Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/qlg7dQIjtN-pD2xG32zgF_Xmobk.roa
File: qlg7dQIjtN-pD2xG32zgF_Xmobk.roa (raw, json)
Hash identifier: Hxwt8a+Grik5G4mLVLUw1rGtnniSkk7kq5GGdExipzo=
Subject key identifier: AA:58:3B:75:02:23:B4:DF:A9:0F:6C:46:DF:6C:E0:17:F5:E6:A1:B9
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 6904
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/qlg7dQIjtN-pD2xG32zgF_Xmobk.roa
Signing time: Sat 07 Jun 2025 03:11:53 +0000
ROA not before: Sat 07 Jun 2025 03:11:53 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 24426
IP address blocks: 43.239.48.0/22 maxlen: 22
43.246.0.0/22 maxlen: 22
43.246.4.0/22 maxlen: 22
43.246.12.0/22 maxlen: 22
43.246.16.0/22 maxlen: 22
43.246.20.0/22 maxlen: 22
43.246.24.0/22 maxlen: 22
43.246.28.0/22 maxlen: 22
43.246.32.0/22 maxlen: 22
43.246.36.0/22 maxlen: 22
43.246.40.0/22 maxlen: 22
43.246.44.0/22 maxlen: 22
43.246.52.0/22 maxlen: 22
43.246.56.0/22 maxlen: 22
43.246.60.0/22 maxlen: 22
43.246.64.0/22 maxlen: 22
43.246.68.0/22 maxlen: 22
43.246.72.0/22 maxlen: 22
43.246.76.0/22 maxlen: 22
43.246.80.0/22 maxlen: 22
43.246.84.0/22 maxlen: 22
43.246.88.0/22 maxlen: 22
43.246.92.0/22 maxlen: 22
43.246.96.0/22 maxlen: 22
103.35.48.0/22 maxlen: 22
103.236.0.0/22 maxlen: 22
103.236.4.0/22 maxlen: 22
103.236.8.0/22 maxlen: 22
103.236.12.0/22 maxlen: 22
103.236.16.0/22 maxlen: 22
103.236.20.0/22 maxlen: 22
103.236.28.0/22 maxlen: 22
103.236.32.0/22 maxlen: 22
103.236.36.0/22 maxlen: 22
103.236.40.0/22 maxlen: 22
103.236.44.0/22 maxlen: 22
103.236.48.0/22 maxlen: 22
103.236.52.0/22 maxlen: 22
103.236.56.0/22 maxlen: 22
103.236.60.0/22 maxlen: 22
103.236.64.0/22 maxlen: 22
103.236.68.0/22 maxlen: 22
103.236.72.0/22 maxlen: 22
103.236.76.0/22 maxlen: 22
103.236.80.0/22 maxlen: 22
103.236.84.0/22 maxlen: 22
103.236.88.0/22 maxlen: 22
103.236.92.0/22 maxlen: 22
103.236.96.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 26884 (0x6904)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Jun 7 03:11:53 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=AA583B750223B4DFA90F6C46DF6CE017F5E6A1B9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:b8:72:1e:15:6f:38:cc:b2:a8:56:5b:76:da:
dd:00:aa:ed:54:f9:8c:43:74:6b:92:e1:cd:d5:3c:
35:6d:3a:f6:29:b9:b2:a6:8a:2f:8f:5b:d2:1c:90:
11:8c:c8:37:49:8a:84:ba:8b:91:f2:9b:86:bb:da:
02:f7:5c:8b:09:0b:a1:fc:a2:6d:b7:83:e8:bd:45:
e7:1d:0d:57:7f:c9:b8:b0:6d:be:d5:2b:98:24:34:
02:41:9a:0a:42:5f:24:4e:8f:83:1e:e5:8b:ad:42:
22:cf:27:dd:00:b0:7d:9e:ca:f7:8d:13:d9:e6:80:
77:90:0d:14:a9:8a:6e:e9:d8:6c:a2:c8:8b:e3:e8:
5f:8f:aa:86:0c:f1:43:f6:2e:e7:20:d7:42:fc:d6:
7b:91:ab:9a:8c:3c:63:69:0d:d9:f2:b4:3f:dd:f6:
a3:1b:5a:59:95:b7:c8:8d:4d:cd:79:49:57:2d:82:
b3:2d:3b:e9:98:1c:78:e2:d7:3f:d1:08:b1:f2:6c:
e2:c3:43:85:56:d6:ef:81:27:e7:c5:a0:fb:99:10:
fa:4c:8b:64:ff:e8:4b:aa:fc:64:4e:1a:12:49:30:
57:dc:76:e0:5c:60:26:6a:a8:c4:59:fd:25:82:dc:
0c:79:17:f5:43:4a:1c:ef:83:b3:e3:71:9f:db:f5:
b7:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:58:3B:75:02:23:B4:DF:A9:0F:6C:46:DF:6C:E0:17:F5:E6:A1:B9
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/qlg7dQIjtN-pD2xG32zgF_Xmobk.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.48.0/22
43.246.0.0/21
43.246.12.0-43.246.47.255
43.246.52.0-43.246.99.255
103.35.48.0/22
103.236.0.0-103.236.23.255
103.236.28.0-103.236.99.255
Signature Algorithm: sha256WithRSAEncryption
03:d7:c3:e1:54:2a:9a:aa:85:47:ba:32:0e:ff:00:45:ce:b3:
a5:71:dc:5d:15:4c:60:91:7b:fd:e1:72:ce:10:9f:d0:c4:90:
28:0e:fa:43:4c:77:8f:2d:17:5d:8e:54:c8:d8:10:3d:77:06:
ad:3a:8f:bc:8a:5f:f8:04:e4:16:96:b2:a6:a2:b0:b2:9d:88:
7d:b2:56:64:26:e2:68:d4:7a:20:22:b5:31:31:21:52:14:46:
c7:59:38:b3:0a:2f:2a:f5:aa:35:61:98:bd:4b:34:df:f1:53:
bc:fb:3b:93:71:00:18:5f:63:b4:70:73:17:d3:10:13:26:71:
3c:8a:33:06:9b:61:43:1d:d1:e4:1d:c1:09:a5:e0:06:4a:ca:
4a:24:c0:f6:86:a9:1a:0d:3f:68:fa:b7:31:53:d1:f9:ec:b9:
bd:2d:53:6c:f0:5e:09:68:35:e8:ec:81:d1:63:42:9b:17:0b:
01:b4:c2:bb:b8:49:be:d0:6d:a2:ad:b9:87:eb:0c:90:00:dc:
39:db:58:0c:05:40:32:0c:67:ff:a5:aa:83:d5:a7:f0:37:8b:
90:18:a6:5b:19:17:97:7d:a4:b5:3f:43:53:8d:d2:89:e3:bf:
46:1c:2b:a6:42:f5:ff:a8:60:df:3d:13:cd:98:a5:54:a2:4f:
4d:44:2a:e3
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgICaQQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNTA2MDcw
MzExNTNaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKEFBNTgzQjc1MDIyM0I0
REZBOTBGNkM0NkRGNkNFMDE3RjVFNkExQjkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC6uHIeFW84zLKoVlt22t0Aqu1U+YxDdGuS4c3VPDVtOvYpubKm
ii+PW9IckBGMyDdJioS6i5Hym4a72gL3XIsJC6H8om23g+i9RecdDVd/ybiwbb7V
K5gkNAJBmgpCXyROj4Me5YutQiLPJ90AsH2eyveNE9nmgHeQDRSpim7p2GyiyIvj
6F+PqoYM8UP2Lucg10L81nuRq5qMPGNpDdnytD/d9qMbWlmVt8iNTc15SVctgrMt
O+mYHHji1z/RCLHybOLDQ4VW1u+BJ+fFoPuZEPpMi2T/6Euq/GROGhJJMFfcduBc
YCZqqMRZ/SWC3Ax5F/VDShzvg7PjcZ/b9bdBAgMBAAGjggI0MIICMDAdBgNVHQ4E
FgQUqlg7dQIjtN+pD2xG32zgF/XmobkwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3FsZzdkUUlqdE4tcEQy
eEczMnpnRl9YbW9iay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwYgYIKwYBBQUHAQcBAf8EUzBRME8EAgABMEkD
BAIr7zADBAMr9gAwDAMEAiv2DAMEBCv2IDAMAwQCK/Y0AwQCK/ZgAwQCZyMwMAsD
AwJn7AMEA2fsEDAMAwQCZ+wcAwQCZ+xgMA0GCSqGSIb3DQEBCwUAA4IBAQAD18Ph
VCqaqoVHujIO/wBFzrOlcdxdFUxgkXv94XLOEJ/QxJAoDvpDTHePLRddjlTI2BA9
dwatOo+8il/4BOQWlrKmorCynYh9slZkJuJo1HogIrUxMSFSFEbHWTizCi8q9ao1
YZi9SzTf8VO8+zuTcQAYX2O0cHMX0xATJnE8ijMGm2FDHdHkHcEJpeAGSspKJMD2
hqkaDT9o+rcxU9H57Lm9LVNs8F4JaDXo7IHRY0KbFwsBtMK7uEm+0G2irbmH6wyQ
ANw521gMBUAyDGf/paqD1afwN4uQGKZbGReXfaS1P0NTjdKJ479GHCumQvX/qGDf
PRPNmKVUok9NRCrj
-----END CERTIFICATE-----
Generated at Sun Jul 20 12:52:14 2025 by rpki-client