Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/j1fgx8-JlJHrBs5Txel7yAiUX9Q.roa
File: j1fgx8-JlJHrBs5Txel7yAiUX9Q.roa (raw, json)
Hash identifier: v90K+hldigIjMeHbQmRVJQ12hCcdGEdi7/P0D4rw6x4=
Subject key identifier: 8F:57:E0:C7:CF:89:94:91:EB:06:CE:53:C5:E9:7B:C8:08:94:5F:D4
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 6190
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/j1fgx8-JlJHrBs5Txel7yAiUX9Q.roa
Signing time: Sun 18 May 2025 06:10:36 +0000
ROA not before: Sun 18 May 2025 06:10:36 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 24426
IP address blocks: 43.239.48.0/22 maxlen: 22
43.246.0.0/22 maxlen: 22
43.246.4.0/22 maxlen: 22
43.246.12.0/22 maxlen: 22
43.246.16.0/22 maxlen: 22
43.246.20.0/22 maxlen: 22
43.246.24.0/22 maxlen: 22
43.246.28.0/22 maxlen: 22
43.246.32.0/22 maxlen: 22
43.246.36.0/22 maxlen: 22
43.246.40.0/22 maxlen: 22
43.246.44.0/22 maxlen: 22
43.246.52.0/22 maxlen: 22
43.246.56.0/22 maxlen: 22
43.246.60.0/22 maxlen: 22
43.246.64.0/22 maxlen: 22
43.246.68.0/22 maxlen: 22
43.246.72.0/22 maxlen: 22
43.246.76.0/22 maxlen: 22
43.246.80.0/22 maxlen: 22
43.246.84.0/22 maxlen: 22
43.246.88.0/22 maxlen: 22
43.246.92.0/22 maxlen: 22
43.246.96.0/22 maxlen: 22
103.35.48.0/22 maxlen: 22
103.236.0.0/22 maxlen: 22
103.236.4.0/22 maxlen: 22
103.236.8.0/22 maxlen: 22
103.236.12.0/22 maxlen: 22
103.236.16.0/22 maxlen: 22
103.236.20.0/22 maxlen: 22
103.236.28.0/22 maxlen: 22
103.236.32.0/22 maxlen: 22
103.236.36.0/22 maxlen: 22
103.236.40.0/22 maxlen: 22
103.236.44.0/22 maxlen: 22
103.236.48.0/22 maxlen: 22
103.236.52.0/22 maxlen: 22
103.236.56.0/22 maxlen: 22
103.236.60.0/22 maxlen: 22
103.236.64.0/22 maxlen: 22
103.236.68.0/22 maxlen: 22
103.236.72.0/22 maxlen: 22
103.236.76.0/22 maxlen: 22
103.236.80.0/22 maxlen: 22
103.236.84.0/22 maxlen: 22
103.236.88.0/22 maxlen: 22
103.236.92.0/22 maxlen: 22
103.236.96.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 24976 (0x6190)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 18 06:10:36 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=8F57E0C7CF899491EB06CE53C5E97BC808945FD4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:fa:17:ec:58:5e:75:0e:d1:4a:c8:af:c1:da:
e6:db:25:cc:6d:e9:ba:34:0b:f8:d4:e1:60:d6:c9:
df:65:a5:04:37:e0:24:32:ed:03:10:c2:cb:6e:0f:
ee:62:7d:ce:e9:c5:7e:0c:57:32:4f:cd:84:03:52:
b0:b0:67:ad:78:47:be:25:db:ce:66:31:c6:0d:5e:
a3:53:bd:d8:2c:40:a1:6a:47:0c:29:4d:c5:c9:90:
8a:14:8e:47:6c:fa:c7:0d:c8:fd:d5:c9:e8:d2:bc:
9d:0b:b4:d4:1e:3c:5e:b3:53:ff:54:1b:14:28:1c:
ee:47:4e:76:e9:15:e0:81:39:3f:bc:70:38:e4:da:
10:a0:2b:ce:91:ae:b1:aa:05:20:2f:c7:ed:11:16:
6e:64:6e:fa:5a:63:87:df:38:80:42:09:a3:53:99:
b2:7a:4c:41:74:85:85:bd:e2:fe:04:53:dc:2e:4a:
34:04:67:0e:5f:93:fc:7e:94:9c:94:50:a0:8c:b0:
56:d1:0b:04:a6:3b:be:79:10:5b:ae:01:68:30:ab:
2e:cc:4c:f0:79:4d:3f:38:7f:b8:9e:3e:4a:af:4d:
44:d8:f2:12:ac:35:0c:3a:da:47:2a:33:53:ed:43:
be:86:f8:66:cb:f5:c9:74:d0:79:a2:a7:e0:0f:9d:
7c:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:57:E0:C7:CF:89:94:91:EB:06:CE:53:C5:E9:7B:C8:08:94:5F:D4
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/j1fgx8-JlJHrBs5Txel7yAiUX9Q.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.48.0/22
43.246.0.0/21
43.246.12.0-43.246.47.255
43.246.52.0-43.246.99.255
103.35.48.0/22
103.236.0.0-103.236.23.255
103.236.28.0-103.236.99.255
Signature Algorithm: sha256WithRSAEncryption
25:75:16:b6:51:c7:cc:76:35:93:53:01:f0:5b:a1:ce:33:24:
aa:d6:c7:82:13:9b:8e:98:15:78:d3:8f:3d:30:64:9b:b0:ab:
a0:73:b4:52:c5:db:86:be:a7:ef:c0:af:fd:ea:6f:71:bb:cb:
ec:87:9a:1d:19:53:c7:31:a8:41:73:16:11:f6:ac:32:f9:5d:
6d:58:b1:1e:cd:5e:ce:ef:89:88:ad:62:48:51:98:6c:f4:0d:
1a:d9:b0:f4:7b:93:9b:00:fb:a8:50:1a:70:73:21:c4:16:6c:
90:a3:a1:15:66:52:f5:c8:7f:8a:db:d2:d6:fb:17:0a:28:a3:
9b:88:44:ab:ed:a0:11:4e:b5:0c:31:81:1a:d0:78:8b:cb:3e:
88:e9:2a:d8:d1:22:12:81:f2:4e:58:d2:57:25:aa:ee:57:b9:
f4:64:7d:4c:96:c3:57:fa:c2:c9:33:c3:d8:85:d8:1e:27:23:
1d:7c:fd:4a:82:4e:e0:cc:fe:7d:62:a1:fe:11:f6:b0:0d:7c:
c4:df:a5:18:20:60:61:64:b3:17:b6:1b:a4:29:36:fb:a3:84:
24:a9:83:09:07:ae:af:28:a8:98:82:98:70:3b:be:28:7f:dc:
84:fd:1c:7a:ed:20:b9:82:98:bc:e7:68:2d:e3:98:f6:e0:6b:
30:6e:51:8b
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgICYZAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNTA1MTgw
NjEwMzZaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDhGNTdFMEM3Q0Y4OTk0
OTFFQjA2Q0U1M0M1RTk3QkM4MDg5NDVGRDQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDn+hfsWF51DtFKyK/B2ubbJcxt6bo0C/jU4WDWyd9lpQQ34CQy
7QMQwstuD+5ifc7pxX4MVzJPzYQDUrCwZ614R74l285mMcYNXqNTvdgsQKFqRwwp
TcXJkIoUjkds+scNyP3VyejSvJ0LtNQePF6zU/9UGxQoHO5HTnbpFeCBOT+8cDjk
2hCgK86RrrGqBSAvx+0RFm5kbvpaY4ffOIBCCaNTmbJ6TEF0hYW94v4EU9wuSjQE
Zw5fk/x+lJyUUKCMsFbRCwSmO755EFuuAWgwqy7MTPB5TT84f7iePkqvTUTY8hKs
NQw62kcqM1PtQ76G+GbL9cl00Hmip+APnXyVAgMBAAGjggI0MIICMDAdBgNVHQ4E
FgQUj1fgx8+JlJHrBs5Txel7yAiUX9QwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2oxZmd4OC1KbEpIckJz
NVR4ZWw3eUFpVVg5US5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwYgYIKwYBBQUHAQcBAf8EUzBRME8EAgABMEkD
BAIr7zADBAMr9gAwDAMEAiv2DAMEBCv2IDAMAwQCK/Y0AwQCK/ZgAwQCZyMwMAsD
AwJn7AMEA2fsEDAMAwQCZ+wcAwQCZ+xgMA0GCSqGSIb3DQEBCwUAA4IBAQAldRa2
UcfMdjWTUwHwW6HOMySq1seCE5uOmBV40489MGSbsKugc7RSxduGvqfvwK/96m9x
u8vsh5odGVPHMahBcxYR9qwy+V1tWLEezV7O74mIrWJIUZhs9A0a2bD0e5ObAPuo
UBpwcyHEFmyQo6EVZlL1yH+K29LW+xcKKKObiESr7aARTrUMMYEa0HiLyz6I6SrY
0SISgfJOWNJXJaruV7n0ZH1MlsNX+sLJM8PYhdgeJyMdfP1Kgk7gzP59YqH+Efaw
DXzE36UYIGBhZLMXthukKTb7o4QkqYMJB66vKKiYgphwO74of9yE/Rx67SC5gpi8
52gt45j24GswblGL
-----END CERTIFICATE-----
Generated at Wed Jun 4 02:08:34 2025 by rpki-client