Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/pTB-0chA1ztoYgpmgWRm9byACr0.roa
File: pTB-0chA1ztoYgpmgWRm9byACr0.roa (raw, json)
Hash identifier: 6dvx6sXZT7ef0AQa0CO5NIxycBEYQJZNOaK/o6mj9mY=
Subject key identifier: A5:30:7E:D1:C8:40:D7:3B:68:62:0A:66:81:64:66:F5:BC:80:0A:BD
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 6572
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/pTB-0chA1ztoYgpmgWRm9byACr0.roa
Signing time: Wed 28 May 2025 14:44:00 +0000
ROA not before: Wed 28 May 2025 14:44:00 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 24426
IP address blocks: 43.239.48.0/22 maxlen: 22
43.246.0.0/22 maxlen: 22
43.246.4.0/22 maxlen: 22
43.246.12.0/22 maxlen: 22
43.246.16.0/22 maxlen: 22
43.246.20.0/22 maxlen: 22
43.246.24.0/22 maxlen: 22
43.246.28.0/22 maxlen: 22
43.246.32.0/22 maxlen: 22
43.246.36.0/22 maxlen: 22
43.246.40.0/22 maxlen: 22
43.246.44.0/22 maxlen: 22
43.246.52.0/22 maxlen: 22
43.246.56.0/22 maxlen: 22
43.246.60.0/22 maxlen: 22
43.246.64.0/22 maxlen: 22
43.246.68.0/22 maxlen: 22
43.246.72.0/22 maxlen: 22
43.246.76.0/22 maxlen: 22
43.246.80.0/22 maxlen: 22
43.246.84.0/22 maxlen: 22
43.246.88.0/22 maxlen: 22
43.246.92.0/22 maxlen: 22
43.246.96.0/22 maxlen: 22
103.35.48.0/22 maxlen: 22
103.236.0.0/22 maxlen: 22
103.236.4.0/22 maxlen: 22
103.236.8.0/22 maxlen: 22
103.236.12.0/22 maxlen: 22
103.236.16.0/22 maxlen: 22
103.236.20.0/22 maxlen: 22
103.236.28.0/22 maxlen: 22
103.236.32.0/22 maxlen: 22
103.236.36.0/22 maxlen: 22
103.236.40.0/22 maxlen: 22
103.236.44.0/22 maxlen: 22
103.236.48.0/22 maxlen: 22
103.236.52.0/22 maxlen: 22
103.236.56.0/22 maxlen: 22
103.236.60.0/22 maxlen: 22
103.236.64.0/22 maxlen: 22
103.236.68.0/22 maxlen: 22
103.236.72.0/22 maxlen: 22
103.236.76.0/22 maxlen: 22
103.236.80.0/22 maxlen: 22
103.236.84.0/22 maxlen: 22
103.236.88.0/22 maxlen: 22
103.236.92.0/22 maxlen: 22
103.236.96.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 25970 (0x6572)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 28 14:44:00 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=A5307ED1C840D73B68620A66816466F5BC800ABD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:39:c5:ba:fc:a0:43:ab:cf:e8:03:c9:fe:5c:
35:70:e8:5c:11:3e:34:5e:5c:d4:e3:d8:21:4a:69:
14:68:cd:fd:88:59:06:5f:03:5e:6d:4c:82:3a:12:
b2:22:9b:db:2a:f8:e1:f8:00:d0:a1:73:2e:20:45:
29:28:11:f7:63:94:73:6e:5d:ba:45:54:60:77:c9:
c7:30:b3:88:cf:cc:37:e4:bd:b4:74:84:a0:43:3c:
ae:22:5d:f5:cd:3a:2d:7a:66:72:ee:f5:7e:4c:c0:
b6:f9:7a:a5:4a:d8:8d:42:c3:8a:e2:72:4c:44:d8:
e2:c7:34:52:a5:8b:47:7d:58:a2:82:14:3e:4e:75:
da:59:3a:f5:f1:6d:01:ad:84:f9:97:ba:b6:98:25:
b3:46:93:94:a8:ba:2e:05:2f:b1:33:6a:7a:33:14:
9a:e6:0c:94:25:02:e9:84:88:46:8e:2c:97:98:f1:
d8:7a:f8:fe:75:0e:c9:d5:12:e6:0e:c5:f1:85:74:
fa:55:4c:c6:de:f1:80:b8:fa:d5:a4:89:d3:18:6e:
49:2f:57:f1:75:d9:c5:50:7e:84:a4:ee:17:4f:f8:
f7:e1:ef:1c:7c:75:4d:cc:d7:51:ba:f1:1e:35:9b:
85:f5:86:e3:f8:d7:18:63:72:86:88:46:9a:5c:c9:
ab:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:30:7E:D1:C8:40:D7:3B:68:62:0A:66:81:64:66:F5:BC:80:0A:BD
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/pTB-0chA1ztoYgpmgWRm9byACr0.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.48.0/22
43.246.0.0/21
43.246.12.0-43.246.47.255
43.246.52.0-43.246.99.255
103.35.48.0/22
103.236.0.0-103.236.23.255
103.236.28.0-103.236.99.255
Signature Algorithm: sha256WithRSAEncryption
a7:1a:72:99:73:57:9a:f1:b6:1e:b3:ca:1b:22:6c:e9:28:41:
c8:04:b1:58:c1:a1:67:06:f6:9d:c5:5e:a7:e7:1f:4e:0f:09:
64:a8:9e:5a:30:22:8d:3e:5c:fd:25:df:e5:2b:0c:f0:c2:54:
02:24:8b:07:ee:49:de:99:4c:08:32:84:56:ee:84:ba:ef:7a:
8b:e4:8c:3a:eb:5c:7a:10:6c:70:fb:4b:1a:ee:59:65:80:86:
38:73:26:4e:99:bd:75:52:5b:30:4e:7c:8d:d0:71:4d:f4:13:
f3:5e:24:a7:3f:d1:43:e2:20:cb:1a:5a:9d:7b:ec:2f:f3:40:
6d:92:27:d5:32:bd:98:81:7b:37:63:29:fe:eb:b3:bc:71:90:
85:88:30:15:e3:48:2f:f6:64:ff:ee:65:7e:c9:6b:6c:5f:2e:
30:d3:e3:c9:6e:f3:ec:42:bf:e2:60:50:ec:09:bb:6e:e7:eb:
be:f7:07:e1:9c:b4:a8:dd:15:43:42:7f:9b:ed:f1:6b:c2:4e:
87:67:80:a6:5d:47:e2:93:28:c1:79:45:b5:a2:db:38:5d:a9:
fb:93:d7:76:00:6a:eb:9f:bc:27:32:33:3a:4b:58:00:27:58:
16:cd:25:1f:46:3e:01:18:2b:a8:48:c8:95:ba:91:23:05:41:
5a:12:11:6d
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgICZXIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNTA1Mjgx
NDQ0MDBaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKEE1MzA3RUQxQzg0MEQ3
M0I2ODYyMEE2NjgxNjQ2NkY1QkM4MDBBQkQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDdOcW6/KBDq8/oA8n+XDVw6FwRPjReXNTj2CFKaRRozf2IWQZf
A15tTII6ErIim9sq+OH4ANChcy4gRSkoEfdjlHNuXbpFVGB3yccws4jPzDfkvbR0
hKBDPK4iXfXNOi16ZnLu9X5MwLb5eqVK2I1Cw4rickxE2OLHNFKli0d9WKKCFD5O
ddpZOvXxbQGthPmXuraYJbNGk5Soui4FL7EzanozFJrmDJQlAumEiEaOLJeY8dh6
+P51DsnVEuYOxfGFdPpVTMbe8YC4+tWkidMYbkkvV/F12cVQfoSk7hdP+Pfh7xx8
dU3M11G68R41m4X1huP41xhjcoaIRppcyav1AgMBAAGjggI0MIICMDAdBgNVHQ4E
FgQUpTB+0chA1ztoYgpmgWRm9byACr0wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3BUQi0wY2hBMXp0b1ln
cG1nV1JtOWJ5QUNyMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwYgYIKwYBBQUHAQcBAf8EUzBRME8EAgABMEkD
BAIr7zADBAMr9gAwDAMEAiv2DAMEBCv2IDAMAwQCK/Y0AwQCK/ZgAwQCZyMwMAsD
AwJn7AMEA2fsEDAMAwQCZ+wcAwQCZ+xgMA0GCSqGSIb3DQEBCwUAA4IBAQCnGnKZ
c1ea8bYes8obImzpKEHIBLFYwaFnBvadxV6n5x9ODwlkqJ5aMCKNPlz9Jd/lKwzw
wlQCJIsH7knemUwIMoRW7oS673qL5Iw661x6EGxw+0sa7lllgIY4cyZOmb11Ulsw
TnyN0HFN9BPzXiSnP9FD4iDLGlqde+wv80BtkifVMr2YgXs3Yyn+67O8cZCFiDAV
40gv9mT/7mV+yWtsXy4w0+PJbvPsQr/iYFDsCbtu5+u+9wfhnLSo3RVDQn+b7fFr
wk6HZ4CmXUfikyjBeUW1ots4Xan7k9d2AGrrn7wnMjM6S1gAJ1gWzSUfRj4BGCuo
SMiVupEjBUFaEhFt
-----END CERTIFICATE-----
Generated at Thu Jun 5 20:39:12 2025 by rpki-client