Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/sfS22vAT2FGGsY5ecsJOvPQl3t4.roa
File: sfS22vAT2FGGsY5ecsJOvPQl3t4.roa (raw, json)
Hash identifier: 1iHW3+Dynu812v3i0JqHSgNMDJuTI9GZW85KKspAtz4=
Subject key identifier: B1:F4:B6:DA:F0:13:D8:51:86:B1:8E:5E:72:C2:4E:BC:F4:25:DE:DE
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 6BA2
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/sfS22vAT2FGGsY5ecsJOvPQl3t4.roa
Signing time: Sat 14 Jun 2025 02:42:19 +0000
ROA not before: Sat 14 Jun 2025 02:42:19 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 24426
IP address blocks: 43.239.48.0/22 maxlen: 22
43.246.0.0/22 maxlen: 22
43.246.4.0/22 maxlen: 22
43.246.12.0/22 maxlen: 22
43.246.16.0/22 maxlen: 22
43.246.20.0/22 maxlen: 22
43.246.24.0/22 maxlen: 22
43.246.28.0/22 maxlen: 22
43.246.32.0/22 maxlen: 22
43.246.36.0/22 maxlen: 22
43.246.40.0/22 maxlen: 22
43.246.44.0/22 maxlen: 22
43.246.52.0/22 maxlen: 22
43.246.56.0/22 maxlen: 22
43.246.60.0/22 maxlen: 22
43.246.64.0/22 maxlen: 22
43.246.68.0/22 maxlen: 22
43.246.72.0/22 maxlen: 22
43.246.76.0/22 maxlen: 22
43.246.80.0/22 maxlen: 22
43.246.84.0/22 maxlen: 22
43.246.88.0/22 maxlen: 22
43.246.92.0/22 maxlen: 22
43.246.96.0/22 maxlen: 22
103.35.48.0/22 maxlen: 22
103.236.0.0/22 maxlen: 22
103.236.4.0/22 maxlen: 22
103.236.8.0/22 maxlen: 22
103.236.12.0/22 maxlen: 22
103.236.16.0/22 maxlen: 22
103.236.20.0/22 maxlen: 22
103.236.28.0/22 maxlen: 22
103.236.32.0/22 maxlen: 22
103.236.36.0/22 maxlen: 22
103.236.40.0/22 maxlen: 22
103.236.44.0/22 maxlen: 22
103.236.48.0/22 maxlen: 22
103.236.52.0/22 maxlen: 22
103.236.56.0/22 maxlen: 22
103.236.60.0/22 maxlen: 22
103.236.64.0/22 maxlen: 22
103.236.68.0/22 maxlen: 22
103.236.72.0/22 maxlen: 22
103.236.76.0/22 maxlen: 22
103.236.80.0/22 maxlen: 22
103.236.84.0/22 maxlen: 22
103.236.88.0/22 maxlen: 22
103.236.92.0/22 maxlen: 22
103.236.96.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 27554 (0x6ba2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Jun 14 02:42:19 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=B1F4B6DAF013D85186B18E5E72C24EBCF425DEDE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:7e:f8:b7:6f:0a:8e:f1:3f:47:ce:d5:49:4c:
28:09:69:3d:ab:1e:a2:9d:db:51:0a:50:fb:d9:1e:
23:0f:da:d7:b0:6c:27:0d:05:92:a9:c3:c7:e8:72:
2d:bb:49:23:20:df:5f:0a:3a:7c:26:61:06:fc:00:
95:71:c8:e7:bb:de:ed:e4:e0:15:1a:85:6e:5c:12:
b5:17:19:f5:af:51:9c:c8:56:df:05:32:3e:9c:9a:
40:30:09:40:fa:4e:c0:22:5c:f1:7e:54:a0:a2:df:
e7:4c:c7:1a:c7:3f:26:28:ad:ca:82:e4:36:0c:3e:
71:c2:c4:49:cf:52:a4:3e:12:6f:7d:cc:45:16:69:
04:de:7c:a2:3d:75:4d:68:08:40:f5:64:95:47:fc:
b2:52:27:2f:2c:82:35:64:e4:30:98:5c:86:69:0a:
8e:f9:b2:fa:bc:ca:ad:ad:70:21:51:fc:ef:2b:88:
13:4e:a0:bc:6b:af:c6:5b:37:85:bf:c3:a5:1d:61:
fb:3f:15:26:16:07:e8:63:61:ec:e3:95:cd:0d:0c:
4a:6f:a0:6c:a0:4b:64:c9:e6:7b:10:35:21:5d:fd:
0a:f1:0f:df:6b:db:ce:47:01:3b:45:5e:a1:31:25:
4c:9f:86:95:05:3a:7e:85:70:16:7e:45:74:83:fe:
16:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:F4:B6:DA:F0:13:D8:51:86:B1:8E:5E:72:C2:4E:BC:F4:25:DE:DE
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/sfS22vAT2FGGsY5ecsJOvPQl3t4.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.48.0/22
43.246.0.0/21
43.246.12.0-43.246.47.255
43.246.52.0-43.246.99.255
103.35.48.0/22
103.236.0.0-103.236.23.255
103.236.28.0-103.236.99.255
Signature Algorithm: sha256WithRSAEncryption
24:74:7c:53:10:e5:7b:b5:27:62:98:20:89:4b:7b:2b:3f:13:
6b:06:ad:35:3e:18:69:f0:63:c2:f2:ec:71:6a:bf:a0:d9:bc:
46:1e:ad:e3:40:b8:ce:d8:dd:03:4c:59:cd:d6:31:65:60:f7:
90:05:9d:99:89:2e:54:41:99:0c:48:a2:f5:9f:f8:08:f2:7c:
e4:84:af:bd:05:65:0e:68:4f:af:9a:73:f7:4f:1d:cd:37:8f:
e0:2f:0a:d9:f5:ff:d6:64:e2:84:43:65:2b:e2:74:a2:1e:85:
01:b3:78:8f:25:9a:cc:9d:1d:08:a4:a4:90:7d:ac:1e:b1:4c:
f5:6b:c5:21:d8:67:86:8a:8f:98:8c:ed:62:bc:57:fe:ee:ba:
22:9e:ce:35:a9:bb:d3:1b:d3:d3:bf:b5:a0:94:bb:5e:9c:94:
b5:16:7e:78:4d:73:4a:3e:2e:d5:85:d5:31:2d:bf:e1:75:b7:
56:ae:51:53:33:e1:e7:d2:ec:af:47:61:ea:d9:ce:ce:4a:f8:
9d:9b:ac:a4:be:5a:01:b8:da:0b:0f:e3:78:42:71:84:b9:90:
4d:23:1e:7b:4e:6d:49:27:6b:c1:20:0d:d5:1e:b8:9c:bd:23:
fa:ad:c8:da:70:f2:8a:1e:7a:41:a1:60:20:eb:50:be:78:c3:
a2:9e:24:48
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgICa6IwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNTA2MTQw
MjQyMTlaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKEIxRjRCNkRBRjAxM0Q4
NTE4NkIxOEU1RTcyQzI0RUJDRjQyNURFREUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC/fvi3bwqO8T9HztVJTCgJaT2rHqKd21EKUPvZHiMP2tewbCcN
BZKpw8foci27SSMg318KOnwmYQb8AJVxyOe73u3k4BUahW5cErUXGfWvUZzIVt8F
Mj6cmkAwCUD6TsAiXPF+VKCi3+dMxxrHPyYorcqC5DYMPnHCxEnPUqQ+Em99zEUW
aQTefKI9dU1oCED1ZJVH/LJSJy8sgjVk5DCYXIZpCo75svq8yq2tcCFR/O8riBNO
oLxrr8ZbN4W/w6UdYfs/FSYWB+hjYezjlc0NDEpvoGygS2TJ5nsQNSFd/QrxD99r
285HATtFXqExJUyfhpUFOn6FcBZ+RXSD/hbXAgMBAAGjggI0MIICMDAdBgNVHQ4E
FgQUsfS22vAT2FGGsY5ecsJOvPQl3t4wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3NmUzIydkFUMkZHR3NZ
NWVjc0pPdlBRbDN0NC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwYgYIKwYBBQUHAQcBAf8EUzBRME8EAgABMEkD
BAIr7zADBAMr9gAwDAMEAiv2DAMEBCv2IDAMAwQCK/Y0AwQCK/ZgAwQCZyMwMAsD
AwJn7AMEA2fsEDAMAwQCZ+wcAwQCZ+xgMA0GCSqGSIb3DQEBCwUAA4IBAQAkdHxT
EOV7tSdimCCJS3srPxNrBq01Phhp8GPC8uxxar+g2bxGHq3jQLjO2N0DTFnN1jFl
YPeQBZ2ZiS5UQZkMSKL1n/gI8nzkhK+9BWUOaE+vmnP3Tx3NN4/gLwrZ9f/WZOKE
Q2Ur4nSiHoUBs3iPJZrMnR0IpKSQfawesUz1a8Uh2GeGio+YjO1ivFf+7roins41
qbvTG9PTv7WglLtenJS1Fn54TXNKPi7VhdUxLb/hdbdWrlFTM+Hn0uyvR2Hq2c7O
Svidm6ykvloBuNoLD+N4QnGEuZBNIx57Tm1JJ2vBIA3VHricvSP6rcjacPKKHnpB
oWAg61C+eMOiniRI
-----END CERTIFICATE-----
Generated at Sun Jul 20 12:34:20 2025 by rpki-client