Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/pjaWqV7vA_e2AARIbfLBeUHvkOo.roa
File: pjaWqV7vA_e2AARIbfLBeUHvkOo.roa (raw, json)
Hash identifier: HPdoWXfCPybEypEC3UHdQ7K7Ew5El1wV1nhEnVc9MlA=
Subject key identifier: A6:36:96:A9:5E:EF:03:F7:B6:00:04:48:6D:F2:C1:79:41:EF:90:EA
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 71EC
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/pjaWqV7vA_e2AARIbfLBeUHvkOo.roa
Signing time: Tue 01 Jul 2025 02:44:44 +0000
ROA not before: Tue 01 Jul 2025 02:44:44 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 24426
IP address blocks: 43.239.48.0/22 maxlen: 22
43.246.0.0/22 maxlen: 22
43.246.4.0/22 maxlen: 22
43.246.12.0/22 maxlen: 22
43.246.16.0/22 maxlen: 22
43.246.20.0/22 maxlen: 22
43.246.24.0/22 maxlen: 22
43.246.28.0/22 maxlen: 22
43.246.32.0/22 maxlen: 22
43.246.36.0/22 maxlen: 22
43.246.40.0/22 maxlen: 22
43.246.44.0/22 maxlen: 22
43.246.52.0/22 maxlen: 22
43.246.56.0/22 maxlen: 22
43.246.60.0/22 maxlen: 22
43.246.64.0/22 maxlen: 22
43.246.68.0/22 maxlen: 22
43.246.72.0/22 maxlen: 22
43.246.76.0/22 maxlen: 22
43.246.80.0/22 maxlen: 22
43.246.84.0/22 maxlen: 22
43.246.88.0/22 maxlen: 22
43.246.92.0/22 maxlen: 22
43.246.96.0/22 maxlen: 22
103.35.48.0/22 maxlen: 22
103.236.0.0/22 maxlen: 22
103.236.4.0/22 maxlen: 22
103.236.8.0/22 maxlen: 22
103.236.12.0/22 maxlen: 22
103.236.16.0/22 maxlen: 22
103.236.20.0/22 maxlen: 22
103.236.28.0/22 maxlen: 22
103.236.32.0/22 maxlen: 22
103.236.36.0/22 maxlen: 22
103.236.40.0/22 maxlen: 22
103.236.44.0/22 maxlen: 22
103.236.48.0/22 maxlen: 22
103.236.52.0/22 maxlen: 22
103.236.56.0/22 maxlen: 22
103.236.60.0/22 maxlen: 22
103.236.64.0/22 maxlen: 22
103.236.68.0/22 maxlen: 22
103.236.72.0/22 maxlen: 22
103.236.76.0/22 maxlen: 22
103.236.80.0/22 maxlen: 22
103.236.84.0/22 maxlen: 22
103.236.88.0/22 maxlen: 22
103.236.92.0/22 maxlen: 22
103.236.96.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 29164 (0x71ec)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Jul 1 02:44:44 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=A63696A95EEF03F7B60004486DF2C17941EF90EA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:79:de:ed:91:4e:02:b3:d6:a0:c7:0f:9f:06:
70:e8:0d:c9:26:3f:a1:ef:98:f2:88:06:4d:f6:84:
a5:e6:3b:41:79:5f:1b:ee:dc:3b:77:da:cd:23:7d:
7d:6d:3c:69:cc:3f:a2:80:11:57:0c:2b:e1:e0:d9:
c4:1a:f2:00:17:e6:68:f7:71:95:e0:29:11:c5:8d:
75:ff:1a:f5:08:67:93:47:c8:5d:60:82:e7:57:e5:
94:76:ef:1e:59:9b:10:76:aa:5d:31:a3:9a:57:2a:
4c:2b:35:aa:a3:3e:a6:6c:b5:3a:51:0b:e8:64:ba:
c7:39:0d:a3:d1:40:ee:a8:0e:bc:d5:cf:86:4f:ee:
8c:9c:b9:bf:2a:ab:c0:3c:52:14:0b:dd:a8:73:06:
71:cf:90:08:11:ae:79:d9:d1:0f:f9:6d:37:34:0d:
1a:b1:63:e3:5d:8e:32:7e:84:bc:80:1e:da:1b:1c:
d9:5b:b7:67:94:2b:d7:f9:6f:8c:1c:f2:1b:72:dd:
95:34:5a:ff:4d:f7:30:21:e5:c1:08:53:d5:96:3a:
2f:ea:56:20:78:8f:60:3d:9f:de:fe:60:8a:56:9f:
06:97:0a:88:db:21:15:09:a5:a7:9e:ad:11:4e:23:
fe:39:f7:c1:68:7b:61:cf:fe:d5:80:3d:b4:a0:7b:
43:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:36:96:A9:5E:EF:03:F7:B6:00:04:48:6D:F2:C1:79:41:EF:90:EA
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/pjaWqV7vA_e2AARIbfLBeUHvkOo.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.48.0/22
43.246.0.0/21
43.246.12.0-43.246.47.255
43.246.52.0-43.246.99.255
103.35.48.0/22
103.236.0.0-103.236.23.255
103.236.28.0-103.236.99.255
Signature Algorithm: sha256WithRSAEncryption
1e:91:10:94:ca:85:fe:71:5b:a5:7a:37:f3:62:8f:bb:8a:0d:
67:0a:5f:43:7d:2a:38:7d:1c:f1:c5:0b:0e:8b:77:41:7a:7d:
70:3e:9d:f7:3e:57:fd:dd:18:77:4b:95:22:f4:f1:30:3b:e1:
ff:08:e0:f2:02:46:10:fa:d0:8e:e4:5b:31:14:f5:bc:cc:2f:
dd:85:76:d2:7c:dd:d3:46:02:ec:53:14:57:fc:64:c8:dd:c2:
74:c4:20:a2:30:40:b7:d6:ef:d0:2e:b0:2d:6c:87:6b:63:4a:
04:a6:b0:a9:16:97:c8:84:09:41:ff:f3:80:bd:19:32:13:1b:
ab:db:e2:3c:90:e9:da:00:f9:4d:c3:6d:4d:ec:0f:a7:28:52:
e7:f5:d3:f0:47:73:86:27:45:d3:74:25:d9:d7:b1:45:e5:7b:
12:6f:1a:ba:d4:fb:72:bc:84:39:a0:26:b8:79:67:80:e3:99:
26:57:dd:bb:46:75:18:33:e6:a3:36:28:67:14:65:30:02:89:
3b:38:88:e9:5d:fb:1c:cd:0f:a8:1f:4f:8d:3a:ae:6b:e8:4c:
f3:a7:a3:d8:d1:71:22:25:8e:1d:03:0c:61:59:f4:2f:c3:33:
de:a7:e2:e0:bd:f4:7f:ca:6c:36:33:29:71:e4:9e:6c:ce:c1:
c2:11:fc:94
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgICcewwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNTA3MDEw
MjQ0NDRaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKEE2MzY5NkE5NUVFRjAz
RjdCNjAwMDQ0ODZERjJDMTc5NDFFRjkwRUEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDAed7tkU4Cs9agxw+fBnDoDckmP6HvmPKIBk32hKXmO0F5Xxvu
3Dt32s0jfX1tPGnMP6KAEVcMK+Hg2cQa8gAX5mj3cZXgKRHFjXX/GvUIZ5NHyF1g
gudX5ZR27x5ZmxB2ql0xo5pXKkwrNaqjPqZstTpRC+hkusc5DaPRQO6oDrzVz4ZP
7oycub8qq8A8UhQL3ahzBnHPkAgRrnnZ0Q/5bTc0DRqxY+NdjjJ+hLyAHtobHNlb
t2eUK9f5b4wc8hty3ZU0Wv9N9zAh5cEIU9WWOi/qViB4j2A9n97+YIpWnwaXCojb
IRUJpaeerRFOI/4598Foe2HP/tWAPbSge0MPAgMBAAGjggI0MIICMDAdBgNVHQ4E
FgQUpjaWqV7vA/e2AARIbfLBeUHvkOowHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3BqYVdxVjd2QV9lMkFB
UkliZkxCZVVIdmtPby5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwYgYIKwYBBQUHAQcBAf8EUzBRME8EAgABMEkD
BAIr7zADBAMr9gAwDAMEAiv2DAMEBCv2IDAMAwQCK/Y0AwQCK/ZgAwQCZyMwMAsD
AwJn7AMEA2fsEDAMAwQCZ+wcAwQCZ+xgMA0GCSqGSIb3DQEBCwUAA4IBAQAekRCU
yoX+cVulejfzYo+7ig1nCl9DfSo4fRzxxQsOi3dBen1wPp33Plf93Rh3S5Ui9PEw
O+H/CODyAkYQ+tCO5FsxFPW8zC/dhXbSfN3TRgLsUxRX/GTI3cJ0xCCiMEC31u/Q
LrAtbIdrY0oEprCpFpfIhAlB//OAvRkyExur2+I8kOnaAPlNw21N7A+nKFLn9dPw
R3OGJ0XTdCXZ17FF5XsSbxq61PtyvIQ5oCa4eWeA45kmV927RnUYM+ajNihnFGUw
Aok7OIjpXfsczQ+oH0+NOq5r6Ezzp6PY0XEiJY4dAwxhWfQvwzPep+LgvfR/ymw2
Mylx5J5szsHCEfyU
-----END CERTIFICATE-----
Generated at Sun Jul 20 12:44:15 2025 by rpki-client