Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/ks1fFJJhs467L9Wh_0vsVXUtJeA.roa
File: ks1fFJJhs467L9Wh_0vsVXUtJeA.roa (raw, json)
Hash identifier: L1drA26BXaw4Ni270Pa80gpCfGR/sVnfvJGTTU5g5TU=
Subject key identifier: 92:CD:5F:14:92:61:B3:8E:BB:2F:D5:A1:FF:4B:EC:55:75:2D:25:E0
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 6074
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/ks1fFJJhs467L9Wh_0vsVXUtJeA.roa
Signing time: Thu 15 May 2025 07:10:21 +0000
ROA not before: Thu 15 May 2025 07:10:21 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 24426
IP address blocks: 43.239.48.0/22 maxlen: 22
43.246.0.0/22 maxlen: 22
43.246.4.0/22 maxlen: 22
43.246.12.0/22 maxlen: 22
43.246.16.0/22 maxlen: 22
43.246.20.0/22 maxlen: 22
43.246.24.0/22 maxlen: 22
43.246.28.0/22 maxlen: 22
43.246.32.0/22 maxlen: 22
43.246.36.0/22 maxlen: 22
43.246.40.0/22 maxlen: 22
43.246.44.0/22 maxlen: 22
43.246.52.0/22 maxlen: 22
43.246.56.0/22 maxlen: 22
43.246.60.0/22 maxlen: 22
43.246.64.0/22 maxlen: 22
43.246.68.0/22 maxlen: 22
43.246.72.0/22 maxlen: 22
43.246.76.0/22 maxlen: 22
43.246.80.0/22 maxlen: 22
43.246.84.0/22 maxlen: 22
43.246.88.0/22 maxlen: 22
43.246.92.0/22 maxlen: 22
43.246.96.0/22 maxlen: 22
103.35.48.0/22 maxlen: 22
103.236.0.0/22 maxlen: 22
103.236.4.0/22 maxlen: 22
103.236.8.0/22 maxlen: 22
103.236.12.0/22 maxlen: 22
103.236.16.0/22 maxlen: 22
103.236.20.0/22 maxlen: 22
103.236.28.0/22 maxlen: 22
103.236.32.0/22 maxlen: 22
103.236.36.0/22 maxlen: 22
103.236.40.0/22 maxlen: 22
103.236.44.0/22 maxlen: 22
103.236.48.0/22 maxlen: 22
103.236.52.0/22 maxlen: 22
103.236.56.0/22 maxlen: 22
103.236.60.0/22 maxlen: 22
103.236.64.0/22 maxlen: 22
103.236.68.0/22 maxlen: 22
103.236.72.0/22 maxlen: 22
103.236.76.0/22 maxlen: 22
103.236.80.0/22 maxlen: 22
103.236.84.0/22 maxlen: 22
103.236.88.0/22 maxlen: 22
103.236.92.0/22 maxlen: 22
103.236.96.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 24692 (0x6074)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 15 07:10:21 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=92CD5F149261B38EBB2FD5A1FF4BEC55752D25E0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:23:7a:ab:08:b1:64:10:19:62:58:1f:00:9a:
46:81:66:e5:1b:4e:bc:cd:34:3a:74:af:65:56:c0:
db:f8:95:aa:29:e7:ed:0c:2d:31:ed:c8:68:cf:a6:
f1:83:f2:1d:c5:e2:26:b2:af:fa:1a:f7:6b:09:9e:
23:28:a2:c2:ed:f9:83:da:0a:3a:f8:7d:50:d8:f2:
42:d6:79:bc:ca:e4:31:fd:86:64:ff:ae:17:1a:c7:
86:bb:20:08:61:9a:99:5a:ef:bc:16:4f:74:65:78:
a9:8d:c8:ae:7a:f7:c3:42:f1:81:db:36:dc:cf:31:
9a:34:a5:f9:4c:73:f6:03:e2:2b:5c:3a:d0:ad:e8:
e4:c9:08:67:cd:52:4d:00:7b:bd:84:d4:f4:c3:58:
77:d8:bc:37:b7:bf:bc:8b:0a:10:cb:7e:57:d6:82:
9f:24:bb:0f:d3:07:ca:61:a0:ca:17:4b:42:ee:d5:
3e:90:3a:54:9f:53:61:a8:75:23:95:79:e0:98:1a:
82:b7:bc:28:e9:d8:63:40:1a:fa:5d:65:33:73:ae:
a3:22:b2:82:db:e8:53:e7:49:14:c1:a8:08:b0:74:
9d:d7:19:1f:aa:94:19:5b:fe:03:f1:0b:18:e7:5c:
7e:4e:95:c6:02:b8:84:0a:bc:50:27:de:0c:f2:59:
97:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:CD:5F:14:92:61:B3:8E:BB:2F:D5:A1:FF:4B:EC:55:75:2D:25:E0
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/ks1fFJJhs467L9Wh_0vsVXUtJeA.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.48.0/22
43.246.0.0/21
43.246.12.0-43.246.47.255
43.246.52.0-43.246.99.255
103.35.48.0/22
103.236.0.0-103.236.23.255
103.236.28.0-103.236.99.255
Signature Algorithm: sha256WithRSAEncryption
35:43:7d:63:26:28:0e:47:ee:15:9f:05:3e:98:c5:b0:f3:5a:
36:50:f0:ff:2a:dd:82:4d:4e:e9:d1:5e:b4:06:86:b7:da:86:
cd:2e:74:5d:09:37:10:9f:77:26:31:d3:43:cd:4e:a5:f4:ed:
3e:9d:70:a3:c6:a3:e0:d9:65:b9:0b:33:9d:14:8f:ed:08:f1:
78:3e:70:b4:8b:8e:60:e3:a0:86:ce:d7:1a:8d:94:14:01:30:
a4:76:5d:99:09:58:26:1e:1d:a9:f4:86:1f:eb:ad:90:53:9d:
05:d6:e2:78:e5:82:93:14:b9:9a:79:59:19:55:b2:59:73:ad:
d3:72:25:b3:d5:d7:3b:ce:32:6f:91:bc:71:ee:f4:12:c1:5b:
c5:5a:2b:0d:ed:fa:57:d5:38:a0:3c:ff:2e:17:36:5b:cc:a8:
58:dd:ac:8c:1d:7e:22:e8:16:2c:e3:2c:1c:7b:88:8d:a2:eb:
8f:aa:81:05:81:0f:2a:72:a5:2b:21:e1:2c:b4:fc:52:f5:4c:
4d:b3:be:a3:e6:d9:96:a4:ea:da:a6:6f:8e:5a:7d:f8:7a:f4:
d7:01:b3:4e:4c:86:ad:cd:5e:c5:16:a0:c4:86:e0:77:70:b1:
be:0d:94:5b:b4:77:81:3d:98:f6:42:10:9e:df:f9:df:60:b5:
5f:76:85:0f
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgICYHQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNTA1MTUw
NzEwMjFaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDkyQ0Q1RjE0OTI2MUIz
OEVCQjJGRDVBMUZGNEJFQzU1NzUyRDI1RTAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCxI3qrCLFkEBliWB8AmkaBZuUbTrzNNDp0r2VWwNv4laop5+0M
LTHtyGjPpvGD8h3F4iayr/oa92sJniMoosLt+YPaCjr4fVDY8kLWebzK5DH9hmT/
rhcax4a7IAhhmpla77wWT3RleKmNyK5698NC8YHbNtzPMZo0pflMc/YD4itcOtCt
6OTJCGfNUk0Ae72E1PTDWHfYvDe3v7yLChDLflfWgp8kuw/TB8phoMoXS0Lu1T6Q
OlSfU2GodSOVeeCYGoK3vCjp2GNAGvpdZTNzrqMisoLb6FPnSRTBqAiwdJ3XGR+q
lBlb/gPxCxjnXH5OlcYCuIQKvFAn3gzyWZcfAgMBAAGjggI0MIICMDAdBgNVHQ4E
FgQUks1fFJJhs467L9Wh/0vsVXUtJeAwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2tzMWZGSkpoczQ2N0w5
V2hfMHZzVlhVdEplQS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwYgYIKwYBBQUHAQcBAf8EUzBRME8EAgABMEkD
BAIr7zADBAMr9gAwDAMEAiv2DAMEBCv2IDAMAwQCK/Y0AwQCK/ZgAwQCZyMwMAsD
AwJn7AMEA2fsEDAMAwQCZ+wcAwQCZ+xgMA0GCSqGSIb3DQEBCwUAA4IBAQA1Q31j
JigOR+4VnwU+mMWw81o2UPD/Kt2CTU7p0V60Boa32obNLnRdCTcQn3cmMdNDzU6l
9O0+nXCjxqPg2WW5CzOdFI/tCPF4PnC0i45g46CGztcajZQUATCkdl2ZCVgmHh2p
9IYf662QU50F1uJ45YKTFLmaeVkZVbJZc63TciWz1dc7zjJvkbxx7vQSwVvFWisN
7fpX1TigPP8uFzZbzKhY3ayMHX4i6BYs4ywce4iNouuPqoEFgQ8qcqUrIeEstPxS
9UxNs76j5tmWpOrapm+OWn34evTXAbNOTIatzV7FFqDEhuB3cLG+DZRbtHeBPZj2
QhCe3/nfYLVfdoUP
-----END CERTIFICATE-----
Generated at Wed Jun 4 01:23:22 2025 by rpki-client