
Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/sMCMy9xdOdMaX8KqQ-mJIJ8yahk.roa
File: sMCMy9xdOdMaX8KqQ-mJIJ8yahk.roa (raw, json)
Hash identifier: UKkZInbclnOrhkUjVgTL+9gfAYqNnVlSOnLMdyLtaG4=
Subject key identifier: B0:C0:8C:CB:DC:5D:39:D3:1A:5F:C2:AA:43:E9:89:20:9F:32:6A:19
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 6D6C
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/sMCMy9xdOdMaX8KqQ-mJIJ8yahk.roa
Signing time: Thu 19 Jun 2025 00:57:50 +0000
ROA not before: Thu 19 Jun 2025 00:57:50 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 24426
IP address blocks: 43.239.48.0/22 maxlen: 22
43.246.0.0/22 maxlen: 22
43.246.4.0/22 maxlen: 22
43.246.12.0/22 maxlen: 22
43.246.16.0/22 maxlen: 22
43.246.20.0/22 maxlen: 22
43.246.24.0/22 maxlen: 22
43.246.28.0/22 maxlen: 22
43.246.32.0/22 maxlen: 22
43.246.36.0/22 maxlen: 22
43.246.40.0/22 maxlen: 22
43.246.44.0/22 maxlen: 22
43.246.52.0/22 maxlen: 22
43.246.56.0/22 maxlen: 22
43.246.60.0/22 maxlen: 22
43.246.64.0/22 maxlen: 22
43.246.68.0/22 maxlen: 22
43.246.72.0/22 maxlen: 22
43.246.76.0/22 maxlen: 22
43.246.80.0/22 maxlen: 22
43.246.84.0/22 maxlen: 22
43.246.88.0/22 maxlen: 22
43.246.92.0/22 maxlen: 22
43.246.96.0/22 maxlen: 22
103.35.48.0/22 maxlen: 22
103.236.0.0/22 maxlen: 22
103.236.4.0/22 maxlen: 22
103.236.8.0/22 maxlen: 22
103.236.12.0/22 maxlen: 22
103.236.16.0/22 maxlen: 22
103.236.20.0/22 maxlen: 22
103.236.28.0/22 maxlen: 22
103.236.32.0/22 maxlen: 22
103.236.36.0/22 maxlen: 22
103.236.40.0/22 maxlen: 22
103.236.44.0/22 maxlen: 22
103.236.48.0/22 maxlen: 22
103.236.52.0/22 maxlen: 22
103.236.56.0/22 maxlen: 22
103.236.60.0/22 maxlen: 22
103.236.64.0/22 maxlen: 22
103.236.68.0/22 maxlen: 22
103.236.72.0/22 maxlen: 22
103.236.76.0/22 maxlen: 22
103.236.80.0/22 maxlen: 22
103.236.84.0/22 maxlen: 22
103.236.88.0/22 maxlen: 22
103.236.92.0/22 maxlen: 22
103.236.96.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 28012 (0x6d6c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Jun 19 00:57:50 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=B0C08CCBDC5D39D31A5FC2AA43E989209F326A19
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:59:c7:0e:c8:c2:7c:35:4c:36:05:14:23:ff:
53:d5:ab:dd:85:15:1e:af:61:c5:09:27:77:6d:b9:
ad:55:4e:7d:d7:b0:b0:de:10:a0:d9:f5:53:60:69:
14:e3:19:2b:df:eb:1d:ca:6e:96:95:1e:42:cf:b2:
9a:d0:b9:28:ed:ac:fb:79:58:d2:85:93:fe:18:d9:
4a:80:61:4d:52:c3:10:45:be:cf:99:67:7a:b9:43:
89:a7:fd:a5:22:b7:c4:14:0f:f3:e2:61:32:98:37:
15:8b:70:bb:14:d6:ca:90:0f:15:54:83:57:4d:87:
4a:f4:f9:4d:f3:cb:92:68:91:5f:db:df:87:a1:fb:
36:9b:27:9e:f0:3f:b4:7f:5e:bf:c9:ac:28:f3:3a:
3b:42:39:7c:bb:7b:ff:b6:ec:e0:d3:80:fc:8c:f2:
a5:2e:5c:49:c6:54:a4:cb:41:fb:f9:82:13:e7:47:
9c:6c:04:75:00:70:99:ea:6d:37:d3:c2:9c:40:5c:
95:d1:bc:98:57:00:69:dd:79:7d:70:5c:8d:24:86:
b2:90:b9:5e:2c:f0:a9:d9:55:c0:4d:db:4d:76:d2:
c3:23:21:5b:ea:f4:95:03:42:67:c6:3b:9f:96:c1:
8e:7e:b9:11:44:19:7e:3e:d1:d1:3f:c8:5b:a6:e0:
0d:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:C0:8C:CB:DC:5D:39:D3:1A:5F:C2:AA:43:E9:89:20:9F:32:6A:19
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/sMCMy9xdOdMaX8KqQ-mJIJ8yahk.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.48.0/22
43.246.0.0/21
43.246.12.0-43.246.47.255
43.246.52.0-43.246.99.255
103.35.48.0/22
103.236.0.0-103.236.23.255
103.236.28.0-103.236.99.255
Signature Algorithm: sha256WithRSAEncryption
28:32:11:d3:1f:b0:42:9d:e6:b8:32:e1:f1:c9:35:71:99:a6:
53:9a:60:63:fa:06:74:85:f5:01:60:98:81:49:65:f3:70:45:
27:f4:6f:77:c6:ae:59:55:61:4d:6f:a7:17:ac:19:e1:95:23:
a7:53:e5:dd:8b:8e:b7:86:c5:98:af:67:8b:90:b7:94:64:f5:
1b:78:a7:ce:54:d4:e9:00:34:fe:02:2d:3f:56:6b:b7:7a:50:
05:ef:96:48:3f:d4:d0:b5:5b:33:1d:41:03:97:4f:1e:31:70:
ca:41:19:13:05:cd:e7:66:34:5a:05:72:c7:23:5e:0e:e1:6c:
69:8d:d3:fa:c9:60:64:e9:a8:38:ed:d9:86:43:6e:5d:3a:e6:
2e:dc:0c:e5:f0:c6:86:74:13:1e:d8:f4:78:f4:86:98:8e:35:
e6:8f:1a:78:bf:74:06:78:a5:d0:6c:0d:bb:f7:8d:dd:6c:02:
30:d1:60:77:a7:64:5a:99:51:70:21:14:ef:8e:eb:c8:dc:8d:
b0:14:72:e2:09:fb:95:51:fe:d1:0e:8f:71:a9:da:a7:32:50:
34:28:f1:81:f8:33:78:bc:76:70:12:d8:2f:da:15:66:aa:61:
01:68:60:2a:35:74:40:f9:08:21:ca:7a:ff:e3:13:b8:00:3b:
de:3c:7c:e2
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgICbWwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNTA2MTkw
MDU3NTBaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKEIwQzA4Q0NCREM1RDM5
RDMxQTVGQzJBQTQzRTk4OTIwOUYzMjZBMTkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQD0WccOyMJ8NUw2BRQj/1PVq92FFR6vYcUJJ3dtua1VTn3XsLDe
EKDZ9VNgaRTjGSvf6x3KbpaVHkLPsprQuSjtrPt5WNKFk/4Y2UqAYU1SwxBFvs+Z
Z3q5Q4mn/aUit8QUD/PiYTKYNxWLcLsU1sqQDxVUg1dNh0r0+U3zy5JokV/b34eh
+zabJ57wP7R/Xr/JrCjzOjtCOXy7e/+27ODTgPyM8qUuXEnGVKTLQfv5ghPnR5xs
BHUAcJnqbTfTwpxAXJXRvJhXAGndeX1wXI0khrKQuV4s8KnZVcBN20120sMjIVvq
9JUDQmfGO5+WwY5+uRFEGX4+0dE/yFum4A1PAgMBAAGjggI0MIICMDAdBgNVHQ4E
FgQUsMCMy9xdOdMaX8KqQ+mJIJ8yahkwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3NNQ015OXhkT2RNYVg4
S3FRLW1KSUo4eWFoay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwYgYIKwYBBQUHAQcBAf8EUzBRME8EAgABMEkD
BAIr7zADBAMr9gAwDAMEAiv2DAMEBCv2IDAMAwQCK/Y0AwQCK/ZgAwQCZyMwMAsD
AwJn7AMEA2fsEDAMAwQCZ+wcAwQCZ+xgMA0GCSqGSIb3DQEBCwUAA4IBAQAoMhHT
H7BCnea4MuHxyTVxmaZTmmBj+gZ0hfUBYJiBSWXzcEUn9G93xq5ZVWFNb6cXrBnh
lSOnU+Xdi463hsWYr2eLkLeUZPUbeKfOVNTpADT+Ai0/Vmu3elAF75ZIP9TQtVsz
HUEDl08eMXDKQRkTBc3nZjRaBXLHI14O4WxpjdP6yWBk6ag47dmGQ25dOuYu3Azl
8MaGdBMe2PR49IaYjjXmjxp4v3QGeKXQbA27943dbAIw0WB3p2RamVFwIRTvjuvI
3I2wFHLiCfuVUf7RDo9xqdqnMlA0KPGB+DN4vHZwEtgv2hVmqmEBaGAqNXRA+Qgh
ynr/4xO4ADvePHzi
-----END CERTIFICATE-----
Generated at Sun Jul 20 12:48:38 2025 by rpki-client