Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/hnR7DEbYHyko2eXf2DKKz-rZuEo.roa
File: hnR7DEbYHyko2eXf2DKKz-rZuEo.roa (raw, json)
Hash identifier: IGNwNGN7Fp85AD6m3v6PPpAwr6DRC1SeQ0+f3/mR6LU=
Subject key identifier: 86:74:7B:0C:46:D8:1F:29:28:D9:E5:DF:D8:32:8A:CF:EA:D9:B8:4A
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 69DA
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/hnR7DEbYHyko2eXf2DKKz-rZuEo.roa
Signing time: Mon 09 Jun 2025 08:42:11 +0000
ROA not before: Mon 09 Jun 2025 08:42:11 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 24426
IP address blocks: 43.239.48.0/22 maxlen: 22
43.246.0.0/22 maxlen: 22
43.246.4.0/22 maxlen: 22
43.246.12.0/22 maxlen: 22
43.246.16.0/22 maxlen: 22
43.246.20.0/22 maxlen: 22
43.246.24.0/22 maxlen: 22
43.246.28.0/22 maxlen: 22
43.246.32.0/22 maxlen: 22
43.246.36.0/22 maxlen: 22
43.246.40.0/22 maxlen: 22
43.246.44.0/22 maxlen: 22
43.246.52.0/22 maxlen: 22
43.246.56.0/22 maxlen: 22
43.246.60.0/22 maxlen: 22
43.246.64.0/22 maxlen: 22
43.246.68.0/22 maxlen: 22
43.246.72.0/22 maxlen: 22
43.246.76.0/22 maxlen: 22
43.246.80.0/22 maxlen: 22
43.246.84.0/22 maxlen: 22
43.246.88.0/22 maxlen: 22
43.246.92.0/22 maxlen: 22
43.246.96.0/22 maxlen: 22
103.35.48.0/22 maxlen: 22
103.236.0.0/22 maxlen: 22
103.236.4.0/22 maxlen: 22
103.236.8.0/22 maxlen: 22
103.236.12.0/22 maxlen: 22
103.236.16.0/22 maxlen: 22
103.236.20.0/22 maxlen: 22
103.236.28.0/22 maxlen: 22
103.236.32.0/22 maxlen: 22
103.236.36.0/22 maxlen: 22
103.236.40.0/22 maxlen: 22
103.236.44.0/22 maxlen: 22
103.236.48.0/22 maxlen: 22
103.236.52.0/22 maxlen: 22
103.236.56.0/22 maxlen: 22
103.236.60.0/22 maxlen: 22
103.236.64.0/22 maxlen: 22
103.236.68.0/22 maxlen: 22
103.236.72.0/22 maxlen: 22
103.236.76.0/22 maxlen: 22
103.236.80.0/22 maxlen: 22
103.236.84.0/22 maxlen: 22
103.236.88.0/22 maxlen: 22
103.236.92.0/22 maxlen: 22
103.236.96.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 27098 (0x69da)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Jun 9 08:42:11 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=86747B0C46D81F2928D9E5DFD8328ACFEAD9B84A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:09:3b:00:a7:0e:14:f7:19:c3:3f:d6:c0:25:
08:4f:2e:b1:99:a6:cc:6e:66:c0:71:ce:6a:ce:76:
b7:07:06:2d:81:e0:2f:79:45:14:61:3d:c3:eb:83:
7c:66:99:31:37:a9:9b:55:44:58:f3:df:f0:ab:6b:
05:e9:10:69:4e:4b:c1:cc:e0:8f:d6:fd:98:4a:69:
a0:c7:51:86:c9:f9:8c:12:7c:7d:90:19:2d:1b:f1:
4e:23:6e:3a:ad:86:1d:3c:cd:64:ed:3a:20:c6:a0:
14:73:21:85:7e:48:58:31:4a:8d:94:f3:6a:ce:28:
cd:99:53:ea:51:ae:2d:4a:c1:82:ba:f5:a0:2d:88:
d8:91:4e:0d:20:0b:5e:fe:ef:c9:47:29:71:e0:2a:
b4:1a:64:2f:07:67:c6:71:a8:8c:5d:d9:1c:8e:da:
79:1f:df:63:51:6e:c2:54:7c:b1:ad:47:de:ed:e0:
fb:9b:d9:43:2e:df:22:21:fe:d9:5c:28:6a:f6:2c:
18:a8:10:8b:a5:93:f8:cd:85:a8:9f:2d:c2:77:80:
87:b2:ab:33:df:30:2e:fa:a6:0f:e4:9a:ab:11:6d:
50:2a:54:93:9e:90:e4:ee:67:81:d3:4b:1f:f7:de:
43:ea:3b:f1:4f:72:3f:5a:71:bf:da:16:c0:db:b7:
12:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:74:7B:0C:46:D8:1F:29:28:D9:E5:DF:D8:32:8A:CF:EA:D9:B8:4A
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/hnR7DEbYHyko2eXf2DKKz-rZuEo.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.48.0/22
43.246.0.0/21
43.246.12.0-43.246.47.255
43.246.52.0-43.246.99.255
103.35.48.0/22
103.236.0.0-103.236.23.255
103.236.28.0-103.236.99.255
Signature Algorithm: sha256WithRSAEncryption
b2:ac:74:c2:47:2e:0a:48:3d:35:b7:c5:e9:2c:28:92:10:2b:
25:0b:d7:35:e1:d2:65:2d:5c:e6:93:19:9f:39:a6:17:f1:da:
74:02:4c:34:6f:27:7a:18:1a:b3:51:00:29:c5:7b:b3:50:d5:
87:2b:04:13:01:74:71:fb:90:b9:c0:97:da:f4:ac:74:b6:1b:
33:a8:61:89:fe:cb:10:7d:4a:ec:a7:89:bf:db:ba:fe:c3:f3:
7c:8b:46:2c:5a:a4:a1:1a:9a:62:d9:b9:22:26:75:fa:13:80:
91:23:9d:05:d6:b7:d1:a0:07:ef:31:42:f5:42:ba:f1:ca:6d:
33:2e:b5:77:8c:c0:48:87:e9:19:dd:f5:e5:31:4a:b0:9b:b9:
7e:90:01:b3:86:70:e2:6d:23:1b:78:01:45:d6:c8:7c:84:81:
7e:30:ec:32:44:31:31:19:d7:89:cf:f9:7f:3c:f0:8a:07:17:
6f:05:52:e7:4f:81:56:85:ce:32:9f:af:ed:07:7f:f0:43:ce:
d2:7e:7b:ca:33:59:2e:06:97:42:71:82:db:1f:39:4a:5c:74:
00:ff:b6:c4:4b:57:81:c8:ad:4b:4f:10:e1:47:60:2a:81:b5:
1f:d7:c9:ef:86:fa:31:b8:21:30:3c:c4:53:11:5b:48:27:fe:
4a:c4:b1:6d
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgICadowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNTA2MDkw
ODQyMTFaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDg2NzQ3QjBDNDZEODFG
MjkyOEQ5RTVERkQ4MzI4QUNGRUFEOUI4NEEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC6CTsApw4U9xnDP9bAJQhPLrGZpsxuZsBxzmrOdrcHBi2B4C95
RRRhPcPrg3xmmTE3qZtVRFjz3/CrawXpEGlOS8HM4I/W/ZhKaaDHUYbJ+YwSfH2Q
GS0b8U4jbjqthh08zWTtOiDGoBRzIYV+SFgxSo2U82rOKM2ZU+pRri1KwYK69aAt
iNiRTg0gC17+78lHKXHgKrQaZC8HZ8ZxqIxd2RyO2nkf32NRbsJUfLGtR97t4Pub
2UMu3yIh/tlcKGr2LBioEIulk/jNhaifLcJ3gIeyqzPfMC76pg/kmqsRbVAqVJOe
kOTuZ4HTSx/33kPqO/FPcj9acb/aFsDbtxIpAgMBAAGjggI0MIICMDAdBgNVHQ4E
FgQUhnR7DEbYHyko2eXf2DKKz+rZuEowHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2huUjdERWJZSHlrbzJl
WGYyREtLei1yWnVFby5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwYgYIKwYBBQUHAQcBAf8EUzBRME8EAgABMEkD
BAIr7zADBAMr9gAwDAMEAiv2DAMEBCv2IDAMAwQCK/Y0AwQCK/ZgAwQCZyMwMAsD
AwJn7AMEA2fsEDAMAwQCZ+wcAwQCZ+xgMA0GCSqGSIb3DQEBCwUAA4IBAQCyrHTC
Ry4KSD01t8XpLCiSECslC9c14dJlLVzmkxmfOaYX8dp0Akw0byd6GBqzUQApxXuz
UNWHKwQTAXRx+5C5wJfa9Kx0thszqGGJ/ssQfUrsp4m/27r+w/N8i0YsWqShGppi
2bkiJnX6E4CRI50F1rfRoAfvMUL1Qrrxym0zLrV3jMBIh+kZ3fXlMUqwm7l+kAGz
hnDibSMbeAFF1sh8hIF+MOwyRDExGdeJz/l/PPCKBxdvBVLnT4FWhc4yn6/tB3/w
Q87SfnvKM1kuBpdCcYLbHzlKXHQA/7bES1eByK1LTxDhR2AqgbUf18nvhvoxuCEw
PMRTEVtIJ/5KxLFt
-----END CERTIFICATE-----
Generated at Sun Jul 20 12:41:58 2025 by rpki-client