Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/rdkpBcxqC4hAkrZQmayqyotTscA.roa
File: rdkpBcxqC4hAkrZQmayqyotTscA.roa (raw, json)
Hash identifier: PtspIrGdgmyvJRuk5VluEMLVRCSQ4NbUPa1scN68ihA=
Subject key identifier: AD:D9:29:05:CC:6A:0B:88:40:92:B6:50:99:AC:AA:CA:8B:53:B1:C0
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 6366
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/rdkpBcxqC4hAkrZQmayqyotTscA.roa
Signing time: Fri 23 May 2025 03:40:51 +0000
ROA not before: Fri 23 May 2025 03:40:51 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 24426
IP address blocks: 43.239.48.0/22 maxlen: 22
43.246.0.0/22 maxlen: 22
43.246.4.0/22 maxlen: 22
43.246.12.0/22 maxlen: 22
43.246.16.0/22 maxlen: 22
43.246.20.0/22 maxlen: 22
43.246.24.0/22 maxlen: 22
43.246.28.0/22 maxlen: 22
43.246.32.0/22 maxlen: 22
43.246.36.0/22 maxlen: 22
43.246.40.0/22 maxlen: 22
43.246.44.0/22 maxlen: 22
43.246.52.0/22 maxlen: 22
43.246.56.0/22 maxlen: 22
43.246.60.0/22 maxlen: 22
43.246.64.0/22 maxlen: 22
43.246.68.0/22 maxlen: 22
43.246.72.0/22 maxlen: 22
43.246.76.0/22 maxlen: 22
43.246.80.0/22 maxlen: 22
43.246.84.0/22 maxlen: 22
43.246.88.0/22 maxlen: 22
43.246.92.0/22 maxlen: 22
43.246.96.0/22 maxlen: 22
103.35.48.0/22 maxlen: 22
103.236.0.0/22 maxlen: 22
103.236.4.0/22 maxlen: 22
103.236.8.0/22 maxlen: 22
103.236.12.0/22 maxlen: 22
103.236.16.0/22 maxlen: 22
103.236.20.0/22 maxlen: 22
103.236.28.0/22 maxlen: 22
103.236.32.0/22 maxlen: 22
103.236.36.0/22 maxlen: 22
103.236.40.0/22 maxlen: 22
103.236.44.0/22 maxlen: 22
103.236.48.0/22 maxlen: 22
103.236.52.0/22 maxlen: 22
103.236.56.0/22 maxlen: 22
103.236.60.0/22 maxlen: 22
103.236.64.0/22 maxlen: 22
103.236.68.0/22 maxlen: 22
103.236.72.0/22 maxlen: 22
103.236.76.0/22 maxlen: 22
103.236.80.0/22 maxlen: 22
103.236.84.0/22 maxlen: 22
103.236.88.0/22 maxlen: 22
103.236.92.0/22 maxlen: 22
103.236.96.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 25446 (0x6366)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 23 03:40:51 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=ADD92905CC6A0B884092B65099ACAACA8B53B1C0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fb:69:46:12:4d:51:5d:2d:22:dc:fe:ef:37:19:
56:20:8b:07:e0:81:03:af:3a:34:ab:9a:fc:c1:d7:
3a:f8:25:cf:e8:c1:a1:42:37:29:c9:6f:76:93:0b:
ce:ee:8a:e3:ed:7d:50:0f:77:bc:27:fa:3d:ae:c9:
7b:21:fe:d7:9b:6e:83:29:e6:71:a6:59:49:79:0d:
a7:5c:5c:63:81:6e:bf:66:ed:5b:26:45:a6:6c:34:
50:62:54:43:89:17:4c:d5:0e:89:e0:2e:f7:dc:52:
a1:e9:03:91:20:13:78:29:8b:d2:58:0d:66:d7:3d:
2b:c1:5a:c7:ef:8c:8b:b5:12:61:36:ef:bf:0b:08:
cf:05:76:43:fa:11:87:b3:f3:a9:7f:65:2b:32:31:
94:48:e5:bd:c8:19:78:24:56:d6:a3:c8:13:61:5a:
fe:40:12:4c:c9:31:d3:f5:69:e4:8e:53:e3:eb:ce:
73:ff:e0:1e:4a:6b:a9:c2:aa:18:1f:65:8f:c8:51:
a9:aa:ff:ff:2d:0d:24:19:79:14:c5:d9:3b:6d:6d:
fc:e1:f2:39:20:dc:3a:a3:0d:67:e2:22:bb:1c:35:
10:bb:90:bf:47:fb:73:04:96:63:69:9a:58:0e:da:
36:78:1d:c8:f9:26:4b:07:93:37:7e:e4:78:2f:bc:
b4:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:D9:29:05:CC:6A:0B:88:40:92:B6:50:99:AC:AA:CA:8B:53:B1:C0
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/rdkpBcxqC4hAkrZQmayqyotTscA.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.48.0/22
43.246.0.0/21
43.246.12.0-43.246.47.255
43.246.52.0-43.246.99.255
103.35.48.0/22
103.236.0.0-103.236.23.255
103.236.28.0-103.236.99.255
Signature Algorithm: sha256WithRSAEncryption
3b:88:b4:0d:9d:21:92:19:1f:9c:06:d9:c0:67:7b:91:d2:2e:
cb:67:76:55:1c:3c:44:b8:5c:8c:b7:6d:d3:db:22:05:7a:e2:
af:dd:e0:98:6c:8c:fa:db:f3:ac:ac:af:f6:cc:39:8c:a7:80:
03:e2:eb:5e:b4:f7:19:eb:f3:1d:41:1c:04:42:88:41:c7:94:
64:4e:8b:bc:01:9d:03:e2:22:c6:d2:36:36:81:75:ba:36:db:
46:a4:92:9a:3e:47:2a:c5:fc:ea:96:ca:db:cf:be:0e:70:80:
d1:d6:59:03:85:15:41:7e:82:12:68:23:ff:26:46:09:d2:2b:
34:32:c9:3c:a1:a5:df:63:28:f4:64:4d:ca:96:63:de:94:d8:
ef:c2:8e:a5:da:63:de:cd:6b:c9:35:3f:30:8c:64:6f:a0:7a:
5c:37:31:0c:85:bc:14:f4:ee:55:15:d9:17:11:cb:b2:75:c6:
c9:ef:6f:77:6f:e3:5e:44:3b:8c:da:f0:9e:44:a5:40:8b:e9:
2f:0a:c7:81:da:5e:a6:67:7e:9c:f4:4b:c9:34:68:83:d8:fc:
0a:54:fa:97:93:02:9c:fd:50:6f:ea:20:5d:19:4b:9c:bc:15:
67:af:d2:c6:16:0c:39:34:78:68:cc:ee:3a:6d:30:48:1c:dd:
1a:f1:cf:03
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgICY2YwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNTA1MjMw
MzQwNTFaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKEFERDkyOTA1Q0M2QTBC
ODg0MDkyQjY1MDk5QUNBQUNBOEI1M0IxQzAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQD7aUYSTVFdLSLc/u83GVYgiwfggQOvOjSrmvzB1zr4Jc/owaFC
NynJb3aTC87uiuPtfVAPd7wn+j2uyXsh/tebboMp5nGmWUl5DadcXGOBbr9m7Vsm
RaZsNFBiVEOJF0zVDongLvfcUqHpA5EgE3gpi9JYDWbXPSvBWsfvjIu1EmE2778L
CM8FdkP6EYez86l/ZSsyMZRI5b3IGXgkVtajyBNhWv5AEkzJMdP1aeSOU+PrznP/
4B5Ka6nCqhgfZY/IUamq//8tDSQZeRTF2Tttbfzh8jkg3DqjDWfiIrscNRC7kL9H
+3MElmNpmlgO2jZ4Hcj5JksHkzd+5HgvvLS3AgMBAAGjggI0MIICMDAdBgNVHQ4E
FgQUrdkpBcxqC4hAkrZQmayqyotTscAwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3Jka3BCY3hxQzRoQWty
WlFtYXlxeW90VHNjQS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwYgYIKwYBBQUHAQcBAf8EUzBRME8EAgABMEkD
BAIr7zADBAMr9gAwDAMEAiv2DAMEBCv2IDAMAwQCK/Y0AwQCK/ZgAwQCZyMwMAsD
AwJn7AMEA2fsEDAMAwQCZ+wcAwQCZ+xgMA0GCSqGSIb3DQEBCwUAA4IBAQA7iLQN
nSGSGR+cBtnAZ3uR0i7LZ3ZVHDxEuFyMt23T2yIFeuKv3eCYbIz62/OsrK/2zDmM
p4AD4utetPcZ6/MdQRwEQohBx5RkTou8AZ0D4iLG0jY2gXW6NttGpJKaPkcqxfzq
lsrbz74OcIDR1lkDhRVBfoISaCP/JkYJ0is0Msk8oaXfYyj0ZE3KlmPelNjvwo6l
2mPezWvJNT8wjGRvoHpcNzEMhbwU9O5VFdkXEcuydcbJ7293b+NeRDuM2vCeRKVA
i+kvCseB2l6mZ36c9EvJNGiD2PwKVPqXkwKc/VBv6iBdGUucvBVnr9LGFgw5NHho
zO46bTBIHN0a8c8D
-----END CERTIFICATE-----
Generated at Wed Jun 4 00:58:21 2025 by rpki-client