/22 maxlen: 22
43.246.80.0/22 maxlen: 22
43.246.84.0/22 maxlen: 22
43.246.88.0/22 maxlen: 22
43.246.92.0/22 maxlen: 22
43.246.96.0/22 maxlen: 22
103.35.48.0/22 maxlen: 22
103.236.0.0/22 maxlen: 22
103.236.4.0/22 maxlen: 22
103.236.8.0/22 maxlen: 22
103.236.12.0/22 maxlen: 22
103.236.16.0/22 maxlen: 22
103.236.20.0/22 maxlen: 22
103.236.28.0/22 maxlen: 22
103.236.32.0/22 maxlen: 22
103.236.36.0/22 maxlen: 22
103.236.40.0/22 maxlen: 22
103.236.44.0/22 maxlen: 22
103.236.48.0/22 maxlen: 22
103.236.52.0/22 maxlen: 22
103.236.56.0/22 maxlen: 22
103.236.60.0/22 maxlen: 22
103.236.64.0/22 maxlen: 22
103.236.68.0/22 maxlen: 22
103.236.72.0/22 maxlen: 22
103.236.76.0/22 maxlen: 22
103.236.80.0/22 maxlen: 22
103.236.84.0/22 maxlen: 22
103.236.88.0/22 maxlen: 22
103.236.92.0/22 maxlen: 22
103.236.96.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 30292 (0x7654)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Jul 12 21:11:48 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=75A25F99674A6B43F1FBB4D1E0C9D439E6B7C7B5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:09:fd:5c:6d:bc:95:5a:7a:d7:2d:a0:e6:e4:
a2:c8:bf:ff:d9:e1:ef:37:69:fa:76:ce:88:d4:d1:
21:1b:af:2c:41:69:9b:c5:3a:c9:1a:b4:a5:1b:95:
8d:df:5f:d4:41:fb:86:c9:1e:98:97:c2:88:c5:e6:
60:b4:40:e0:0c:75:64:ab:89:3a:27:cd:34:81:b1:
99:c6:48:7f:8b:38:4f:f2:90:b8:11:8f:00:1d:34:
ff:38:54:83:c4:2e:cd:15:64:36:71:be:9f:6e:0d:
0a:d2:ca:04:b8:b5:d2:0b:93:b9:1b:54:e6:6d:10:
f0:96:c6:8e:0f:9c:2d:30:77:e8:5b:e2:86:dc:1f:
12:49:35:66:4a:2f:e7:ac:a2:06:78:fa:0d:12:6f:
14:46:7f:86:16:bc:d5:76:be:07:35:4d:05:7c:b7:
e9:5f:64:c8:24:01:77:45:da:35:be:58:d3:dc:61:
12:56:43:eb:9d:c6:92:77:47:14:c3:e6:d5:62:61:
f7:a7:3c:ae:ce:2a:b2:fb:b5:c5:0f:ef:8d:14:fd:
78:5a:27:03:1f:c3:0b:40:e2:51:a6:2e:29:dc:b5:
de:b5:fc:3d:3f:6a:ab:6b:dc:79:1f:7c:eb:a1:85:
be:9a:d8:97:16:b1:80:82:e3:12:d8:6d:78:de:5d:
55:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:A2:5F:99:67:4A:6B:43:F1:FB:B4:D1:E0:C9:D4:39:E6:B7:C7:B5
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/daJfmWdKa0Px-7TR4MnUOea3x7U.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.48.0/22
43.246.0.0/21
43.246.12.0-43.246.47.255
43.246.52.0-43.246.99.255
103.35.48.0/22
103.236.0.0-103.236.23.255
103.236.28.0-103.236.99.255
Signature Algorithm: sha256WithRSAEncryption
6b:22:67:59:71:4a:c4:8d:f9:0c:ae:ea:47:39:31:03:04:bc:
c4:26:48:0e:3d:9e:78:13:99:27:b8:54:ce:51:5a:40:b7:c1:
2c:0a:17:1b:39:ce:4c:ca:e3:14:3b:25:cd:ef:0d:77:1d:94:
ce:67:9c:78:bb:c8:4b:33:1e:70:1e:4d:a2:48:fe:56:40:c7:
04:7f:55:cd:a3:48:16:09:6b:52:60:82:a3:8a:08:2b:eb:d9:
28:09:f8:61:54:c3:71:e9:0f:49:76:b9:a5:43:27:fb:4c:2d:
91:85:19:76:cb:24:10:c8:2c:f4:35:be:9a:f7:2b:f1:c8:06:
89:69:9a:95:f9:c8:98:fa:b3:d1:0a:b9:c9:4e:72:e6:24:e9:
12:3f:3a:28:ca:75:d2:f8:f5:01:36:29:e1:e2:9b:a9:9c:66:
47:5a:e3:e4:b6:57:32:12:18:5f:a5:4c:d2:3d:01:86:9a:49:
c3:bf:49:06:24:3c:57:1d:a8:75:b9:65:ff:3d:87:6f:e2:d1:
bc:36:86:2d:5b:43:99:7a:c6:9c:c8:57:9d:a7:a3:bb:26:6e:
de:3b:72:8e:43:33:72:42:2b:40:2f:c1:45:05:75:bc:17:b7:
ac:ec:41:d0:c7:64:eb:92:cb:c7:d5:5e:6c:8b:9b:79:a8:72:
af:3b:0f:84
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgICdlQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNTA3MTIy
MTExNDhaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDc1QTI1Rjk5Njc0QTZC
NDNGMUZCQjREMUUwQzlENDM5RTZCN0M3QjUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC9Cf1cbbyVWnrXLaDm5KLIv//Z4e83afp2zojU0SEbryxBaZvF
OskatKUblY3fX9RB+4bJHpiXwojF5mC0QOAMdWSriTonzTSBsZnGSH+LOE/ykLgR
jwAdNP84VIPELs0VZDZxvp9uDQrSygS4tdILk7kbVOZtEPCWxo4PnC0wd+hb4obc
HxJJNWZKL+esogZ4+g0SbxRGf4YWvNV2vgc1TQV8t+lfZMgkAXdF2jW+WNPcYRJW
Q+udxpJ3RxTD5tViYfenPK7OKrL7tcUP740U/XhaJwMfwwtA4lGmLinctd61/D0/
aqtr3HkffOuhhb6a2JcWsYCC4xLYbXjeXVVfAgMBAAGjggI0MIICMDAdBgNVHQ4E
FgQUdaJfmWdKa0Px+7TR4MnUOea3x7UwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2RhSmZtV2RLYTBQeC03
VFI0TW5VT2VhM3g3VS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwYgYIKwYBBQUHAQcBAf8EUzBRME8EAgABMEkD
BAIr7zADBAMr9gAwDAMEAiv2DAMEBCv2IDAMAwQCK/Y0AwQCK/ZgAwQCZyMwMAsD
AwJn7AMEA2fsEDAMAwQCZ+wcAwQCZ+xgMA0GCSqGSIb3DQEBCwUAA4IBAQBrImdZ
cUrEjfkMrupHOTEDBLzEJkgOPZ54E5knuFTOUVpAt8EsChcbOc5MyuMUOyXN7w13
HZTOZ5x4u8hLMx5wHk2iSP5WQMcEf1XNo0gWCWtSYIKjiggr69koCfhhVMNx6Q9J
drmlQyf7TC2RhRl2yyQQyCz0Nb6a9yvxyAaJaZqV+ciY+rPRCrnJTnLmJOkSPzoo
ynXS+PUBNinh4pupnGZHWuPktlcyEhhfpUzSPQGGmknDv0kGJDxXHah1uWX/PYdv
4tG8NoYtW0OZesacyFedp6O7Jm7eO3KOQzNyQitAL8FFBXW8F7es7EHQx2TrksvH
1V5si5t5qHKvOw+E
-----END CERTIFICATE-----
Generated at Sun Jul 20 12:50:45 2025 by rpki-client