Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/jK0QPSoCQWwe_bvEKFzrPyLLjeA.roa
File: jK0QPSoCQWwe_bvEKFzrPyLLjeA.roa (raw, json)
Hash identifier: YZKGcoDAv8XepgYV5JqYqic4Uui9P9HtMMZgLw2Gqm4=
Subject key identifier: 8C:AD:10:3D:2A:02:41:6C:1E:FD:BB:C4:28:5C:EB:3F:22:CB:8D:E0
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 6384
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/jK0QPSoCQWwe_bvEKFzrPyLLjeA.roa
Signing time: Fri 23 May 2025 11:11:12 +0000
ROA not before: Fri 23 May 2025 11:11:12 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 24426
IP address blocks: 43.239.48.0/22 maxlen: 22
43.246.0.0/22 maxlen: 22
43.246.4.0/22 maxlen: 22
43.246.12.0/22 maxlen: 22
43.246.16.0/22 maxlen: 22
43.246.20.0/22 maxlen: 22
43.246.24.0/22 maxlen: 22
43.246.28.0/22 maxlen: 22
43.246.32.0/22 maxlen: 22
43.246.36.0/22 maxlen: 22
43.246.40.0/22 maxlen: 22
43.246.44.0/22 maxlen: 22
43.246.52.0/22 maxlen: 22
43.246.56.0/22 maxlen: 22
43.246.60.0/22 maxlen: 22
43.246.64.0/22 maxlen: 22
43.246.68.0/22 maxlen: 22
43.246.72.0/22 maxlen: 22
43.246.76.0/22 maxlen: 22
43.246.80.0/22 maxlen: 22
43.246.84.0/22 maxlen: 22
43.246.88.0/22 maxlen: 22
43.246.92.0/22 maxlen: 22
43.246.96.0/22 maxlen: 22
103.35.48.0/22 maxlen: 22
103.236.0.0/22 maxlen: 22
103.236.4.0/22 maxlen: 22
103.236.8.0/22 maxlen: 22
103.236.12.0/22 maxlen: 22
103.236.16.0/22 maxlen: 22
103.236.20.0/22 maxlen: 22
103.236.28.0/22 maxlen: 22
103.236.32.0/22 maxlen: 22
103.236.36.0/22 maxlen: 22
103.236.40.0/22 maxlen: 22
103.236.44.0/22 maxlen: 22
103.236.48.0/22 maxlen: 22
103.236.52.0/22 maxlen: 22
103.236.56.0/22 maxlen: 22
103.236.60.0/22 maxlen: 22
103.236.64.0/22 maxlen: 22
103.236.68.0/22 maxlen: 22
103.236.72.0/22 maxlen: 22
103.236.76.0/22 maxlen: 22
103.236.80.0/22 maxlen: 22
103.236.84.0/22 maxlen: 22
103.236.88.0/22 maxlen: 22
103.236.92.0/22 maxlen: 22
103.236.96.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 25476 (0x6384)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 23 11:11:12 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=8CAD103D2A02416C1EFDBBC4285CEB3F22CB8DE0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:c6:fa:b0:6d:c1:29:c0:a1:41:4d:ee:90:04:
24:1b:28:aa:24:58:7f:fa:78:c5:9b:9c:f1:49:f3:
02:28:f7:2b:33:4a:52:53:f4:cd:61:a8:dc:7d:d7:
46:ea:00:8c:2a:09:e2:ea:2d:43:37:d2:7b:1e:6e:
eb:c2:44:ae:af:6c:aa:37:e6:9c:fb:47:ec:02:ca:
6b:7b:8f:d8:d3:56:0b:bc:8c:3f:af:85:f1:e5:95:
b7:5b:50:f6:ad:af:8c:f8:81:46:a3:c6:b6:6f:89:
f2:cf:dc:d1:af:30:bc:18:54:bd:10:4a:74:6b:f4:
05:d2:ab:eb:08:25:c1:ed:99:de:ac:20:92:ae:39:
a6:9f:6d:49:e2:30:2f:10:98:37:77:b5:31:f8:4f:
7a:5f:aa:06:49:9f:fa:ec:23:82:f7:1b:1e:3e:a7:
f3:84:83:f0:b7:3d:b2:39:36:2e:3a:68:11:4a:3e:
f9:05:ad:de:84:7c:ae:3d:1e:01:55:6f:41:20:50:
76:4a:1a:ab:ac:d9:aa:d8:0b:e4:a3:20:59:d6:7f:
c4:36:fa:a4:4f:30:57:ba:b1:57:c2:69:37:96:86:
59:f9:3e:44:b4:26:92:0b:d9:5d:a4:e3:56:ce:81:
80:16:46:9f:4d:91:a3:f4:96:86:d7:6c:dc:72:a0:
39:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:AD:10:3D:2A:02:41:6C:1E:FD:BB:C4:28:5C:EB:3F:22:CB:8D:E0
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/jK0QPSoCQWwe_bvEKFzrPyLLjeA.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.48.0/22
43.246.0.0/21
43.246.12.0-43.246.47.255
43.246.52.0-43.246.99.255
103.35.48.0/22
103.236.0.0-103.236.23.255
103.236.28.0-103.236.99.255
Signature Algorithm: sha256WithRSAEncryption
bb:ec:f8:88:39:c2:e4:d0:a4:a7:70:2a:5b:af:1e:cb:ee:26:
62:d8:be:e4:21:51:11:83:a1:2c:b2:ed:28:e5:ab:be:85:10:
dd:4c:95:f3:02:be:5e:92:bd:2b:dd:00:98:a1:c3:05:84:d5:
a5:8e:e4:0e:96:27:d6:7b:35:37:d7:66:37:3b:f5:79:8c:b0:
40:fc:1c:d6:d5:fd:4a:03:e9:c9:ed:f9:61:46:b2:a1:f0:95:
89:8a:63:76:e7:b1:f0:e4:fd:49:d0:44:c7:54:75:ea:c3:89:
92:03:76:26:0e:23:c7:83:53:60:1b:dc:04:c4:d1:30:ab:a5:
b7:d0:77:85:76:3d:40:dd:30:ee:60:04:30:74:53:2c:34:5c:
27:d5:1c:1f:6e:cd:42:2f:cb:eb:63:3f:72:31:6c:d9:b2:9d:
0d:ec:3b:8e:a1:82:66:99:a1:8e:63:31:5f:b7:02:67:6a:18:
8b:70:f4:63:ee:f9:34:ce:0a:21:82:db:ec:1c:41:4f:3e:db:
08:0f:85:18:12:99:81:f1:9d:9d:3f:15:b6:c0:95:4a:b9:e7:
a7:fb:17:db:ac:cf:a1:e3:6e:37:94:4b:ef:aa:24:7e:3f:f7:
3d:4b:a8:8b:f3:82:02:15:f1:ad:18:9f:06:43:39:9b:cd:48:
43:1e:9d:e1
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgICY4QwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNTA1MjMx
MTExMTJaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDhDQUQxMDNEMkEwMjQx
NkMxRUZEQkJDNDI4NUNFQjNGMjJDQjhERTAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDAxvqwbcEpwKFBTe6QBCQbKKokWH/6eMWbnPFJ8wIo9yszSlJT
9M1hqNx910bqAIwqCeLqLUM30nsebuvCRK6vbKo35pz7R+wCymt7j9jTVgu8jD+v
hfHllbdbUPatr4z4gUajxrZvifLP3NGvMLwYVL0QSnRr9AXSq+sIJcHtmd6sIJKu
OaafbUniMC8QmDd3tTH4T3pfqgZJn/rsI4L3Gx4+p/OEg/C3PbI5Ni46aBFKPvkF
rd6EfK49HgFVb0EgUHZKGqus2arYC+SjIFnWf8Q2+qRPMFe6sVfCaTeWhln5PkS0
JpIL2V2k41bOgYAWRp9NkaP0lobXbNxyoDllAgMBAAGjggI0MIICMDAdBgNVHQ4E
FgQUjK0QPSoCQWwe/bvEKFzrPyLLjeAwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2pLMFFQU29DUVd3ZV9i
dkVLRnpyUHlMTGplQS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwYgYIKwYBBQUHAQcBAf8EUzBRME8EAgABMEkD
BAIr7zADBAMr9gAwDAMEAiv2DAMEBCv2IDAMAwQCK/Y0AwQCK/ZgAwQCZyMwMAsD
AwJn7AMEA2fsEDAMAwQCZ+wcAwQCZ+xgMA0GCSqGSIb3DQEBCwUAA4IBAQC77PiI
OcLk0KSncCpbrx7L7iZi2L7kIVERg6Essu0o5au+hRDdTJXzAr5ekr0r3QCYocMF
hNWljuQOlifWezU312Y3O/V5jLBA/BzW1f1KA+nJ7flhRrKh8JWJimN257Hw5P1J
0ETHVHXqw4mSA3YmDiPHg1NgG9wExNEwq6W30HeFdj1A3TDuYAQwdFMsNFwn1Rwf
bs1CL8vrYz9yMWzZsp0N7DuOoYJmmaGOYzFftwJnahiLcPRj7vk0zgohgtvsHEFP
PtsID4UYEpmB8Z2dPxW2wJVKueen+xfbrM+h4243lEvvqiR+P/c9S6iL84ICFfGt
GJ8GQzmbzUhDHp3h
-----END CERTIFICATE-----
Generated at Wed Jun 4 01:03:44 2025 by rpki-client