Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/e0wqD62W_73VOCXimtDr2bQZZcM.roa
File: e0wqD62W_73VOCXimtDr2bQZZcM.roa (raw, json)
Hash identifier: Ztq4+LWQGsVUCbNnKpcv+ZlnlyqvfDmNrKyqlQJ0Hss=
Subject key identifier: 7B:4C:2A:0F:AD:96:FF:BD:D5:38:25:E2:9A:D0:EB:D9:B4:19:65:C3
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 61A8
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/e0wqD62W_73VOCXimtDr2bQZZcM.roa
Signing time: Sun 18 May 2025 12:10:43 +0000
ROA not before: Sun 18 May 2025 12:10:43 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 24426
IP address blocks: 43.239.48.0/22 maxlen: 22
43.246.0.0/22 maxlen: 22
43.246.4.0/22 maxlen: 22
43.246.12.0/22 maxlen: 22
43.246.16.0/22 maxlen: 22
43.246.20.0/22 maxlen: 22
43.246.24.0/22 maxlen: 22
43.246.28.0/22 maxlen: 22
43.246.32.0/22 maxlen: 22
43.246.36.0/22 maxlen: 22
43.246.40.0/22 maxlen: 22
43.246.44.0/22 maxlen: 22
43.246.52.0/22 maxlen: 22
43.246.56.0/22 maxlen: 22
43.246.60.0/22 maxlen: 22
43.246.64.0/22 maxlen: 22
43.246.68.0/22 maxlen: 22
43.246.72.0/22 maxlen: 22
43.246.76.0/22 maxlen: 22
43.246.80.0/22 maxlen: 22
43.246.84.0/22 maxlen: 22
43.246.88.0/22 maxlen: 22
43.246.92.0/22 maxlen: 22
43.246.96.0/22 maxlen: 22
103.35.48.0/22 maxlen: 22
103.236.0.0/22 maxlen: 22
103.236.4.0/22 maxlen: 22
103.236.8.0/22 maxlen: 22
103.236.12.0/22 maxlen: 22
103.236.16.0/22 maxlen: 22
103.236.20.0/22 maxlen: 22
103.236.28.0/22 maxlen: 22
103.236.32.0/22 maxlen: 22
103.236.36.0/22 maxlen: 22
103.236.40.0/22 maxlen: 22
103.236.44.0/22 maxlen: 22
103.236.48.0/22 maxlen: 22
103.236.52.0/22 maxlen: 22
103.236.56.0/22 maxlen: 22
103.236.60.0/22 maxlen: 22
103.236.64.0/22 maxlen: 22
103.236.68.0/22 maxlen: 22
103.236.72.0/22 maxlen: 22
103.236.76.0/22 maxlen: 22
103.236.80.0/22 maxlen: 22
103.236.84.0/22 maxlen: 22
103.236.88.0/22 maxlen: 22
103.236.92.0/22 maxlen: 22
103.236.96.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 25000 (0x61a8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 18 12:10:43 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=7B4C2A0FAD96FFBDD53825E29AD0EBD9B41965C3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:7d:db:43:ef:b6:3d:71:bb:35:dc:82:26:ea:
2d:e2:3c:ce:c4:bd:19:0d:43:53:d7:54:0d:51:83:
1b:9b:60:2a:e2:2e:34:00:62:db:0b:75:9b:1c:c0:
69:e9:30:19:04:5f:de:0c:f6:a7:c5:aa:61:b5:2c:
37:f8:70:45:7c:d5:68:f5:7d:45:bc:0d:3c:48:38:
bc:b1:04:b1:a4:ac:c6:8e:d4:99:77:f5:65:a1:4e:
58:15:d0:2d:55:81:83:38:41:74:0f:84:f5:c9:df:
5d:e4:24:17:ab:ca:44:b7:72:4b:96:19:f7:0e:29:
f7:02:5c:82:c1:81:9d:df:94:60:ac:50:60:2c:3c:
03:6c:81:8a:c6:75:ad:98:8a:db:58:f2:de:4a:7b:
11:db:c6:61:04:f2:ef:eb:00:03:e6:39:f7:2c:3f:
da:0d:eb:be:56:1f:61:3d:4e:7b:06:13:36:11:b3:
b1:27:5c:46:bd:93:29:8e:8f:f0:3c:b3:c4:c5:c3:
8e:15:47:b8:9a:c4:54:3b:87:92:9b:af:b8:7d:78:
95:0a:d3:b2:ca:06:7a:4b:49:20:3d:03:7c:e7:d9:
aa:87:96:3e:19:31:4b:a3:85:e7:62:6c:d4:02:3b:
1a:83:9f:63:b7:ca:c8:e8:37:d3:c1:61:d0:b7:fb:
21:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:4C:2A:0F:AD:96:FF:BD:D5:38:25:E2:9A:D0:EB:D9:B4:19:65:C3
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/e0wqD62W_73VOCXimtDr2bQZZcM.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.48.0/22
43.246.0.0/21
43.246.12.0-43.246.47.255
43.246.52.0-43.246.99.255
103.35.48.0/22
103.236.0.0-103.236.23.255
103.236.28.0-103.236.99.255
Signature Algorithm: sha256WithRSAEncryption
26:b9:b3:74:9b:0a:e0:3d:88:0b:b5:c3:2c:7d:a6:65:b4:f6:
e1:94:2f:30:e1:12:2c:0a:cc:bb:3a:3b:cb:8e:93:1a:50:3f:
fa:55:17:6c:91:3b:d2:cd:bd:5a:77:6c:7c:e3:82:da:27:5e:
06:f2:31:0a:22:45:49:f2:b7:fa:ea:91:fd:f9:d8:f3:a0:4f:
2f:ff:7b:55:5a:94:83:c8:2a:71:9d:e3:c1:a2:53:6e:61:56:
49:76:83:5f:08:e9:13:62:16:2d:9e:b0:b5:6b:6b:4c:b4:1f:
b6:a9:71:cd:49:d0:d1:5d:1e:87:a2:43:11:ee:56:0f:8b:17:
1d:08:7a:95:9e:bf:d8:30:3f:78:9c:ee:d1:d9:d1:b3:70:88:
3a:0a:19:22:78:8f:db:bd:6c:12:d9:f0:61:c5:35:41:b9:56:
81:01:83:74:fb:ff:23:cd:15:02:30:bb:05:24:bb:d5:99:c2:
97:6e:eb:cb:78:d3:c0:24:14:6c:80:26:ba:af:c6:c9:8c:57:
03:38:84:75:e8:1b:fe:d7:12:56:09:f9:33:8d:d8:0b:7a:97:
b6:d1:27:21:43:e9:bc:79:5d:2a:00:a4:c2:71:ef:d8:27:6c:
1a:fb:56:57:89:e7:c9:77:dd:9c:26:aa:e0:9e:cf:30:1b:86:
73:2f:61:4e
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgICYagwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNTA1MTgx
MjEwNDNaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDdCNEMyQTBGQUQ5NkZG
QkRENTM4MjVFMjlBRDBFQkQ5QjQxOTY1QzMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDWfdtD77Y9cbs13IIm6i3iPM7EvRkNQ1PXVA1RgxubYCriLjQA
YtsLdZscwGnpMBkEX94M9qfFqmG1LDf4cEV81Wj1fUW8DTxIOLyxBLGkrMaO1Jl3
9WWhTlgV0C1VgYM4QXQPhPXJ313kJBerykS3ckuWGfcOKfcCXILBgZ3flGCsUGAs
PANsgYrGda2YittY8t5KexHbxmEE8u/rAAPmOfcsP9oN675WH2E9TnsGEzYRs7En
XEa9kymOj/A8s8TFw44VR7iaxFQ7h5Kbr7h9eJUK07LKBnpLSSA9A3zn2aqHlj4Z
MUujhedibNQCOxqDn2O3ysjoN9PBYdC3+yFZAgMBAAGjggI0MIICMDAdBgNVHQ4E
FgQUe0wqD62W/73VOCXimtDr2bQZZcMwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2Uwd3FENjJXXzczVk9D
WGltdERyMmJRWlpjTS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwYgYIKwYBBQUHAQcBAf8EUzBRME8EAgABMEkD
BAIr7zADBAMr9gAwDAMEAiv2DAMEBCv2IDAMAwQCK/Y0AwQCK/ZgAwQCZyMwMAsD
AwJn7AMEA2fsEDAMAwQCZ+wcAwQCZ+xgMA0GCSqGSIb3DQEBCwUAA4IBAQAmubN0
mwrgPYgLtcMsfaZltPbhlC8w4RIsCsy7OjvLjpMaUD/6VRdskTvSzb1ad2x844La
J14G8jEKIkVJ8rf66pH9+djzoE8v/3tVWpSDyCpxnePBolNuYVZJdoNfCOkTYhYt
nrC1a2tMtB+2qXHNSdDRXR6HokMR7lYPixcdCHqVnr/YMD94nO7R2dGzcIg6Chki
eI/bvWwS2fBhxTVBuVaBAYN0+/8jzRUCMLsFJLvVmcKXbuvLeNPAJBRsgCa6r8bJ
jFcDOIR16Bv+1xJWCfkzjdgLepe20SchQ+m8eV0qAKTCce/YJ2wa+1ZXiefJd92c
Jqrgns8wG4ZzL2FO
-----END CERTIFICATE-----
Generated at Wed Jun 4 01:54:04 2025 by rpki-client