Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/pPdvx7Z00YG9HlAB7KkeixkHNQY.roa
File: pPdvx7Z00YG9HlAB7KkeixkHNQY.roa (raw, json)
Hash identifier: jd/a4kif136LXR2V4E0iFIklg9045Bx+IEnrv2MkhH0=
Subject key identifier: A4:F7:6F:C7:B6:74:D1:81:BD:1E:50:01:EC:A9:1E:8B:19:07:35:06
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 6E92
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/pPdvx7Z00YG9HlAB7KkeixkHNQY.roa
Signing time: Sun 22 Jun 2025 10:14:10 +0000
ROA not before: Sun 22 Jun 2025 10:14:10 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 24426
IP address blocks: 43.239.48.0/22 maxlen: 22
43.246.0.0/22 maxlen: 22
43.246.4.0/22 maxlen: 22
43.246.12.0/22 maxlen: 22
43.246.16.0/22 maxlen: 22
43.246.20.0/22 maxlen: 22
43.246.24.0/22 maxlen: 22
43.246.28.0/22 maxlen: 22
43.246.32.0/22 maxlen: 22
43.246.36.0/22 maxlen: 22
43.246.40.0/22 maxlen: 22
43.246.44.0/22 maxlen: 22
43.246.52.0/22 maxlen: 22
43.246.56.0/22 maxlen: 22
43.246.60.0/22 maxlen: 22
43.246.64.0/22 maxlen: 22
43.246.68.0/22 maxlen: 22
43.246.72.0/22 maxlen: 22
43.246.76.0/22 maxlen: 22
43.246.80.0/22 maxlen: 22
43.246.84.0/22 maxlen: 22
43.246.88.0/22 maxlen: 22
43.246.92.0/22 maxlen: 22
43.246.96.0/22 maxlen: 22
103.35.48.0/22 maxlen: 22
103.236.0.0/22 maxlen: 22
103.236.4.0/22 maxlen: 22
103.236.8.0/22 maxlen: 22
103.236.12.0/22 maxlen: 22
103.236.16.0/22 maxlen: 22
103.236.20.0/22 maxlen: 22
103.236.28.0/22 maxlen: 22
103.236.32.0/22 maxlen: 22
103.236.36.0/22 maxlen: 22
103.236.40.0/22 maxlen: 22
103.236.44.0/22 maxlen: 22
103.236.48.0/22 maxlen: 22
103.236.52.0/22 maxlen: 22
103.236.56.0/22 maxlen: 22
103.236.60.0/22 maxlen: 22
103.236.64.0/22 maxlen: 22
103.236.68.0/22 maxlen: 22
103.236.72.0/22 maxlen: 22
103.236.76.0/22 maxlen: 22
103.236.80.0/22 maxlen: 22
103.236.84.0/22 maxlen: 22
103.236.88.0/22 maxlen: 22
103.236.92.0/22 maxlen: 22
103.236.96.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 28306 (0x6e92)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Jun 22 10:14:10 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=A4F76FC7B674D181BD1E5001ECA91E8B19073506
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:27:13:f3:d5:56:c4:56:1d:09:ed:98:ef:c7:
8e:51:5b:0d:58:2d:44:3c:dc:15:7f:9b:b6:31:f0:
dd:52:77:3e:a7:4e:65:0f:d8:7e:74:6c:3b:a9:f5:
ee:8c:70:2f:c0:31:a1:a8:cd:5c:10:3e:e2:41:88:
61:57:2c:64:14:8f:74:24:99:85:94:62:8e:7c:0e:
3f:cb:69:e2:17:9c:70:af:e2:0d:10:b9:41:ad:47:
a1:47:a8:28:60:d3:51:9b:1d:d4:03:59:f5:e4:b4:
bd:4e:1d:6d:20:db:d0:a4:95:09:c1:a0:59:fd:46:
77:22:3a:0e:35:08:6b:d4:d1:a9:70:ad:6d:3b:fd:
33:6f:f3:2b:82:6e:0e:b8:bf:fb:58:87:ba:b8:33:
ee:65:82:8c:84:d4:98:57:6c:18:5e:35:d6:65:27:
6c:55:39:f2:e5:2d:9e:73:da:7d:7f:c3:39:77:82:
56:14:5e:e8:47:2d:8e:99:54:36:f1:ff:23:8e:e2:
28:c9:c3:0b:93:d8:c8:49:36:12:f7:08:d6:4a:00:
6d:d7:5f:b5:dc:49:12:3b:7b:8b:cd:59:fd:b1:15:
bb:9b:aa:e3:a5:3e:ae:a6:9e:52:d3:49:9f:b4:31:
7f:d2:4f:55:d7:4b:c9:fa:1a:bd:11:2a:b7:5d:cc:
11:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:F7:6F:C7:B6:74:D1:81:BD:1E:50:01:EC:A9:1E:8B:19:07:35:06
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/pPdvx7Z00YG9HlAB7KkeixkHNQY.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.48.0/22
43.246.0.0/21
43.246.12.0-43.246.47.255
43.246.52.0-43.246.99.255
103.35.48.0/22
103.236.0.0-103.236.23.255
103.236.28.0-103.236.99.255
Signature Algorithm: sha256WithRSAEncryption
aa:26:b8:6a:b5:9c:94:17:3d:16:cc:ac:b2:84:a1:a5:1c:eb:
2d:93:4c:87:d3:fe:7c:83:42:6a:c3:f5:eb:91:fe:da:6a:7c:
f1:50:66:91:83:01:b2:d6:af:7d:21:2a:aa:5e:d2:9a:ea:bd:
c5:4f:1e:6a:99:0c:7e:59:43:31:18:50:da:48:b4:73:82:06:
89:07:21:74:9e:2f:b5:71:1b:d2:66:73:97:40:23:7f:18:c6:
fd:6e:b5:43:31:43:c8:f1:54:9d:3c:a7:53:18:cf:44:ad:da:
d7:22:0b:ae:6e:40:bb:79:63:e4:ef:a3:03:09:ac:d2:a8:db:
28:44:1a:a9:50:65:b1:65:62:00:84:4d:36:91:89:18:90:d2:
da:0e:b6:dd:f8:9e:14:77:43:e0:dd:d3:df:52:d8:23:9e:71:
cd:7b:0b:ec:2a:4b:58:ab:a8:ab:2c:a7:f4:d6:58:f8:7d:bf:
3e:6c:b8:1e:d0:0f:1d:a4:41:7a:7e:fe:ed:ec:54:77:d7:ed:
ce:42:f1:25:e5:18:93:22:2c:64:82:23:7b:46:99:5f:31:a4:
a9:2b:33:b1:a5:01:9b:d7:60:f8:96:95:3b:50:48:e3:92:91:
ca:df:5f:b7:75:ee:59:76:22:d2:54:29:27:de:25:fe:b8:c4:
f4:27:59:f3
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgICbpIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNTA2MjIx
MDE0MTBaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKEE0Rjc2RkM3QjY3NEQx
ODFCRDFFNTAwMUVDQTkxRThCMTkwNzM1MDYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDBJxPz1VbEVh0J7Zjvx45RWw1YLUQ83BV/m7Yx8N1Sdz6nTmUP
2H50bDup9e6McC/AMaGozVwQPuJBiGFXLGQUj3QkmYWUYo58Dj/LaeIXnHCv4g0Q
uUGtR6FHqChg01GbHdQDWfXktL1OHW0g29CklQnBoFn9RnciOg41CGvU0alwrW07
/TNv8yuCbg64v/tYh7q4M+5lgoyE1JhXbBheNdZlJ2xVOfLlLZ5z2n1/wzl3glYU
XuhHLY6ZVDbx/yOO4ijJwwuT2MhJNhL3CNZKAG3XX7XcSRI7e4vNWf2xFbubquOl
Pq6mnlLTSZ+0MX/ST1XXS8n6Gr0RKrddzBGPAgMBAAGjggI0MIICMDAdBgNVHQ4E
FgQUpPdvx7Z00YG9HlAB7KkeixkHNQYwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3BQZHZ4N1owMFlHOUhs
QUI3S2tlaXhrSE5RWS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwYgYIKwYBBQUHAQcBAf8EUzBRME8EAgABMEkD
BAIr7zADBAMr9gAwDAMEAiv2DAMEBCv2IDAMAwQCK/Y0AwQCK/ZgAwQCZyMwMAsD
AwJn7AMEA2fsEDAMAwQCZ+wcAwQCZ+xgMA0GCSqGSIb3DQEBCwUAA4IBAQCqJrhq
tZyUFz0WzKyyhKGlHOstk0yH0/58g0Jqw/Xrkf7aanzxUGaRgwGy1q99ISqqXtKa
6r3FTx5qmQx+WUMxGFDaSLRzggaJByF0ni+1cRvSZnOXQCN/GMb9brVDMUPI8VSd
PKdTGM9ErdrXIguubkC7eWPk76MDCazSqNsoRBqpUGWxZWIAhE02kYkYkNLaDrbd
+J4Ud0Pg3dPfUtgjnnHNewvsKktYq6irLKf01lj4fb8+bLge0A8dpEF6fv7t7FR3
1+3OQvEl5RiTIixkgiN7RplfMaSpKzOxpQGb12D4lpU7UEjjkpHK31+3de5ZdiLS
VCkn3iX+uMT0J1nz
-----END CERTIFICATE-----
Generated at Sun Jul 20 12:35:54 2025 by rpki-client