Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/tuJyaSyv6e0272-xyA1ZqWv8qDI.roa
File: tuJyaSyv6e0272-xyA1ZqWv8qDI.roa (raw, json)
Hash identifier: 5f0DsU/DVqF1f1tliJatOjHtPmeAIgETHlHZMkTcpFI=
Subject key identifier: B6:E2:72:69:2C:AF:E9:ED:36:EF:6F:B1:C8:0D:59:A9:6B:FC:A8:32
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 77B4
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/tuJyaSyv6e0272-xyA1ZqWv8qDI.roa
Signing time: Wed 16 Jul 2025 13:12:17 +0000
ROA not before: Wed 16 Jul 2025 13:12:17 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 24426
IP address blocks: 43.239.48.0/22 maxlen: 22
43.246.0.0/22 maxlen: 22
43.246.4.0/22 maxlen: 22
43.246.12.0/22 maxlen: 22
43.246.16.0/22 maxlen: 22
43.246.20.0/22 maxlen: 22
43.246.24.0/22 maxlen: 22
43.246.28.0/22 maxlen: 22
43.246.32.0/22 maxlen: 22
43.246.36.0/22 maxlen: 22
43.246.40.0/22 maxlen: 22
43.246.44.0/22 maxlen: 22
43.246.52.0/22 maxlen: 22
43.246.56.0/22 maxlen: 22
43.246.60.0/22 maxlen: 22
43.246.64.0/22 maxlen: 22
43.246.68.0/22 maxlen: 22
43.246.72.0/22 maxlen: 22
43.246.76.0/22 maxlen: 22
43.246.80.0/22 maxlen: 22
43.246.84.0/22 maxlen: 22
43.246.88.0/22 maxlen: 22
43.246.92.0/22 maxlen: 22
43.246.96.0/22 maxlen: 22
103.35.48.0/22 maxlen: 22
103.236.0.0/22 maxlen: 22
103.236.4.0/22 maxlen: 22
103.236.8.0/22 maxlen: 22
103.236.12.0/22 maxlen: 22
103.236.16.0/22 maxlen: 22
103.236.20.0/22 maxlen: 22
103.236.28.0/22 maxlen: 22
103.236.32.0/22 maxlen: 22
103.236.36.0/22 maxlen: 22
103.236.40.0/22 maxlen: 22
103.236.44.0/22 maxlen: 22
103.236.48.0/22 maxlen: 22
103.236.52.0/22 maxlen: 22
103.236.56.0/22 maxlen: 22
103.236.60.0/22 maxlen: 22
103.236.64.0/22 maxlen: 22
103.236.68.0/22 maxlen: 22
103.236.72.0/22 maxlen: 22
103.236.76.0/22 maxlen: 22
103.236.80.0/22 maxlen: 22
103.236.84.0/22 maxlen: 22
103.236.88.0/22 maxlen: 22
103.236.92.0/22 maxlen: 22
103.236.96.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 30644 (0x77b4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Jul 16 13:12:17 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=B6E272692CAFE9ED36EF6FB1C80D59A96BFCA832
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:d5:87:f3:ab:d4:50:48:fd:ee:9c:80:65:aa:
54:a6:3a:15:e8:73:bc:1d:ac:a4:d3:38:ae:16:77:
b5:2b:a1:de:f3:10:3a:40:38:76:e9:71:f7:4a:d7:
eb:a1:46:54:2b:17:e1:06:b7:be:3e:1a:db:9d:6d:
d7:ed:67:e7:ad:d8:87:a3:43:f8:f8:81:ef:3c:dc:
81:7a:0d:d8:d6:4f:25:62:50:6a:73:a0:f7:77:1b:
0f:de:7c:f0:e2:79:d5:db:95:98:fb:3e:d8:48:8c:
a3:87:f7:07:70:20:04:7f:80:30:cf:63:07:c9:ae:
93:58:0a:d4:e8:4a:7e:6b:7f:28:25:1b:15:b1:7f:
04:48:c8:02:64:72:a4:36:30:9a:78:35:ae:cb:f0:
be:91:47:02:75:25:be:b8:e2:69:01:31:7f:3a:4f:
b0:98:80:50:0e:74:35:76:f6:eb:6b:79:44:3c:8f:
2d:53:c2:c1:f4:60:f2:38:13:81:36:6e:66:88:3b:
58:fb:a1:60:c8:be:ed:d3:64:7f:95:89:bd:42:06:
69:a8:16:0a:d5:67:32:0c:9a:40:51:8d:bc:e8:95:
53:7d:24:db:61:7e:2c:c5:a5:05:9e:39:4e:05:fd:
b8:76:3c:fb:47:ff:98:8a:2d:1f:0c:2c:3f:73:be:
40:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:E2:72:69:2C:AF:E9:ED:36:EF:6F:B1:C8:0D:59:A9:6B:FC:A8:32
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/tuJyaSyv6e0272-xyA1ZqWv8qDI.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.48.0/22
43.246.0.0/21
43.246.12.0-43.246.47.255
43.246.52.0-43.246.99.255
103.35.48.0/22
103.236.0.0-103.236.23.255
103.236.28.0-103.236.99.255
Signature Algorithm: sha256WithRSAEncryption
6c:c5:a7:1d:e3:49:bf:28:4b:f8:33:62:0e:60:4b:bc:12:29:
bd:65:90:73:45:f1:58:b7:fe:52:0a:01:3b:58:8a:df:83:be:
a3:65:e3:3d:72:23:e0:67:65:58:99:e8:53:05:ba:94:5d:10:
fe:59:70:23:99:6d:89:4e:55:3d:ed:49:83:23:1b:8e:84:f1:
28:36:62:38:78:28:59:e7:a0:31:0b:53:ca:c1:a3:72:90:23:
b3:f8:29:ff:92:57:1e:95:f5:06:6e:a0:d9:24:fe:85:5c:b6:
06:d6:9f:0a:57:e2:f8:fb:60:6f:a8:91:74:b9:63:02:0b:40:
1d:14:bb:82:6d:f4:11:d4:4a:b4:e3:96:df:15:ae:03:16:45:
41:cf:17:36:af:61:7e:e5:b6:20:47:69:52:9c:1e:a2:0e:3d:
0c:3f:07:f6:49:05:e6:24:72:31:0f:8a:7b:8b:df:64:eb:a2:
76:14:eb:1c:fc:99:9e:68:e5:22:ba:ff:e0:39:01:7f:c7:11:
10:ce:75:36:fd:bf:49:cb:dd:c3:4d:30:ed:cc:e6:bb:20:68:
49:36:27:a8:79:55:bb:83:a6:17:e4:50:7c:aa:eb:30:c3:43:
14:91:58:33:73:70:d8:1a:3b:53:79:fd:fa:6e:68:90:7b:d8:
54:b8:4c:da
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgICd7QwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNTA3MTYx
MzEyMTdaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKEI2RTI3MjY5MkNBRkU5
RUQzNkVGNkZCMUM4MEQ1OUE5NkJGQ0E4MzIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC+1Yfzq9RQSP3unIBlqlSmOhXoc7wdrKTTOK4Wd7Urod7zEDpA
OHbpcfdK1+uhRlQrF+EGt74+GtudbdftZ+et2IejQ/j4ge883IF6DdjWTyViUGpz
oPd3Gw/efPDiedXblZj7PthIjKOH9wdwIAR/gDDPYwfJrpNYCtToSn5rfyglGxWx
fwRIyAJkcqQ2MJp4Na7L8L6RRwJ1Jb644mkBMX86T7CYgFAOdDV29utreUQ8jy1T
wsH0YPI4E4E2bmaIO1j7oWDIvu3TZH+Vib1CBmmoFgrVZzIMmkBRjbzolVN9JNth
fizFpQWeOU4F/bh2PPtH/5iKLR8MLD9zvkCJAgMBAAGjggI0MIICMDAdBgNVHQ4E
FgQUtuJyaSyv6e0272+xyA1ZqWv8qDIwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3R1SnlhU3l2NmUwMjcy
LXh5QTFacVd2OHFESS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwYgYIKwYBBQUHAQcBAf8EUzBRME8EAgABMEkD
BAIr7zADBAMr9gAwDAMEAiv2DAMEBCv2IDAMAwQCK/Y0AwQCK/ZgAwQCZyMwMAsD
AwJn7AMEA2fsEDAMAwQCZ+wcAwQCZ+xgMA0GCSqGSIb3DQEBCwUAA4IBAQBsxacd
40m/KEv4M2IOYEu8Eim9ZZBzRfFYt/5SCgE7WIrfg76jZeM9ciPgZ2VYmehTBbqU
XRD+WXAjmW2JTlU97UmDIxuOhPEoNmI4eChZ56AxC1PKwaNykCOz+Cn/klcelfUG
bqDZJP6FXLYG1p8KV+L4+2BvqJF0uWMCC0AdFLuCbfQR1Eq045bfFa4DFkVBzxc2
r2F+5bYgR2lSnB6iDj0MPwf2SQXmJHIxD4p7i99k66J2FOsc/JmeaOUiuv/gOQF/
xxEQznU2/b9Jy93DTTDtzOa7IGhJNieoeVW7g6YX5FB8qusww0MUkVgzc3DYGjtT
ef36bmiQe9hUuEza
-----END CERTIFICATE-----
Generated at Sun Jul 20 16:33:43 2025 by rpki-client