Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/g3Mb56HM_A01y7vGy-K8qC8gsf0.roa
File: g3Mb56HM_A01y7vGy-K8qC8gsf0.roa (raw, json)
Hash identifier: uAzkwIsEp3Bdk5eyGyca0fVoNg7f4g6sm7Gp1U/u72U=
Subject key identifier: 83:73:1B:E7:A1:CC:FC:0D:35:CB:BB:C6:CB:E2:BC:A8:2F:20:B1:FD
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 7580
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/g3Mb56HM_A01y7vGy-K8qC8gsf0.roa
Signing time: Thu 10 Jul 2025 15:45:12 +0000
ROA not before: Thu 10 Jul 2025 15:45:12 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 24426
IP address blocks: 43.239.48.0/22 maxlen: 22
43.246.0.0/22 maxlen: 22
43.246.4.0/22 maxlen: 22
43.246.12.0/22 maxlen: 22
43.246.16.0/22 maxlen: 22
43.246.20.0/22 maxlen: 22
43.246.24.0/22 maxlen: 22
43.246.28.0/22 maxlen: 22
43.246.32.0/22 maxlen: 22
43.246.36.0/22 maxlen: 22
43.246.40.0/22 maxlen: 22
43.246.44.0/22 maxlen: 22
43.246.52.0/22 maxlen: 22
43.246.56.0/22 maxlen: 22
43.246.60.0/22 maxlen: 22
43.246.64.0/22 maxlen: 22
43.246.68.0/22 maxlen: 22
43.246.72.0/22 maxlen: 22
43.246.76.0/22 maxlen: 22
43.246.80.0/22 maxlen: 22
43.246.84.0/22 maxlen: 22
43.246.88.0/22 maxlen: 22
43.246.92.0/22 maxlen: 22
43.246.96.0/22 maxlen: 22
103.35.48.0/22 maxlen: 22
103.236.0.0/22 maxlen: 22
103.236.4.0/22 maxlen: 22
103.236.8.0/22 maxlen: 22
103.236.12.0/22 maxlen: 22
103.236.16.0/22 maxlen: 22
103.236.20.0/22 maxlen: 22
103.236.28.0/22 maxlen: 22
103.236.32.0/22 maxlen: 22
103.236.36.0/22 maxlen: 22
103.236.40.0/22 maxlen: 22
103.236.44.0/22 maxlen: 22
103.236.48.0/22 maxlen: 22
103.236.52.0/22 maxlen: 22
103.236.56.0/22 maxlen: 22
103.236.60.0/22 maxlen: 22
103.236.64.0/22 maxlen: 22
103.236.68.0/22 maxlen: 22
103.236.72.0/22 maxlen: 22
103.236.76.0/22 maxlen: 22
103.236.80.0/22 maxlen: 22
103.236.84.0/22 maxlen: 22
103.236.88.0/22 maxlen: 22
103.236.92.0/22 maxlen: 22
103.236.96.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 30080 (0x7580)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Jul 10 15:45:12 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=83731BE7A1CCFC0D35CBBBC6CBE2BCA82F20B1FD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:9b:c6:26:19:e3:ee:66:14:9e:b1:72:01:4c:
3a:f2:49:08:26:73:b7:3a:00:cb:9e:85:7d:14:01:
b7:a9:06:ff:78:27:d0:9a:21:d9:4a:b3:aa:f3:b2:
54:db:ab:2e:96:a4:db:55:0a:27:2e:51:a3:93:84:
11:51:f5:6d:e3:30:27:f5:a8:a5:16:b1:27:b3:95:
51:4e:72:7c:39:b0:4b:4b:55:89:60:27:67:6a:4c:
3c:16:d4:c3:39:1f:2e:e4:22:02:f7:55:7b:ca:ec:
b2:c6:7d:a7:da:67:9e:84:bf:a8:0c:a4:eb:c0:93:
7a:24:e6:f7:30:0a:0d:31:e4:f8:a6:29:a4:ca:0d:
e5:d7:a7:9f:b1:ee:b1:47:7b:ed:a5:44:6c:b9:41:
8b:86:5a:11:39:0b:a4:98:fa:34:23:93:d1:64:ed:
a4:3a:bf:07:de:a4:ba:70:36:51:1e:ed:a8:22:5a:
7c:6d:58:73:49:c6:50:72:66:9c:ee:f8:f7:54:79:
15:6d:ea:78:a9:f0:39:8c:ab:66:2f:01:9d:c2:06:
c6:a6:b4:50:97:e1:e0:44:c1:65:e7:f4:0b:8e:0e:
42:e2:49:df:c6:a8:1b:40:8a:d7:0f:67:53:1e:34:
16:2b:3a:34:40:ab:aa:f3:8a:31:05:d0:bd:12:88:
37:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:73:1B:E7:A1:CC:FC:0D:35:CB:BB:C6:CB:E2:BC:A8:2F:20:B1:FD
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/g3Mb56HM_A01y7vGy-K8qC8gsf0.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.48.0/22
43.246.0.0/21
43.246.12.0-43.246.47.255
43.246.52.0-43.246.99.255
103.35.48.0/22
103.236.0.0-103.236.23.255
103.236.28.0-103.236.99.255
Signature Algorithm: sha256WithRSAEncryption
a3:68:05:f0:81:2b:32:f5:87:9c:db:95:c2:dc:c4:ef:c9:61:
52:be:a0:95:e1:d2:65:8d:ae:1d:87:f4:6c:4e:16:fd:2f:bf:
e5:e8:14:48:09:1a:aa:92:53:a8:ea:bb:ac:fa:9b:95:d3:84:
7c:ee:30:71:ea:db:33:41:5d:ca:f6:1f:3d:c3:2f:f9:e3:d0:
09:2e:e4:54:e3:67:a2:a0:44:93:14:d8:db:60:97:96:1c:81:
6c:11:8d:c6:ef:2c:59:83:fd:d4:ab:c5:a3:ca:30:b2:06:11:
9c:c5:53:1e:33:a3:69:45:8e:bf:54:df:7e:3a:a8:ac:df:49:
91:eb:30:e5:dc:b5:f2:ae:76:d7:8c:40:6c:a4:62:5e:c1:df:
c4:eb:cc:bc:0e:e4:f3:37:b5:4c:45:ea:97:de:61:b7:68:cc:
ce:b4:e9:c1:bd:b2:b7:2a:08:8c:bf:39:d3:b3:b4:d2:1d:cf:
6a:18:ae:5a:41:4e:b6:70:3d:7c:d1:fa:76:a3:bc:9d:c1:b5:
d9:7a:b5:99:59:a9:ff:96:18:8c:a0:da:1b:54:95:e5:5b:1a:
68:2e:01:17:08:82:55:c0:83:2e:ef:f9:87:88:e5:19:2b:6a:
fb:1f:a3:17:f0:38:5c:f1:84:09:5b:42:93:ea:91:9f:6f:4c:
c3:8f:85:37
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgICdYAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNTA3MTAx
NTQ1MTJaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDgzNzMxQkU3QTFDQ0ZD
MEQzNUNCQkJDNkNCRTJCQ0E4MkYyMEIxRkQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC0m8YmGePuZhSesXIBTDrySQgmc7c6AMuehX0UAbepBv94J9Ca
IdlKs6rzslTbqy6WpNtVCicuUaOThBFR9W3jMCf1qKUWsSezlVFOcnw5sEtLVYlg
J2dqTDwW1MM5Hy7kIgL3VXvK7LLGfafaZ56Ev6gMpOvAk3ok5vcwCg0x5PimKaTK
DeXXp5+x7rFHe+2lRGy5QYuGWhE5C6SY+jQjk9Fk7aQ6vwfepLpwNlEe7agiWnxt
WHNJxlByZpzu+PdUeRVt6nip8DmMq2YvAZ3CBsamtFCX4eBEwWXn9AuODkLiSd/G
qBtAitcPZ1MeNBYrOjRAq6rzijEF0L0SiDfLAgMBAAGjggI0MIICMDAdBgNVHQ4E
FgQUg3Mb56HM/A01y7vGy+K8qC8gsf0wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2czTWI1NkhNX0EwMXk3
dkd5LUs4cUM4Z3NmMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwYgYIKwYBBQUHAQcBAf8EUzBRME8EAgABMEkD
BAIr7zADBAMr9gAwDAMEAiv2DAMEBCv2IDAMAwQCK/Y0AwQCK/ZgAwQCZyMwMAsD
AwJn7AMEA2fsEDAMAwQCZ+wcAwQCZ+xgMA0GCSqGSIb3DQEBCwUAA4IBAQCjaAXw
gSsy9Yec25XC3MTvyWFSvqCV4dJlja4dh/RsThb9L7/l6BRICRqqklOo6rus+puV
04R87jBx6tszQV3K9h89wy/549AJLuRU42eioESTFNjbYJeWHIFsEY3G7yxZg/3U
q8WjyjCyBhGcxVMeM6NpRY6/VN9+Oqis30mR6zDl3LXyrnbXjEBspGJewd/E68y8
DuTzN7VMReqX3mG3aMzOtOnBvbK3KgiMvznTs7TSHc9qGK5aQU62cD180fp2o7yd
wbXZerWZWan/lhiMoNobVJXlWxpoLgEXCIJVwIMu7/mHiOUZK2r7H6MX8Dhc8YQJ
W0KT6pGfb0zDj4U3
-----END CERTIFICATE-----
Generated at Sun Jul 20 12:41:24 2025 by rpki-client