Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/gj7I0JXUnsjFZe0tSd0C00e8w_M.roa
File: gj7I0JXUnsjFZe0tSd0C00e8w_M.roa (raw, json)
Hash identifier: V/8AVQ/kuxXAf4yfFQyNwqL2NEic6CaBJbhciLAOJ40=
Subject key identifier: 82:3E:C8:D0:95:D4:9E:C8:C5:65:ED:2D:49:DD:02:D3:47:BC:C3:F3
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 625E
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/gj7I0JXUnsjFZe0tSd0C00e8w_M.roa
Signing time: Tue 20 May 2025 09:40:41 +0000
ROA not before: Tue 20 May 2025 09:40:41 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 24426
IP address blocks: 43.239.48.0/22 maxlen: 22
43.246.0.0/22 maxlen: 22
43.246.4.0/22 maxlen: 22
43.246.12.0/22 maxlen: 22
43.246.16.0/22 maxlen: 22
43.246.20.0/22 maxlen: 22
43.246.24.0/22 maxlen: 22
43.246.28.0/22 maxlen: 22
43.246.32.0/22 maxlen: 22
43.246.36.0/22 maxlen: 22
43.246.40.0/22 maxlen: 22
43.246.44.0/22 maxlen: 22
43.246.52.0/22 maxlen: 22
43.246.56.0/22 maxlen: 22
43.246.60.0/22 maxlen: 22
43.246.64.0/22 maxlen: 22
43.246.68.0/22 maxlen: 22
43.246.72.0/22 maxlen: 22
43.246.76.0/22 maxlen: 22
43.246.80.0/22 maxlen: 22
43.246.84.0/22 maxlen: 22
43.246.88.0/22 maxlen: 22
43.246.92.0/22 maxlen: 22
43.246.96.0/22 maxlen: 22
103.35.48.0/22 maxlen: 22
103.236.0.0/22 maxlen: 22
103.236.4.0/22 maxlen: 22
103.236.8.0/22 maxlen: 22
103.236.12.0/22 maxlen: 22
103.236.16.0/22 maxlen: 22
103.236.20.0/22 maxlen: 22
103.236.28.0/22 maxlen: 22
103.236.32.0/22 maxlen: 22
103.236.36.0/22 maxlen: 22
103.236.40.0/22 maxlen: 22
103.236.44.0/22 maxlen: 22
103.236.48.0/22 maxlen: 22
103.236.52.0/22 maxlen: 22
103.236.56.0/22 maxlen: 22
103.236.60.0/22 maxlen: 22
103.236.64.0/22 maxlen: 22
103.236.68.0/22 maxlen: 22
103.236.72.0/22 maxlen: 22
103.236.76.0/22 maxlen: 22
103.236.80.0/22 maxlen: 22
103.236.84.0/22 maxlen: 22
103.236.88.0/22 maxlen: 22
103.236.92.0/22 maxlen: 22
103.236.96.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 25182 (0x625e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 20 09:40:41 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=823EC8D095D49EC8C565ED2D49DD02D347BCC3F3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:88:cb:ef:5b:a5:30:8a:6f:87:7e:f5:9d:ea:
d3:db:bf:a0:2b:fd:7d:2f:70:c8:e9:3d:19:f5:b0:
6c:34:4e:96:b1:a0:b6:ab:57:c1:e4:4c:e9:94:ec:
1b:d7:33:3e:13:c0:3b:01:fd:9e:5b:ab:72:37:41:
92:be:a4:71:fb:ee:b1:77:27:fe:c8:d7:29:fe:fc:
6a:59:15:2c:89:b8:4e:43:87:a1:75:eb:77:55:32:
d2:2b:b9:71:82:21:00:03:a7:26:b3:6d:12:e8:5f:
a3:a4:03:7c:4a:28:46:7b:38:9f:a8:81:62:6a:c1:
4b:11:03:4f:7d:32:2d:e9:5d:03:e3:6b:a0:8f:75:
6b:e3:32:1b:c4:93:ad:9c:68:79:34:5f:de:9e:c5:
cb:c5:1c:28:f0:0b:e7:83:56:8c:9c:12:9c:79:c8:
f9:ae:34:50:0b:5d:1d:28:5d:05:66:44:10:b3:65:
fd:e4:1d:a0:cb:32:87:97:e5:ca:08:ad:b4:81:02:
d9:eb:f9:10:62:10:2c:10:74:d0:db:b5:3c:99:94:
ed:61:0f:2e:13:30:ab:54:2b:cf:65:b8:f9:f6:26:
bf:c7:c0:63:dc:16:ff:9f:32:4e:26:21:ff:36:4a:
7b:49:69:46:e0:ad:c6:1b:e6:d3:d0:76:50:69:05:
ba:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:3E:C8:D0:95:D4:9E:C8:C5:65:ED:2D:49:DD:02:D3:47:BC:C3:F3
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/gj7I0JXUnsjFZe0tSd0C00e8w_M.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.48.0/22
43.246.0.0/21
43.246.12.0-43.246.47.255
43.246.52.0-43.246.99.255
103.35.48.0/22
103.236.0.0-103.236.23.255
103.236.28.0-103.236.99.255
Signature Algorithm: sha256WithRSAEncryption
64:cc:f5:aa:a0:a8:0f:54:c1:b6:ec:e8:ee:28:1e:34:9e:78:
a4:98:78:27:6b:b3:e8:10:2c:ee:1f:0a:27:a6:bd:e3:ac:73:
c9:f9:36:3d:7e:c2:d6:7a:b0:fe:97:f0:8f:f5:5c:29:05:26:
b7:e9:c3:df:68:7e:cb:8a:02:09:a1:0c:cc:61:ab:ec:b3:6e:
90:48:50:da:83:c0:74:49:c2:22:a2:c5:b1:d9:78:9c:86:28:
6e:9d:e6:8f:7f:d5:28:09:6c:9e:09:07:61:69:46:5b:f5:4b:
e0:42:07:91:69:be:23:6f:52:62:5c:67:c0:b1:aa:01:1f:01:
fb:fb:f0:68:75:53:34:2d:0e:11:dd:44:98:5e:14:20:29:7e:
40:be:0a:40:34:83:5a:90:07:d0:3a:f0:69:3b:85:27:59:d0:
c8:04:43:5b:e1:da:b5:ea:81:84:49:7c:7f:97:1f:19:d3:2d:
eb:da:5b:e7:1a:ee:8f:b0:3f:1a:fd:c6:23:91:4d:4d:72:f6:
65:e0:8e:12:57:30:47:b4:7a:a8:cb:d0:21:59:71:e5:33:f0:
c1:db:93:44:5f:af:4f:ed:9c:06:db:8a:2a:81:4a:2b:93:5d:
d3:5e:ea:29:ff:97:27:f8:bd:34:15:1c:e7:dc:f9:fa:0e:d0:
b3:25:cf:c7
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgICYl4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNTA1MjAw
OTQwNDFaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDgyM0VDOEQwOTVENDlF
QzhDNTY1RUQyRDQ5REQwMkQzNDdCQ0MzRjMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCpiMvvW6Uwim+HfvWd6tPbv6Ar/X0vcMjpPRn1sGw0TpaxoLar
V8HkTOmU7BvXMz4TwDsB/Z5bq3I3QZK+pHH77rF3J/7I1yn+/GpZFSyJuE5Dh6F1
63dVMtIruXGCIQADpyazbRLoX6OkA3xKKEZ7OJ+ogWJqwUsRA099Mi3pXQPja6CP
dWvjMhvEk62caHk0X96excvFHCjwC+eDVoycEpx5yPmuNFALXR0oXQVmRBCzZf3k
HaDLMoeX5coIrbSBAtnr+RBiECwQdNDbtTyZlO1hDy4TMKtUK89luPn2Jr/HwGPc
Fv+fMk4mIf82SntJaUbgrcYb5tPQdlBpBbpnAgMBAAGjggI0MIICMDAdBgNVHQ4E
FgQUgj7I0JXUnsjFZe0tSd0C00e8w/MwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2dqN0kwSlhVbnNqRlpl
MHRTZDBDMDBlOHdfTS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwYgYIKwYBBQUHAQcBAf8EUzBRME8EAgABMEkD
BAIr7zADBAMr9gAwDAMEAiv2DAMEBCv2IDAMAwQCK/Y0AwQCK/ZgAwQCZyMwMAsD
AwJn7AMEA2fsEDAMAwQCZ+wcAwQCZ+xgMA0GCSqGSIb3DQEBCwUAA4IBAQBkzPWq
oKgPVMG27OjuKB40nnikmHgna7PoECzuHwonpr3jrHPJ+TY9fsLWerD+l/CP9Vwp
BSa36cPfaH7LigIJoQzMYavss26QSFDag8B0ScIiosWx2XichihuneaPf9UoCWye
CQdhaUZb9UvgQgeRab4jb1JiXGfAsaoBHwH7+/BodVM0LQ4R3USYXhQgKX5AvgpA
NINakAfQOvBpO4UnWdDIBENb4dq16oGESXx/lx8Z0y3r2lvnGu6PsD8a/cYjkU1N
cvZl4I4SVzBHtHqoy9AhWXHlM/DB25NEX69P7ZwG24oqgUork13TXuop/5cn+L00
FRzn3Pn6DtCzJc/H
-----END CERTIFICATE-----
Generated at Wed Jun 4 02:12:29 2025 by rpki-client