
Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/hoFAMufb2-YJmy-oZjRzg7X_BHc.roa
File: hoFAMufb2-YJmy-oZjRzg7X_BHc.roa (raw, json)
Hash identifier: n/mJMs+w79Zuk/OEfGwve9xr2N9wRR5lXgBD5wJ4P1A=
Subject key identifier: 86:81:40:32:E7:DB:DB:E6:09:9B:2F:A8:66:34:73:83:B5:FF:04:77
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 63D2
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/hoFAMufb2-YJmy-oZjRzg7X_BHc.roa
Signing time: Sat 24 May 2025 06:40:51 +0000
ROA not before: Sat 24 May 2025 06:40:51 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 24426
IP address blocks: 43.239.48.0/22 maxlen: 22
43.246.0.0/22 maxlen: 22
43.246.4.0/22 maxlen: 22
43.246.12.0/22 maxlen: 22
43.246.16.0/22 maxlen: 22
43.246.20.0/22 maxlen: 22
43.246.24.0/22 maxlen: 22
43.246.28.0/22 maxlen: 22
43.246.32.0/22 maxlen: 22
43.246.36.0/22 maxlen: 22
43.246.40.0/22 maxlen: 22
43.246.44.0/22 maxlen: 22
43.246.52.0/22 maxlen: 22
43.246.56.0/22 maxlen: 22
43.246.60.0/22 maxlen: 22
43.246.64.0/22 maxlen: 22
43.246.68.0/22 maxlen: 22
43.246.72.0/22 maxlen: 22
43.246.76.0/22 maxlen: 22
43.246.80.0/22 maxlen: 22
43.246.84.0/22 maxlen: 22
43.246.88.0/22 maxlen: 22
43.246.92.0/22 maxlen: 22
43.246.96.0/22 maxlen: 22
103.35.48.0/22 maxlen: 22
103.236.0.0/22 maxlen: 22
103.236.4.0/22 maxlen: 22
103.236.8.0/22 maxlen: 22
103.236.12.0/22 maxlen: 22
103.236.16.0/22 maxlen: 22
103.236.20.0/22 maxlen: 22
103.236.28.0/22 maxlen: 22
103.236.32.0/22 maxlen: 22
103.236.36.0/22 maxlen: 22
103.236.40.0/22 maxlen: 22
103.236.44.0/22 maxlen: 22
103.236.48.0/22 maxlen: 22
103.236.52.0/22 maxlen: 22
103.236.56.0/22 maxlen: 22
103.236.60.0/22 maxlen: 22
103.236.64.0/22 maxlen: 22
103.236.68.0/22 maxlen: 22
103.236.72.0/22 maxlen: 22
103.236.76.0/22 maxlen: 22
103.236.80.0/22 maxlen: 22
103.236.84.0/22 maxlen: 22
103.236.88.0/22 maxlen: 22
103.236.92.0/22 maxlen: 22
103.236.96.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 25554 (0x63d2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 24 06:40:51 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=86814032E7DBDBE6099B2FA866347383B5FF0477
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:5b:b9:05:12:67:6f:07:f6:ce:00:c4:a8:26:
f0:fc:4f:fb:39:89:18:8a:39:87:8e:cb:8b:ea:68:
f9:79:c9:55:f2:14:49:94:60:32:c7:da:f8:f8:50:
db:b2:00:0a:4e:80:56:75:09:7d:78:b1:b7:7d:65:
5d:41:22:b4:90:91:ec:5c:17:67:c8:4c:bb:0a:ef:
01:7a:0b:69:a8:27:46:f5:f2:e6:f1:82:1a:0b:a3:
f9:87:f5:e5:8c:9c:68:86:5a:e3:10:d7:23:8d:59:
2f:fa:28:8d:74:71:a5:9e:e6:2c:7b:22:7f:88:57:
f6:a7:0f:e3:4d:c0:eb:ef:18:79:bb:fc:0c:e8:41:
e2:b0:5c:2b:31:6b:48:59:04:f5:5b:59:16:ea:8c:
69:7f:4a:e7:09:99:dd:a0:c5:89:30:ad:ed:e3:0a:
87:ae:31:ee:77:bf:6b:31:a8:a6:01:04:24:b4:2a:
98:c7:ba:d2:bd:46:7e:9c:c1:3b:e8:d3:69:27:94:
3d:d5:86:d1:08:6d:6e:c7:56:ae:f3:2a:fb:82:6a:
ad:7a:5f:ae:f1:d3:5a:04:56:ee:29:1b:f7:07:ef:
d9:70:e1:12:d1:53:67:2b:5d:f6:7d:84:e6:54:98:
ca:c0:9e:c3:df:5e:e9:28:af:8f:d5:27:ae:2e:a4:
c2:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:81:40:32:E7:DB:DB:E6:09:9B:2F:A8:66:34:73:83:B5:FF:04:77
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/hoFAMufb2-YJmy-oZjRzg7X_BHc.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.48.0/22
43.246.0.0/21
43.246.12.0-43.246.47.255
43.246.52.0-43.246.99.255
103.35.48.0/22
103.236.0.0-103.236.23.255
103.236.28.0-103.236.99.255
Signature Algorithm: sha256WithRSAEncryption
b4:4e:9d:bd:f1:0e:33:90:74:45:db:46:91:23:fc:ab:bf:7d:
09:60:c5:7b:b0:f1:30:b1:00:8d:a9:92:57:b9:80:63:17:11:
63:63:be:31:0a:d7:b1:38:e4:7e:8c:1a:73:51:f8:55:60:11:
6b:93:8f:b2:74:e3:b6:dd:f1:f3:e2:ba:62:17:91:8b:f5:54:
ac:f0:83:a5:10:b5:0d:d3:49:5d:73:54:78:86:fd:08:f6:17:
1d:89:f1:e9:95:47:30:85:ac:0e:8b:09:b7:ad:69:f1:02:1c:
4c:57:b0:62:bf:ae:a4:02:ad:a5:d4:0e:2f:ed:e0:d8:44:41:
9e:30:d7:a0:2f:92:87:b9:55:a2:b1:71:09:90:72:e2:82:b6:
95:a7:53:7d:0e:5e:8b:4b:f4:d0:5c:00:f8:7a:37:b2:7d:37:
72:f9:1e:63:29:f6:ad:48:59:66:8d:23:88:40:64:e0:b0:c7:
b8:5a:26:95:59:39:20:c5:85:0e:2d:bf:6d:47:f9:0f:18:1a:
17:86:5c:2a:af:01:87:cc:8c:f2:fc:0f:59:17:90:4a:5e:3a:
82:74:08:16:63:37:c7:0e:f3:d5:b9:18:ee:90:fb:95:86:46:
e0:64:fb:ec:d4:39:bb:5f:2f:43:ef:a2:ff:d2:c2:01:54:94:
21:75:75:b1
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgICY9IwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNTA1MjQw
NjQwNTFaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDg2ODE0MDMyRTdEQkRC
RTYwOTlCMkZBODY2MzQ3MzgzQjVGRjA0NzcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC2W7kFEmdvB/bOAMSoJvD8T/s5iRiKOYeOy4vqaPl5yVXyFEmU
YDLH2vj4UNuyAApOgFZ1CX14sbd9ZV1BIrSQkexcF2fITLsK7wF6C2moJ0b18ubx
ghoLo/mH9eWMnGiGWuMQ1yONWS/6KI10caWe5ix7In+IV/anD+NNwOvvGHm7/Azo
QeKwXCsxa0hZBPVbWRbqjGl/SucJmd2gxYkwre3jCoeuMe53v2sxqKYBBCS0KpjH
utK9Rn6cwTvo02knlD3VhtEIbW7HVq7zKvuCaq16X67x01oEVu4pG/cH79lw4RLR
U2crXfZ9hOZUmMrAnsPfXukor4/VJ64upMJPAgMBAAGjggI0MIICMDAdBgNVHQ4E
FgQUhoFAMufb2+YJmy+oZjRzg7X/BHcwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2hvRkFNdWZiMi1ZSm15
LW9aalJ6ZzdYX0JIYy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwYgYIKwYBBQUHAQcBAf8EUzBRME8EAgABMEkD
BAIr7zADBAMr9gAwDAMEAiv2DAMEBCv2IDAMAwQCK/Y0AwQCK/ZgAwQCZyMwMAsD
AwJn7AMEA2fsEDAMAwQCZ+wcAwQCZ+xgMA0GCSqGSIb3DQEBCwUAA4IBAQC0Tp29
8Q4zkHRF20aRI/yrv30JYMV7sPEwsQCNqZJXuYBjFxFjY74xCtexOOR+jBpzUfhV
YBFrk4+ydOO23fHz4rpiF5GL9VSs8IOlELUN00ldc1R4hv0I9hcdifHplUcwhawO
iwm3rWnxAhxMV7Biv66kAq2l1A4v7eDYREGeMNegL5KHuVWisXEJkHLigraVp1N9
Dl6LS/TQXAD4ejeyfTdy+R5jKfatSFlmjSOIQGTgsMe4WiaVWTkgxYUOLb9tR/kP
GBoXhlwqrwGHzIzy/A9ZF5BKXjqCdAgWYzfHDvPVuRjukPuVhkbgZPvs1Dm7Xy9D
76L/0sIBVJQhdXWx
-----END CERTIFICATE-----
Generated at Sun Jul 20 16:38:23 2025 by rpki-client