Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/fu1T_CFPjHwUJdgSUjHEGo9eW8A.roa
File: fu1T_CFPjHwUJdgSUjHEGo9eW8A.roa (raw, json)
Hash identifier: PiyAjWutovEhhqpCe/60u6bs7bOIlQpdhIIJm0/Mamw=
Subject key identifier: 7E:ED:53:FC:21:4F:8C:7C:14:25:D8:12:52:31:C4:1A:8F:5E:5B:C0
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 648C
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/fu1T_CFPjHwUJdgSUjHEGo9eW8A.roa
Signing time: Mon 26 May 2025 05:11:03 +0000
ROA not before: Mon 26 May 2025 05:11:03 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 24426
IP address blocks: 43.239.48.0/22 maxlen: 22
43.246.0.0/22 maxlen: 22
43.246.4.0/22 maxlen: 22
43.246.12.0/22 maxlen: 22
43.246.16.0/22 maxlen: 22
43.246.20.0/22 maxlen: 22
43.246.24.0/22 maxlen: 22
43.246.28.0/22 maxlen: 22
43.246.32.0/22 maxlen: 22
43.246.36.0/22 maxlen: 22
43.246.40.0/22 maxlen: 22
43.246.44.0/22 maxlen: 22
43.246.52.0/22 maxlen: 22
43.246.56.0/22 maxlen: 22
43.246.60.0/22 maxlen: 22
43.246.64.0/22 maxlen: 22
43.246.68.0/22 maxlen: 22
43.246.72.0/22 maxlen: 22
43.246.76.0/22 maxlen: 22
43.246.80.0/22 maxlen: 22
43.246.84.0/22 maxlen: 22
43.246.88.0/22 maxlen: 22
43.246.92.0/22 maxlen: 22
43.246.96.0/22 maxlen: 22
103.35.48.0/22 maxlen: 22
103.236.0.0/22 maxlen: 22
103.236.4.0/22 maxlen: 22
103.236.8.0/22 maxlen: 22
103.236.12.0/22 maxlen: 22
103.236.16.0/22 maxlen: 22
103.236.20.0/22 maxlen: 22
103.236.28.0/22 maxlen: 22
103.236.32.0/22 maxlen: 22
103.236.36.0/22 maxlen: 22
103.236.40.0/22 maxlen: 22
103.236.44.0/22 maxlen: 22
103.236.48.0/22 maxlen: 22
103.236.52.0/22 maxlen: 22
103.236.56.0/22 maxlen: 22
103.236.60.0/22 maxlen: 22
103.236.64.0/22 maxlen: 22
103.236.68.0/22 maxlen: 22
103.236.72.0/22 maxlen: 22
103.236.76.0/22 maxlen: 22
103.236.80.0/22 maxlen: 22
103.236.84.0/22 maxlen: 22
103.236.88.0/22 maxlen: 22
103.236.92.0/22 maxlen: 22
103.236.96.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 25740 (0x648c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 26 05:11:03 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=7EED53FC214F8C7C1425D8125231C41A8F5E5BC0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:5b:14:4d:66:90:67:a2:89:32:50:52:26:e8:
39:58:15:e6:99:81:aa:4c:61:63:db:08:57:e3:41:
0c:d1:9e:22:f1:03:d7:02:79:2a:e7:fe:ce:12:53:
ce:34:e5:94:84:90:a1:0b:7b:46:50:fa:67:a1:87:
62:cb:4a:c2:76:60:f6:b5:cc:0b:0c:a0:61:36:98:
8c:7a:af:8d:2f:00:d5:cf:46:6a:99:b9:6e:71:3b:
72:61:11:5e:84:5e:da:d9:ea:e5:0d:72:08:e9:30:
0d:2f:14:02:30:97:60:a4:90:66:c6:80:c6:ee:a0:
40:d3:f7:e5:69:b0:14:36:5c:8b:08:00:ec:8a:9b:
0d:ad:65:69:01:9b:11:40:21:61:fa:37:8c:c7:40:
4f:b5:54:72:46:0e:70:ad:42:88:6e:3c:7a:87:98:
02:82:49:0d:58:a8:2f:9c:85:f4:90:76:82:b6:7a:
5d:67:17:fe:07:4e:97:33:ae:0b:e0:db:e7:07:56:
99:5b:86:d3:38:5a:d5:ac:b3:75:87:bb:24:bc:8b:
dc:e4:ec:ce:30:97:4c:d6:0c:2d:8f:cd:ba:79:6e:
60:45:77:ae:d7:ae:bf:16:58:ba:5a:96:39:e1:7f:
a7:61:2d:a0:af:64:b5:44:4c:a0:4e:ba:7e:7b:20:
82:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:ED:53:FC:21:4F:8C:7C:14:25:D8:12:52:31:C4:1A:8F:5E:5B:C0
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/fu1T_CFPjHwUJdgSUjHEGo9eW8A.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.48.0/22
43.246.0.0/21
43.246.12.0-43.246.47.255
43.246.52.0-43.246.99.255
103.35.48.0/22
103.236.0.0-103.236.23.255
103.236.28.0-103.236.99.255
Signature Algorithm: sha256WithRSAEncryption
a3:8f:c2:84:3b:4f:7f:ef:fc:e0:a3:d6:e2:d2:3d:f9:63:b3:
b9:5d:78:2d:72:bd:46:76:55:16:42:22:80:e1:ee:c5:fb:44:
3a:82:07:31:18:bd:33:14:1d:89:69:62:25:1e:2c:19:f6:90:
54:af:35:11:0a:b6:ae:96:b3:d2:3e:ac:63:32:9b:df:89:bb:
89:15:f6:24:e1:80:9f:e8:45:1b:83:5b:48:b2:2d:53:b7:00:
22:d7:b7:52:63:e4:66:c3:e2:0e:a9:5e:a2:95:66:81:f9:61:
96:32:03:1b:48:52:a8:75:bb:10:9d:40:41:71:f3:fd:9a:e1:
be:ba:20:ae:4e:ae:86:8e:36:75:79:42:2e:e8:7e:fc:dd:25:
62:b6:07:5f:ee:28:51:79:fb:76:f1:22:e4:18:f4:44:8f:fd:
e6:24:5e:6c:d0:f3:10:12:c5:3b:4b:9e:48:9f:ca:d4:18:6e:
8a:f5:79:ae:d6:08:22:53:d1:a7:5e:54:d3:26:48:5b:19:08:
48:11:3c:42:0c:f3:a4:62:00:21:ba:10:6f:09:ec:22:b2:c0:
57:a4:dc:18:b6:50:4b:52:85:48:97:51:57:dc:12:7e:db:a8:
4c:cc:21:94:13:05:a3:46:25:da:c1:64:fb:8f:53:50:be:83:
e4:be:9e:59
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgICZIwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNTA1MjYw
NTExMDNaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDdFRUQ1M0ZDMjE0RjhD
N0MxNDI1RDgxMjUyMzFDNDFBOEY1RTVCQzAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC/WxRNZpBnookyUFIm6DlYFeaZgapMYWPbCFfjQQzRniLxA9cC
eSrn/s4SU8405ZSEkKELe0ZQ+mehh2LLSsJ2YPa1zAsMoGE2mIx6r40vANXPRmqZ
uW5xO3JhEV6EXtrZ6uUNcgjpMA0vFAIwl2CkkGbGgMbuoEDT9+VpsBQ2XIsIAOyK
mw2tZWkBmxFAIWH6N4zHQE+1VHJGDnCtQohuPHqHmAKCSQ1YqC+chfSQdoK2el1n
F/4HTpczrgvg2+cHVplbhtM4WtWss3WHuyS8i9zk7M4wl0zWDC2Pzbp5bmBFd67X
rr8WWLpaljnhf6dhLaCvZLVETKBOun57IILTAgMBAAGjggI0MIICMDAdBgNVHQ4E
FgQUfu1T/CFPjHwUJdgSUjHEGo9eW8AwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2Z1MVRfQ0ZQakh3VUpk
Z1NVakhFR285ZVc4QS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwYgYIKwYBBQUHAQcBAf8EUzBRME8EAgABMEkD
BAIr7zADBAMr9gAwDAMEAiv2DAMEBCv2IDAMAwQCK/Y0AwQCK/ZgAwQCZyMwMAsD
AwJn7AMEA2fsEDAMAwQCZ+wcAwQCZ+xgMA0GCSqGSIb3DQEBCwUAA4IBAQCjj8KE
O09/7/zgo9bi0j35Y7O5XXgtcr1GdlUWQiKA4e7F+0Q6ggcxGL0zFB2JaWIlHiwZ
9pBUrzURCraulrPSPqxjMpvfibuJFfYk4YCf6EUbg1tIsi1TtwAi17dSY+Rmw+IO
qV6ilWaB+WGWMgMbSFKodbsQnUBBcfP9muG+uiCuTq6GjjZ1eUIu6H783SVitgdf
7ihReft28SLkGPREj/3mJF5s0PMQEsU7S55In8rUGG6K9Xmu1ggiU9GnXlTTJkhb
GQhIETxCDPOkYgAhuhBvCewissBXpNwYtlBLUoVIl1FX3BJ+26hMzCGUEwWjRiXa
wWT7j1NQvoPkvp5Z
-----END CERTIFICATE-----
Generated at Sun Jul 20 12:42:01 2025 by rpki-client