Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/m6dl5yXtWxoIaMRA7pqA2h7NpO0.roa
File: m6dl5yXtWxoIaMRA7pqA2h7NpO0.roa (raw, json)
Hash identifier: rJFXuM65qK9Ddhj+ifvL5wJMRr93f1JzWBKvTzJ1n+A=
Subject key identifier: 9B:A7:65:E7:25:ED:5B:1A:08:68:C4:40:EE:9A:80:DA:1E:CD:A4:ED
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 751C
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/m6dl5yXtWxoIaMRA7pqA2h7NpO0.roa
Signing time: Wed 09 Jul 2025 14:45:06 +0000
ROA not before: Wed 09 Jul 2025 14:45:06 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 24426
IP address blocks: 43.239.48.0/22 maxlen: 22
43.246.0.0/22 maxlen: 22
43.246.4.0/22 maxlen: 22
43.246.12.0/22 maxlen: 22
43.246.16.0/22 maxlen: 22
43.246.20.0/22 maxlen: 22
43.246.24.0/22 maxlen: 22
43.246.28.0/22 maxlen: 22
43.246.32.0/22 maxlen: 22
43.246.36.0/22 maxlen: 22
43.246.40.0/22 maxlen: 22
43.246.44.0/22 maxlen: 22
43.246.52.0/22 maxlen: 22
43.246.56.0/22 maxlen: 22
43.246.60.0/22 maxlen: 22
43.246.64.0/22 maxlen: 22
43.246.68.0/22 maxlen: 22
43.246.72.0/22 maxlen: 22
43.246.76.0/22 maxlen: 22
43.246.80.0/22 maxlen: 22
43.246.84.0/22 maxlen: 22
43.246.88.0/22 maxlen: 22
43.246.92.0/22 maxlen: 22
43.246.96.0/22 maxlen: 22
103.35.48.0/22 maxlen: 22
103.236.0.0/22 maxlen: 22
103.236.4.0/22 maxlen: 22
103.236.8.0/22 maxlen: 22
103.236.12.0/22 maxlen: 22
103.236.16.0/22 maxlen: 22
103.236.20.0/22 maxlen: 22
103.236.28.0/22 maxlen: 22
103.236.32.0/22 maxlen: 22
103.236.36.0/22 maxlen: 22
103.236.40.0/22 maxlen: 22
103.236.44.0/22 maxlen: 22
103.236.48.0/22 maxlen: 22
103.236.52.0/22 maxlen: 22
103.236.56.0/22 maxlen: 22
103.236.60.0/22 maxlen: 22
103.236.64.0/22 maxlen: 22
103.236.68.0/22 maxlen: 22
103.236.72.0/22 maxlen: 22
103.236.76.0/22 maxlen: 22
103.236.80.0/22 maxlen: 22
103.236.84.0/22 maxlen: 22
103.236.88.0/22 maxlen: 22
103.236.92.0/22 maxlen: 22
103.236.96.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 29980 (0x751c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Jul 9 14:45:06 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=9BA765E725ED5B1A0868C440EE9A80DA1ECDA4ED
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:c6:86:b8:ad:46:8c:18:78:28:84:26:6f:e1:
ad:2a:d0:f2:25:f6:bd:72:5d:d7:f0:9b:27:48:bf:
97:f6:1b:cd:81:8d:04:78:b5:4f:7c:92:d9:3c:ff:
3c:a9:46:47:ca:27:62:98:14:bd:00:bc:b4:7a:c5:
97:46:b0:b5:c0:86:59:ab:62:01:53:be:fc:8e:ad:
35:f6:86:18:42:27:6e:8e:c4:d7:57:9a:e4:34:e3:
3d:f9:a2:23:72:a6:59:21:5a:bb:4c:b8:d2:6e:8f:
08:10:44:c1:b0:a3:bb:e3:84:d2:fa:96:7e:65:2a:
79:e4:79:18:af:85:92:ae:1c:03:63:4c:5e:2d:1e:
52:39:dc:2e:d4:19:0b:c1:0b:01:e9:81:01:19:89:
94:9d:7b:5a:16:26:b0:59:35:e8:3b:25:e8:28:65:
5a:8e:e3:0e:59:3d:58:e8:bc:af:42:6d:a0:58:ea:
2b:33:f8:3e:51:d6:64:85:e2:e8:90:f9:53:bb:a8:
6d:06:83:19:76:33:06:05:a0:c2:e2:ed:6f:c8:f7:
9e:a3:91:ed:0e:79:95:d5:40:ff:26:7f:7a:c6:bf:
16:d4:30:3c:bb:30:99:8c:d2:0a:fe:10:4e:64:d1:
06:99:f6:88:b3:f4:5f:14:5b:12:b0:87:10:34:ce:
ca:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:A7:65:E7:25:ED:5B:1A:08:68:C4:40:EE:9A:80:DA:1E:CD:A4:ED
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/m6dl5yXtWxoIaMRA7pqA2h7NpO0.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.48.0/22
43.246.0.0/21
43.246.12.0-43.246.47.255
43.246.52.0-43.246.99.255
103.35.48.0/22
103.236.0.0-103.236.23.255
103.236.28.0-103.236.99.255
Signature Algorithm: sha256WithRSAEncryption
a6:2a:d9:22:e3:64:3e:65:ca:f0:75:94:03:0e:bd:45:3e:a3:
61:25:a4:62:df:c2:1c:f5:3d:a2:a5:e9:c5:83:37:d4:69:3f:
a2:06:c0:94:d9:e4:d8:f9:8f:f0:65:a0:11:7b:e6:56:d1:37:
53:80:92:ad:05:31:6e:d0:4a:3d:84:1f:55:03:5a:8d:44:bc:
42:ba:63:86:fe:35:76:83:5a:ae:ca:ac:28:da:c8:fc:2c:3c:
40:a1:5c:fc:45:00:9e:65:39:03:74:e1:dc:e7:d0:23:bf:42:
1a:37:7d:ee:a7:80:e3:d8:ed:58:28:6f:ae:14:75:b3:c5:27:
c5:c0:ab:b1:db:40:c0:cd:ee:ce:23:a3:b9:1f:7d:c8:ed:db:
c8:4d:25:f6:1c:7c:7a:18:3b:2b:36:b6:0d:4f:2b:f8:f9:2a:
7f:c1:ef:5c:c6:c2:f8:72:77:c5:96:56:15:dc:3f:ca:7c:4f:
f5:5d:2a:00:de:5b:5b:5b:5f:b2:50:ef:e2:f7:d3:a7:ca:3e:
0f:d8:7a:ea:f6:a4:89:0a:da:00:f0:0d:59:17:65:75:53:4f:
ac:c3:40:e3:c7:9f:0a:7d:89:e2:4e:c6:1a:61:d8:2f:2a:99:
49:9b:5c:d4:8e:53:6a:23:82:42:2a:43:b7:87:a8:03:82:87:
51:9f:48:23
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgICdRwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNTA3MDkx
NDQ1MDZaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDlCQTc2NUU3MjVFRDVC
MUEwODY4QzQ0MEVFOUE4MERBMUVDREE0RUQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDKxoa4rUaMGHgohCZv4a0q0PIl9r1yXdfwmydIv5f2G82BjQR4
tU98ktk8/zypRkfKJ2KYFL0AvLR6xZdGsLXAhlmrYgFTvvyOrTX2hhhCJ26OxNdX
muQ04z35oiNyplkhWrtMuNJujwgQRMGwo7vjhNL6ln5lKnnkeRivhZKuHANjTF4t
HlI53C7UGQvBCwHpgQEZiZSde1oWJrBZNeg7JegoZVqO4w5ZPVjovK9CbaBY6isz
+D5R1mSF4uiQ+VO7qG0Ggxl2MwYFoMLi7W/I956jke0OeZXVQP8mf3rGvxbUMDy7
MJmM0gr+EE5k0QaZ9oiz9F8UWxKwhxA0zspBAgMBAAGjggI0MIICMDAdBgNVHQ4E
FgQUm6dl5yXtWxoIaMRA7pqA2h7NpO0wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L202ZGw1eVh0V3hvSWFN
UkE3cHFBMmg3TnBPMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwYgYIKwYBBQUHAQcBAf8EUzBRME8EAgABMEkD
BAIr7zADBAMr9gAwDAMEAiv2DAMEBCv2IDAMAwQCK/Y0AwQCK/ZgAwQCZyMwMAsD
AwJn7AMEA2fsEDAMAwQCZ+wcAwQCZ+xgMA0GCSqGSIb3DQEBCwUAA4IBAQCmKtki
42Q+ZcrwdZQDDr1FPqNhJaRi38Ic9T2ipenFgzfUaT+iBsCU2eTY+Y/wZaARe+ZW
0TdTgJKtBTFu0Eo9hB9VA1qNRLxCumOG/jV2g1quyqwo2sj8LDxAoVz8RQCeZTkD
dOHc59Ajv0IaN33up4Dj2O1YKG+uFHWzxSfFwKux20DAze7OI6O5H33I7dvITSX2
HHx6GDsrNrYNTyv4+Sp/we9cxsL4cnfFllYV3D/KfE/1XSoA3ltbW1+yUO/i99On
yj4P2Hrq9qSJCtoA8A1ZF2V1U0+sw0Djx58KfYniTsYaYdgvKplJm1zUjlNqI4JC
KkO3h6gDgodRn0gj
-----END CERTIFICATE-----
Generated at Sun Jul 20 12:37:15 2025 by rpki-client