Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/r7by2HtQD-ydHvfe4lxGN6Dyde4.roa
File: r7by2HtQD-ydHvfe4lxGN6Dyde4.roa (raw, json)
Hash identifier: T18NC9QeeqLiWpY/tBVD25dlSzJb9TYw0aWWpPOdgOQ=
Subject key identifier: AF:B6:F2:D8:7B:50:0F:EC:9D:1E:F7:DE:E2:5C:46:37:A0:F2:75:EE
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 701C
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/r7by2HtQD-ydHvfe4lxGN6Dyde4.roa
Signing time: Thu 26 Jun 2025 06:44:38 +0000
ROA not before: Thu 26 Jun 2025 06:44:38 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 24426
IP address blocks: 43.239.48.0/22 maxlen: 22
43.246.0.0/22 maxlen: 22
43.246.4.0/22 maxlen: 22
43.246.12.0/22 maxlen: 22
43.246.16.0/22 maxlen: 22
43.246.20.0/22 maxlen: 22
43.246.24.0/22 maxlen: 22
43.246.28.0/22 maxlen: 22
43.246.32.0/22 maxlen: 22
43.246.36.0/22 maxlen: 22
43.246.40.0/22 maxlen: 22
43.246.44.0/22 maxlen: 22
43.246.52.0/22 maxlen: 22
43.246.56.0/22 maxlen: 22
43.246.60.0/22 maxlen: 22
43.246.64.0/22 maxlen: 22
43.246.68.0/22 maxlen: 22
43.246.72.0/22 maxlen: 22
43.246.76.0/22 maxlen: 22
43.246.80.0/22 maxlen: 22
43.246.84.0/22 maxlen: 22
43.246.88.0/22 maxlen: 22
43.246.92.0/22 maxlen: 22
43.246.96.0/22 maxlen: 22
103.35.48.0/22 maxlen: 22
103.236.0.0/22 maxlen: 22
103.236.4.0/22 maxlen: 22
103.236.8.0/22 maxlen: 22
103.236.12.0/22 maxlen: 22
103.236.16.0/22 maxlen: 22
103.236.20.0/22 maxlen: 22
103.236.28.0/22 maxlen: 22
103.236.32.0/22 maxlen: 22
103.236.36.0/22 maxlen: 22
103.236.40.0/22 maxlen: 22
103.236.44.0/22 maxlen: 22
103.236.48.0/22 maxlen: 22
103.236.52.0/22 maxlen: 22
103.236.56.0/22 maxlen: 22
103.236.60.0/22 maxlen: 22
103.236.64.0/22 maxlen: 22
103.236.68.0/22 maxlen: 22
103.236.72.0/22 maxlen: 22
103.236.76.0/22 maxlen: 22
103.236.80.0/22 maxlen: 22
103.236.84.0/22 maxlen: 22
103.236.88.0/22 maxlen: 22
103.236.92.0/22 maxlen: 22
103.236.96.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 28700 (0x701c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Jun 26 06:44:38 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=AFB6F2D87B500FEC9D1EF7DEE25C4637A0F275EE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:8b:83:81:38:94:5f:b9:e4:e5:73:50:34:f7:
03:be:61:25:ce:1b:c7:af:44:3e:58:11:c0:62:a1:
cb:c8:a0:d8:7c:f7:84:ec:12:a4:2e:05:35:be:50:
ec:c0:c7:a6:12:86:73:61:f8:30:be:5b:23:ed:f6:
0d:ab:4a:0b:ee:8d:f7:17:d7:3d:c6:5c:86:09:a0:
19:03:72:09:b2:f3:96:e2:85:c7:21:04:90:0d:12:
5f:45:fc:2e:3b:05:18:53:e5:6d:09:82:1c:0f:ea:
d4:5e:a2:d7:31:d2:b8:2f:54:93:b5:29:40:08:2c:
e7:6e:17:7f:43:b3:66:b3:f4:fd:71:78:30:8a:df:
ac:8e:7e:03:52:03:4e:24:e2:52:8b:51:f1:45:76:
44:88:21:40:cd:10:e8:a1:18:7f:12:4f:16:a4:87:
5e:2f:61:b8:57:cf:c9:f2:23:51:c1:26:c1:1c:9a:
7d:f6:eb:50:7b:15:c4:23:58:23:1a:69:17:b3:ca:
44:26:54:f0:47:03:ce:43:7f:2b:7d:0e:fc:8f:98:
01:f1:1a:88:0f:52:22:3b:89:d0:16:d5:19:6c:ee:
b8:a8:e8:d3:1c:24:57:8e:06:4f:c5:5c:2d:9b:49:
f4:23:b3:b3:8b:5b:18:58:3a:e5:cc:b7:a2:da:c7:
ba:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:B6:F2:D8:7B:50:0F:EC:9D:1E:F7:DE:E2:5C:46:37:A0:F2:75:EE
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/r7by2HtQD-ydHvfe4lxGN6Dyde4.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.48.0/22
43.246.0.0/21
43.246.12.0-43.246.47.255
43.246.52.0-43.246.99.255
103.35.48.0/22
103.236.0.0-103.236.23.255
103.236.28.0-103.236.99.255
Signature Algorithm: sha256WithRSAEncryption
05:31:5f:0b:69:90:67:2a:f8:70:6f:7e:47:ef:87:e9:96:d5:
df:c8:38:18:40:56:62:1e:4f:98:71:12:b0:f7:69:ac:4e:2c:
64:16:2f:49:79:61:75:e8:dc:84:56:2d:e9:c9:f7:e7:7c:2b:
4a:0e:6d:82:bc:91:52:a9:97:80:c5:ad:fc:64:73:1a:01:2c:
87:0c:d6:58:f5:1a:58:d6:88:6d:26:7e:37:cd:b9:bf:63:c2:
b7:ae:90:67:73:9d:4d:95:a2:b1:53:ea:6a:1c:9a:45:4a:ac:
30:74:b9:2e:30:c1:24:e4:7d:3d:b7:81:8f:14:6f:6e:18:b1:
45:1e:c8:44:3d:8b:cf:b7:cb:00:36:85:d8:6b:e0:ad:36:49:
a4:fd:c0:36:b3:eb:81:0b:a3:c9:d0:85:d1:6e:70:16:77:c4:
bd:dd:ad:85:7a:1b:b0:45:f1:d1:d2:f7:d5:37:55:dc:14:6d:
32:55:dd:9a:21:b9:74:13:d0:8b:c4:a4:83:62:6c:b2:c4:6d:
c9:98:51:03:2f:28:35:51:06:eb:3a:7f:e9:79:1a:63:58:74:
68:8b:de:4c:c8:0b:b4:82:38:27:40:45:46:f6:95:4f:a1:ba:
f4:a1:11:f5:36:4b:20:16:42:05:47:67:17:c9:bd:d8:65:43:
8a:e8:89:30
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgICcBwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNTA2MjYw
NjQ0MzhaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKEFGQjZGMkQ4N0I1MDBG
RUM5RDFFRjdERUUyNUM0NjM3QTBGMjc1RUUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCwi4OBOJRfueTlc1A09wO+YSXOG8evRD5YEcBiocvIoNh894Ts
EqQuBTW+UOzAx6YShnNh+DC+WyPt9g2rSgvujfcX1z3GXIYJoBkDcgmy85bihcch
BJANEl9F/C47BRhT5W0JghwP6tReotcx0rgvVJO1KUAILOduF39Ds2az9P1xeDCK
36yOfgNSA04k4lKLUfFFdkSIIUDNEOihGH8STxakh14vYbhXz8nyI1HBJsEcmn32
61B7FcQjWCMaaRezykQmVPBHA85Dfyt9DvyPmAHxGogPUiI7idAW1Rls7rio6NMc
JFeOBk/FXC2bSfQjs7OLWxhYOuXMt6Lax7ptAgMBAAGjggI0MIICMDAdBgNVHQ4E
FgQUr7by2HtQD+ydHvfe4lxGN6Dyde4wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3I3YnkySHRRRC15ZEh2
ZmU0bHhHTjZEeWRlNC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwYgYIKwYBBQUHAQcBAf8EUzBRME8EAgABMEkD
BAIr7zADBAMr9gAwDAMEAiv2DAMEBCv2IDAMAwQCK/Y0AwQCK/ZgAwQCZyMwMAsD
AwJn7AMEA2fsEDAMAwQCZ+wcAwQCZ+xgMA0GCSqGSIb3DQEBCwUAA4IBAQAFMV8L
aZBnKvhwb35H74fpltXfyDgYQFZiHk+YcRKw92msTixkFi9JeWF16NyEVi3pyffn
fCtKDm2CvJFSqZeAxa38ZHMaASyHDNZY9RpY1ohtJn43zbm/Y8K3rpBnc51NlaKx
U+pqHJpFSqwwdLkuMMEk5H09t4GPFG9uGLFFHshEPYvPt8sANoXYa+CtNkmk/cA2
s+uBC6PJ0IXRbnAWd8S93a2FehuwRfHR0vfVN1XcFG0yVd2aIbl0E9CLxKSDYmyy
xG3JmFEDLyg1UQbrOn/peRpjWHRoi95MyAu0gjgnQEVG9pVPobr0oRH1NksgFkIF
R2cXyb3YZUOK6Ikw
-----END CERTIFICATE-----
Generated at Sun Jul 20 12:35:19 2025 by rpki-client