
Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/e2krIwUpM3XC9fcUph68nmb_0ak.roa
File: e2krIwUpM3XC9fcUph68nmb_0ak.roa (raw, json)
Hash identifier: Y0Fsbhdtoe2x69qtwx62UXLrBBkgRrrG52SZf6HsabY=
Subject key identifier: 7B:69:2B:23:05:29:33:75:C2:F5:F7:14:A6:1E:BC:9E:66:FF:D1:A9
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 759C
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/e2krIwUpM3XC9fcUph68nmb_0ak.roa
Signing time: Thu 10 Jul 2025 22:45:08 +0000
ROA not before: Thu 10 Jul 2025 22:45:08 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 24426
IP address blocks: 43.239.48.0/22 maxlen: 22
43.246.0.0/22 maxlen: 22
43.246.4.0/22 maxlen: 22
43.246.12.0/22 maxlen: 22
43.246.16.0/22 maxlen: 22
43.246.20.0/22 maxlen: 22
43.246.24.0/22 maxlen: 22
43.246.28.0/22 maxlen: 22
43.246.32.0/22 maxlen: 22
43.246.36.0/22 maxlen: 22
43.246.40.0/22 maxlen: 22
43.246.44.0/22 maxlen: 22
43.246.52.0/22 maxlen: 22
43.246.56.0/22 maxlen: 22
43.246.60.0/22 maxlen: 22
43.246.64.0/22 maxlen: 22
43.246.68.0/22 maxlen: 22
43.246.72.0/22 maxlen: 22
43.246.76.0/22 maxlen: 22
43.246.80.0/22 maxlen: 22
43.246.84.0/22 maxlen: 22
43.246.88.0/22 maxlen: 22
43.246.92.0/22 maxlen: 22
43.246.96.0/22 maxlen: 22
103.35.48.0/22 maxlen: 22
103.236.0.0/22 maxlen: 22
103.236.4.0/22 maxlen: 22
103.236.8.0/22 maxlen: 22
103.236.12.0/22 maxlen: 22
103.236.16.0/22 maxlen: 22
103.236.20.0/22 maxlen: 22
103.236.28.0/22 maxlen: 22
103.236.32.0/22 maxlen: 22
103.236.36.0/22 maxlen: 22
103.236.40.0/22 maxlen: 22
103.236.44.0/22 maxlen: 22
103.236.48.0/22 maxlen: 22
103.236.52.0/22 maxlen: 22
103.236.56.0/22 maxlen: 22
103.236.60.0/22 maxlen: 22
103.236.64.0/22 maxlen: 22
103.236.68.0/22 maxlen: 22
103.236.72.0/22 maxlen: 22
103.236.76.0/22 maxlen: 22
103.236.80.0/22 maxlen: 22
103.236.84.0/22 maxlen: 22
103.236.88.0/22 maxlen: 22
103.236.92.0/22 maxlen: 22
103.236.96.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 30108 (0x759c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Jul 10 22:45:08 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=7B692B2305293375C2F5F714A61EBC9E66FFD1A9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:63:bb:b9:8f:2e:38:f9:68:13:7a:19:61:9b:
14:41:0c:0b:3c:f9:a0:9d:4c:d9:a1:62:10:15:ea:
3f:95:ab:6d:04:b2:f3:fa:b1:6f:9a:4b:5a:b1:70:
96:f7:98:3f:cb:29:e7:2d:75:b5:b2:5a:a6:50:ed:
4f:e6:0f:7a:df:aa:e2:ac:f1:7e:85:50:fd:f6:79:
9e:23:6f:d9:91:9d:70:76:14:b2:7a:40:34:aa:18:
bc:2a:4b:a2:1e:24:60:7a:9c:39:ba:0e:2e:c2:1f:
43:c6:57:0a:65:c4:c6:95:53:8e:6e:5a:ae:1f:42:
4e:1e:b3:5a:65:1d:2d:9f:3d:81:0d:70:da:97:a9:
af:6f:b7:f2:ef:4d:58:3b:91:c2:c5:2d:0f:3e:d3:
f7:2f:a5:fa:19:cc:f8:c7:c1:4a:62:f7:7b:36:3c:
7a:8d:53:8b:ec:6e:76:5c:92:24:53:1a:f2:1f:c4:
f8:5f:7d:14:c4:39:4f:7b:99:e3:7d:60:e3:ac:90:
71:a9:bc:17:62:10:68:80:43:4f:25:27:25:fe:85:
f1:d4:8e:3d:7f:21:f0:a7:61:7a:6f:26:d8:47:cc:
37:55:bc:ed:d9:f6:6b:bd:e7:a3:6d:9b:91:5d:46:
51:44:8a:c0:c8:d9:1a:86:ec:a6:62:58:36:26:4b:
5c:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:69:2B:23:05:29:33:75:C2:F5:F7:14:A6:1E:BC:9E:66:FF:D1:A9
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/e2krIwUpM3XC9fcUph68nmb_0ak.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.48.0/22
43.246.0.0/21
43.246.12.0-43.246.47.255
43.246.52.0-43.246.99.255
103.35.48.0/22
103.236.0.0-103.236.23.255
103.236.28.0-103.236.99.255
Signature Algorithm: sha256WithRSAEncryption
74:54:0a:34:1a:df:c4:bb:c1:ff:02:7f:26:a4:7b:0d:bf:df:
ed:0b:91:7f:2c:26:11:c6:ac:ef:06:85:48:94:f1:b5:09:50:
09:9d:a6:67:51:01:a9:75:52:09:b4:8e:1d:91:28:1d:34:7b:
6e:4c:99:de:dc:aa:b4:4c:db:27:20:1f:7b:28:c1:6f:11:66:
18:b6:5b:66:da:97:ad:a2:67:a0:c9:e2:d6:b1:30:1a:4f:0d:
05:d3:70:cc:00:31:36:34:e4:b5:1a:6f:1a:bd:a1:3d:5c:71:
f7:74:f7:b8:a3:48:d0:fc:17:2d:47:1d:6e:f0:78:2e:02:32:
38:c5:fe:79:5f:0f:82:39:5c:82:67:38:17:d1:bf:b1:6d:26:
58:e3:3e:b6:69:fe:99:1a:24:c4:2a:d4:12:15:4c:6b:3c:c8:
76:e2:5e:05:e9:df:18:e3:99:d9:06:13:2c:84:47:85:5f:8a:
02:ed:00:2b:46:81:02:c9:e2:05:ea:e4:96:6d:64:c0:be:69:
e1:32:8a:41:87:e6:c2:0b:0a:88:76:c4:9d:96:b0:27:6c:ff:
08:1e:d4:bb:d7:4a:56:a2:fa:65:5a:5a:25:d7:b0:40:a4:7f:
3c:d4:cd:97:b2:00:54:6c:19:40:27:0f:6d:25:3e:61:c8:eb:
78:8b:94:91
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgICdZwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNTA3MTAy
MjQ1MDhaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDdCNjkyQjIzMDUyOTMz
NzVDMkY1RjcxNEE2MUVCQzlFNjZGRkQxQTkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDJY7u5jy44+WgTehlhmxRBDAs8+aCdTNmhYhAV6j+Vq20EsvP6
sW+aS1qxcJb3mD/LKectdbWyWqZQ7U/mD3rfquKs8X6FUP32eZ4jb9mRnXB2FLJ6
QDSqGLwqS6IeJGB6nDm6Di7CH0PGVwplxMaVU45uWq4fQk4es1plHS2fPYENcNqX
qa9vt/LvTVg7kcLFLQ8+0/cvpfoZzPjHwUpi93s2PHqNU4vsbnZckiRTGvIfxPhf
fRTEOU97meN9YOOskHGpvBdiEGiAQ08lJyX+hfHUjj1/IfCnYXpvJthHzDdVvO3Z
9mu956Ntm5FdRlFEisDI2RqG7KZiWDYmS1zxAgMBAAGjggI0MIICMDAdBgNVHQ4E
FgQUe2krIwUpM3XC9fcUph68nmb/0akwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2Uya3JJd1VwTTNYQzlm
Y1VwaDY4bm1iXzBhay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwYgYIKwYBBQUHAQcBAf8EUzBRME8EAgABMEkD
BAIr7zADBAMr9gAwDAMEAiv2DAMEBCv2IDAMAwQCK/Y0AwQCK/ZgAwQCZyMwMAsD
AwJn7AMEA2fsEDAMAwQCZ+wcAwQCZ+xgMA0GCSqGSIb3DQEBCwUAA4IBAQB0VAo0
Gt/Eu8H/An8mpHsNv9/tC5F/LCYRxqzvBoVIlPG1CVAJnaZnUQGpdVIJtI4dkSgd
NHtuTJne3Kq0TNsnIB97KMFvEWYYtltm2petomegyeLWsTAaTw0F03DMADE2NOS1
Gm8avaE9XHH3dPe4o0jQ/BctRx1u8HguAjI4xf55Xw+COVyCZzgX0b+xbSZY4z62
af6ZGiTEKtQSFUxrPMh24l4F6d8Y45nZBhMshEeFX4oC7QArRoECyeIF6uSWbWTA
vmnhMopBh+bCCwqIdsSdlrAnbP8IHtS710pWovplWlol17BApH881M2XsgBUbBlA
Jw9tJT5hyOt4i5SR
-----END CERTIFICATE-----
Generated at Sun Jul 20 16:38:14 2025 by rpki-client