Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/meiEurQzKlPs5ugxrV3-_LIU0gw.roa
File: meiEurQzKlPs5ugxrV3-_LIU0gw.roa (raw, json)
Hash identifier: ZMkcz/Bmb995BjJ+cVQuuPV+nE53FplEiGwwo8vNl8k=
Subject key identifier: 99:E8:84:BA:B4:33:2A:53:EC:E6:E8:31:AD:5D:FE:FC:B2:14:D2:0C
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 7300
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/meiEurQzKlPs5ugxrV3-_LIU0gw.roa
Signing time: Thu 03 Jul 2025 23:44:57 +0000
ROA not before: Thu 03 Jul 2025 23:44:57 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 24426
IP address blocks: 43.239.48.0/22 maxlen: 22
43.246.0.0/22 maxlen: 22
43.246.4.0/22 maxlen: 22
43.246.12.0/22 maxlen: 22
43.246.16.0/22 maxlen: 22
43.246.20.0/22 maxlen: 22
43.246.24.0/22 maxlen: 22
43.246.28.0/22 maxlen: 22
43.246.32.0/22 maxlen: 22
43.246.36.0/22 maxlen: 22
43.246.40.0/22 maxlen: 22
43.246.44.0/22 maxlen: 22
43.246.52.0/22 maxlen: 22
43.246.56.0/22 maxlen: 22
43.246.60.0/22 maxlen: 22
43.246.64.0/22 maxlen: 22
43.246.68.0/22 maxlen: 22
43.246.72.0/22 maxlen: 22
43.246.76.0/22 maxlen: 22
43.246.80.0/22 maxlen: 22
43.246.84.0/22 maxlen: 22
43.246.88.0/22 maxlen: 22
43.246.92.0/22 maxlen: 22
43.246.96.0/22 maxlen: 22
103.35.48.0/22 maxlen: 22
103.236.0.0/22 maxlen: 22
103.236.4.0/22 maxlen: 22
103.236.8.0/22 maxlen: 22
103.236.12.0/22 maxlen: 22
103.236.16.0/22 maxlen: 22
103.236.20.0/22 maxlen: 22
103.236.28.0/22 maxlen: 22
103.236.32.0/22 maxlen: 22
103.236.36.0/22 maxlen: 22
103.236.40.0/22 maxlen: 22
103.236.44.0/22 maxlen: 22
103.236.48.0/22 maxlen: 22
103.236.52.0/22 maxlen: 22
103.236.56.0/22 maxlen: 22
103.236.60.0/22 maxlen: 22
103.236.64.0/22 maxlen: 22
103.236.68.0/22 maxlen: 22
103.236.72.0/22 maxlen: 22
103.236.76.0/22 maxlen: 22
103.236.80.0/22 maxlen: 22
103.236.84.0/22 maxlen: 22
103.236.88.0/22 maxlen: 22
103.236.92.0/22 maxlen: 22
103.236.96.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 29440 (0x7300)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Jul 3 23:44:57 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=99E884BAB4332A53ECE6E831AD5DFEFCB214D20C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:55:50:1a:46:11:d2:77:06:23:2d:48:7e:b8:
8b:8b:95:39:3b:37:41:0e:79:c7:d2:d3:8d:cc:ae:
06:2a:4f:59:30:cb:37:5b:d0:9c:ad:d8:5a:d7:24:
da:78:88:5c:97:aa:ba:15:66:46:c6:d9:dd:e0:00:
a5:b9:24:11:32:08:f0:c1:99:d9:ac:11:62:e5:b1:
5d:01:e0:0c:76:0a:dc:77:39:16:1e:5b:76:5c:f8:
ab:08:71:4e:37:52:ff:f7:eb:a5:b0:b3:79:67:5c:
26:ba:99:59:86:8d:8e:e1:65:9c:e8:19:59:cf:27:
96:aa:a5:56:d4:84:48:27:6b:2f:40:17:7d:e1:f3:
ad:95:7a:16:02:2e:83:9a:0b:31:4c:fc:0f:50:e9:
1b:59:00:11:67:2c:7d:3e:12:7f:63:4c:f8:fa:e8:
7e:4a:62:23:b6:7c:fd:56:a8:d0:05:7c:79:d3:f8:
f9:c0:05:5a:59:9c:c9:8c:01:28:ae:13:ae:91:5f:
36:8a:32:c4:99:b6:ab:82:5d:0b:ae:96:0a:41:af:
55:d0:59:3e:50:ce:4d:6b:1f:15:14:24:9c:cc:b1:
f2:05:77:3d:b2:71:46:2a:d6:5c:0d:85:af:cd:20:
c9:6f:2c:16:c7:7c:b1:4c:28:d2:0a:26:51:66:76:
d6:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:E8:84:BA:B4:33:2A:53:EC:E6:E8:31:AD:5D:FE:FC:B2:14:D2:0C
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/meiEurQzKlPs5ugxrV3-_LIU0gw.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.48.0/22
43.246.0.0/21
43.246.12.0-43.246.47.255
43.246.52.0-43.246.99.255
103.35.48.0/22
103.236.0.0-103.236.23.255
103.236.28.0-103.236.99.255
Signature Algorithm: sha256WithRSAEncryption
52:2a:dc:8a:82:45:96:d2:08:23:51:87:0d:ab:c5:d0:a7:23:
4f:41:31:ba:06:57:74:7c:5c:6e:17:5e:74:8b:b7:af:11:78:
e6:a1:3c:7c:f8:3d:94:18:0c:f4:00:7d:3e:e2:ad:49:ff:9e:
27:84:27:bc:ee:2f:57:e5:f2:47:f3:e0:21:60:c1:63:ed:0f:
7a:d3:2a:c0:9a:46:fd:58:ed:a8:20:16:5f:1b:71:16:c7:91:
ca:72:a0:70:d0:ab:4d:41:f4:ca:0e:49:12:d7:53:2d:9a:5c:
d4:19:9d:9f:ab:12:8d:b1:50:1b:16:33:72:15:c2:23:57:46:
dd:e5:63:81:1d:94:b7:ed:e6:30:80:bd:57:47:cc:a9:2b:9f:
06:c7:83:ff:a5:e4:4f:9d:44:48:ee:42:c2:1c:a3:bd:3b:13:
4c:92:dd:e1:05:eb:20:f5:c0:f4:bd:30:9e:80:35:2b:0c:6f:
84:a0:6e:27:a5:7f:59:7f:73:c4:3d:02:f8:88:c0:5a:fd:a1:
60:bf:84:d0:fe:64:ea:84:d4:ec:b9:3c:3f:76:1b:26:21:dc:
83:f4:5c:1a:55:d6:d3:4b:da:ce:a3:f1:dd:3f:67:f5:95:22:
5f:95:d7:d6:9e:d7:fb:a5:4c:fd:29:72:5a:8e:fa:40:f9:01:
97:5e:7a:6d
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgICcwAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNTA3MDMy
MzQ0NTdaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDk5RTg4NEJBQjQzMzJB
NTNFQ0U2RTgzMUFENURGRUZDQjIxNEQyMEMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC0VVAaRhHSdwYjLUh+uIuLlTk7N0EOecfS043MrgYqT1kwyzdb
0Jyt2FrXJNp4iFyXqroVZkbG2d3gAKW5JBEyCPDBmdmsEWLlsV0B4Ax2Ctx3ORYe
W3Zc+KsIcU43Uv/366Wws3lnXCa6mVmGjY7hZZzoGVnPJ5aqpVbUhEgnay9AF33h
862VehYCLoOaCzFM/A9Q6RtZABFnLH0+En9jTPj66H5KYiO2fP1WqNAFfHnT+PnA
BVpZnMmMASiuE66RXzaKMsSZtquCXQuulgpBr1XQWT5Qzk1rHxUUJJzMsfIFdz2y
cUYq1lwNha/NIMlvLBbHfLFMKNIKJlFmdtYVAgMBAAGjggI0MIICMDAdBgNVHQ4E
FgQUmeiEurQzKlPs5ugxrV3+/LIU0gwwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L21laUV1clF6S2xQczV1
Z3hyVjMtX0xJVTBndy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwYgYIKwYBBQUHAQcBAf8EUzBRME8EAgABMEkD
BAIr7zADBAMr9gAwDAMEAiv2DAMEBCv2IDAMAwQCK/Y0AwQCK/ZgAwQCZyMwMAsD
AwJn7AMEA2fsEDAMAwQCZ+wcAwQCZ+xgMA0GCSqGSIb3DQEBCwUAA4IBAQBSKtyK
gkWW0ggjUYcNq8XQpyNPQTG6Bld0fFxuF150i7evEXjmoTx8+D2UGAz0AH0+4q1J
/54nhCe87i9X5fJH8+AhYMFj7Q960yrAmkb9WO2oIBZfG3EWx5HKcqBw0KtNQfTK
DkkS11MtmlzUGZ2fqxKNsVAbFjNyFcIjV0bd5WOBHZS37eYwgL1XR8ypK58Gx4P/
peRPnURI7kLCHKO9OxNMkt3hBesg9cD0vTCegDUrDG+EoG4npX9Zf3PEPQL4iMBa
/aFgv4TQ/mTqhNTsuTw/dhsmIdyD9FwaVdbTS9rOo/HdP2f1lSJfldfWntf7pUz9
KXJajvpA+QGXXnpt
-----END CERTIFICATE-----
Generated at Sun Jul 20 12:41:17 2025 by rpki-client