Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/ip6jA7ESVRMXsstVo-f3VnkhwMo.roa
File: ip6jA7ESVRMXsstVo-f3VnkhwMo.roa (raw, json)
Hash identifier: HetLl5v1q9eq62rqbTp2eiEkfAjJZ8pfK1PjgATJkyo=
Subject key identifier: 8A:9E:A3:03:B1:12:55:13:17:B2:CB:55:A3:E7:F7:56:79:21:C0:CA
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 7882
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/ip6jA7ESVRMXsstVo-f3VnkhwMo.roa
Signing time: Fri 18 Jul 2025 16:42:05 +0000
ROA not before: Fri 18 Jul 2025 16:42:05 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 24426
IP address blocks: 43.239.48.0/22 maxlen: 22
43.246.0.0/22 maxlen: 22
43.246.4.0/22 maxlen: 22
43.246.12.0/22 maxlen: 22
43.246.16.0/22 maxlen: 22
43.246.20.0/22 maxlen: 22
43.246.24.0/22 maxlen: 22
43.246.28.0/22 maxlen: 22
43.246.32.0/22 maxlen: 22
43.246.36.0/22 maxlen: 22
43.246.40.0/22 maxlen: 22
43.246.44.0/22 maxlen: 22
43.246.52.0/22 maxlen: 22
43.246.56.0/22 maxlen: 22
43.246.60.0/22 maxlen: 22
43.246.64.0/22 maxlen: 22
43.246.68.0/22 maxlen: 22
43.246.72.0/22 maxlen: 22
43.246.76.0/22 maxlen: 22
43.246.80.0/22 maxlen: 22
43.246.84.0/22 maxlen: 22
43.246.88.0/22 maxlen: 22
43.246.92.0/22 maxlen: 22
43.246.96.0/22 maxlen: 22
103.35.48.0/22 maxlen: 22
103.236.0.0/22 maxlen: 22
103.236.4.0/22 maxlen: 22
103.236.8.0/22 maxlen: 22
103.236.12.0/22 maxlen: 22
103.236.16.0/22 maxlen: 22
103.236.20.0/22 maxlen: 22
103.236.28.0/22 maxlen: 22
103.236.32.0/22 maxlen: 22
103.236.36.0/22 maxlen: 22
103.236.40.0/22 maxlen: 22
103.236.44.0/22 maxlen: 22
103.236.48.0/22 maxlen: 22
103.236.52.0/22 maxlen: 22
103.236.56.0/22 maxlen: 22
103.236.60.0/22 maxlen: 22
103.236.64.0/22 maxlen: 22
103.236.68.0/22 maxlen: 22
103.236.72.0/22 maxlen: 22
103.236.76.0/22 maxlen: 22
103.236.80.0/22 maxlen: 22
103.236.84.0/22 maxlen: 22
103.236.88.0/22 maxlen: 22
103.236.92.0/22 maxlen: 22
103.236.96.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 30850 (0x7882)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Jul 18 16:42:05 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=8A9EA303B112551317B2CB55A3E7F7567921C0CA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:cd:fb:0d:c9:9b:b5:f9:d6:ee:9e:f5:71:a1:
47:7e:01:49:48:76:62:d0:8c:5f:c1:a9:8c:0a:5d:
74:09:44:8e:fa:5f:3a:83:53:1c:90:79:08:c6:46:
f0:ba:04:b1:5b:30:8e:ac:7c:7a:d2:f5:95:78:de:
10:39:30:04:3e:2f:f6:a2:cc:15:d6:c5:6c:ed:7c:
00:7e:b7:0c:45:39:aa:fc:ff:d5:9d:58:39:d0:ee:
83:75:f8:a3:af:72:26:1b:11:a0:be:a1:73:39:b0:
6e:ca:8e:4e:05:b7:b1:31:af:fb:88:71:91:e2:c1:
4f:63:0b:cc:c3:5b:cb:e0:cd:c6:a5:7d:df:8f:0f:
11:c5:09:e6:50:4b:b7:0a:27:03:2b:e6:4f:51:1c:
08:1a:be:80:ab:99:9e:17:0d:3a:9e:fe:fd:c3:18:
ab:7b:52:ba:68:19:b8:8b:20:55:2d:b9:15:22:7a:
2e:df:08:03:5c:53:06:39:37:85:87:59:2c:7d:ba:
de:64:e1:83:c0:fc:b8:ae:2d:14:1e:c1:7d:e5:2e:
0f:81:fa:62:ce:48:60:be:c5:f4:78:b1:88:a1:8b:
29:4b:5d:64:2f:1c:05:5b:ac:bc:04:fe:a1:b0:4c:
51:a9:ca:33:ef:92:1b:a1:fe:1a:18:02:50:6d:69:
be:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:9E:A3:03:B1:12:55:13:17:B2:CB:55:A3:E7:F7:56:79:21:C0:CA
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/ip6jA7ESVRMXsstVo-f3VnkhwMo.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.48.0/22
43.246.0.0/21
43.246.12.0-43.246.47.255
43.246.52.0-43.246.99.255
103.35.48.0/22
103.236.0.0-103.236.23.255
103.236.28.0-103.236.99.255
Signature Algorithm: sha256WithRSAEncryption
ac:c6:fc:56:ac:59:60:62:33:f3:a7:7c:24:dd:f7:02:11:f7:
ce:83:8d:59:2c:fe:3b:de:f4:29:87:8b:c9:ee:99:b8:6a:79:
fc:48:71:5d:8a:57:55:4a:cf:9c:cb:43:e1:38:42:e5:16:fe:
fa:de:e0:2b:41:ff:db:f4:1c:53:af:5c:3a:ad:e1:80:ce:7a:
30:b1:94:5e:86:07:fa:14:cf:b5:a8:80:cb:81:97:5c:9a:48:
5c:95:44:93:aa:84:90:2d:46:75:a1:30:99:17:e6:90:b4:4c:
5d:81:6b:11:62:72:7a:39:4a:8e:03:b9:e7:12:21:ef:b7:b3:
bf:d2:b5:06:75:1b:cd:6e:bc:4e:d1:2f:84:65:f3:c4:5e:87:
52:33:ff:70:43:bb:50:8a:c1:91:2e:94:5a:2e:c9:5a:73:e1:
2b:fb:c9:de:b9:1e:f4:c2:cb:a7:f3:96:fd:3a:09:fd:a8:70:
cd:cb:83:69:e4:b4:15:0d:24:03:b8:e9:2b:c6:b8:1f:8c:1c:
b3:b5:74:0e:93:04:6b:80:f7:b5:ae:dd:2f:82:69:45:ad:13:
14:e6:b7:30:e0:08:2d:7e:23:c3:a6:fc:97:f2:0c:53:af:f6:
d5:0b:5d:2c:c7:35:bb:35:4d:44:0a:c1:8e:9b:48:a0:6c:37:
49:e9:f7:65
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgICeIIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNTA3MTgx
NjQyMDVaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDhBOUVBMzAzQjExMjU1
MTMxN0IyQ0I1NUEzRTdGNzU2NzkyMUMwQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCzzfsNyZu1+dbunvVxoUd+AUlIdmLQjF/BqYwKXXQJRI76XzqD
UxyQeQjGRvC6BLFbMI6sfHrS9ZV43hA5MAQ+L/aizBXWxWztfAB+twxFOar8/9Wd
WDnQ7oN1+KOvciYbEaC+oXM5sG7Kjk4Ft7Exr/uIcZHiwU9jC8zDW8vgzcalfd+P
DxHFCeZQS7cKJwMr5k9RHAgavoCrmZ4XDTqe/v3DGKt7UrpoGbiLIFUtuRUiei7f
CANcUwY5N4WHWSx9ut5k4YPA/LiuLRQewX3lLg+B+mLOSGC+xfR4sYihiylLXWQv
HAVbrLwE/qGwTFGpyjPvkhuh/hoYAlBtab5bAgMBAAGjggI0MIICMDAdBgNVHQ4E
FgQUip6jA7ESVRMXsstVo+f3VnkhwMowHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2lwNmpBN0VTVlJNWHNz
dFZvLWYzVm5raHdNby5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwYgYIKwYBBQUHAQcBAf8EUzBRME8EAgABMEkD
BAIr7zADBAMr9gAwDAMEAiv2DAMEBCv2IDAMAwQCK/Y0AwQCK/ZgAwQCZyMwMAsD
AwJn7AMEA2fsEDAMAwQCZ+wcAwQCZ+xgMA0GCSqGSIb3DQEBCwUAA4IBAQCsxvxW
rFlgYjPzp3wk3fcCEffOg41ZLP473vQph4vJ7pm4ann8SHFdildVSs+cy0PhOELl
Fv763uArQf/b9BxTr1w6reGAznowsZRehgf6FM+1qIDLgZdcmkhclUSTqoSQLUZ1
oTCZF+aQtExdgWsRYnJ6OUqOA7nnEiHvt7O/0rUGdRvNbrxO0S+EZfPEXodSM/9w
Q7tQisGRLpRaLslac+Er+8neuR70wsun85b9Ogn9qHDNy4Np5LQVDSQDuOkrxrgf
jByztXQOkwRrgPe1rt0vgmlFrRMU5rcw4AgtfiPDpvyX8gxTr/bVC10sxzW7NU1E
CsGOm0igbDdJ6fdl
-----END CERTIFICATE-----
Generated at Sun Jul 20 12:37:07 2025 by rpki-client