Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/uToOWLtCO1GsdeYQFGN8nPNgi8g.roa
File: uToOWLtCO1GsdeYQFGN8nPNgi8g.roa (raw, json)
Hash identifier: wj5EPcu7K76AnJgyqKfhodwgP5QGY5XIZmPLq3avZ7I=
Subject key identifier: B9:3A:0E:58:BB:42:3B:51:AC:75:E6:10:14:63:7C:9C:F3:60:8B:C8
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 773E
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/uToOWLtCO1GsdeYQFGN8nPNgi8g.roa
Signing time: Tue 15 Jul 2025 07:43:52 +0000
ROA not before: Tue 15 Jul 2025 07:43:52 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 24426
IP address blocks: 43.239.48.0/22 maxlen: 22
43.246.0.0/22 maxlen: 22
43.246.4.0/22 maxlen: 22
43.246.12.0/22 maxlen: 22
43.246.16.0/22 maxlen: 22
43.246.20.0/22 maxlen: 22
43.246.24.0/22 maxlen: 22
43.246.28.0/22 maxlen: 22
43.246.32.0/22 maxlen: 22
43.246.36.0/22 maxlen: 22
43.246.40.0/22 maxlen: 22
43.246.44.0/22 maxlen: 22
43.246.52.0/22 maxlen: 22
43.246.56.0/22 maxlen: 22
43.246.60.0/22 maxlen: 22
43.246.64.0/22 maxlen: 22
43.246.68.0/22 maxlen: 22
43.246.72.0/22 maxlen: 22
43.246.76.0/22 maxlen: 22
43.246.80.0/22 maxlen: 22
43.246.84.0/22 maxlen: 22
43.246.88.0/22 maxlen: 22
43.246.92.0/22 maxlen: 22
43.246.96.0/22 maxlen: 22
103.35.48.0/22 maxlen: 22
103.236.0.0/22 maxlen: 22
103.236.4.0/22 maxlen: 22
103.236.8.0/22 maxlen: 22
103.236.12.0/22 maxlen: 22
103.236.16.0/22 maxlen: 22
103.236.20.0/22 maxlen: 22
103.236.28.0/22 maxlen: 22
103.236.32.0/22 maxlen: 22
103.236.36.0/22 maxlen: 22
103.236.40.0/22 maxlen: 22
103.236.44.0/22 maxlen: 22
103.236.48.0/22 maxlen: 22
103.236.52.0/22 maxlen: 22
103.236.56.0/22 maxlen: 22
103.236.60.0/22 maxlen: 22
103.236.64.0/22 maxlen: 22
103.236.68.0/22 maxlen: 22
103.236.72.0/22 maxlen: 22
103.236.76.0/22 maxlen: 22
103.236.80.0/22 maxlen: 22
103.236.84.0/22 maxlen: 22
103.236.88.0/22 maxlen: 22
103.236.92.0/22 maxlen: 22
103.236.96.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 30526 (0x773e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Jul 15 07:43:52 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=B93A0E58BB423B51AC75E61014637C9CF3608BC8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:d4:70:a3:f3:6a:ac:d9:9b:3e:6f:51:a3:47:
a9:88:03:0e:db:2d:0d:56:82:23:92:df:5d:73:d2:
36:c6:f1:35:87:e8:3c:69:75:22:2e:66:4b:ce:d5:
80:3d:41:66:d1:73:b3:9b:81:bc:d4:7f:b6:31:3b:
27:c0:69:bf:9a:85:5f:2c:9c:30:cf:b8:e5:91:d4:
b7:ae:30:2d:e1:c3:85:93:59:b5:cd:aa:d0:fd:95:
dc:ac:9b:1f:22:11:25:a0:13:24:49:5b:d2:ca:dc:
01:65:9c:b0:f9:e6:86:c2:31:d6:1f:07:78:f2:06:
23:19:0b:39:91:a2:2f:8c:33:aa:64:7b:a0:e8:51:
ac:f1:8e:6f:7a:67:ff:be:0b:c8:b3:4b:56:36:a9:
e9:85:47:25:f7:ed:0b:43:72:e3:dd:99:13:21:e7:
1c:d2:0d:d9:74:31:c3:e5:a9:d4:46:0c:5e:a5:b1:
1b:6f:80:4f:b6:e8:af:bf:f4:c7:07:4a:5b:5d:a1:
b6:72:7b:bb:65:10:15:5b:b2:b3:db:87:72:c2:c8:
45:e9:47:5a:78:a7:c9:d6:f7:05:d6:27:ac:e6:af:
a5:a9:13:90:ca:02:a7:19:5d:e3:0c:49:8f:a8:96:
be:3d:ea:21:73:4b:9c:71:96:d7:be:c3:3f:2c:51:
c8:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:3A:0E:58:BB:42:3B:51:AC:75:E6:10:14:63:7C:9C:F3:60:8B:C8
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/uToOWLtCO1GsdeYQFGN8nPNgi8g.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.48.0/22
43.246.0.0/21
43.246.12.0-43.246.47.255
43.246.52.0-43.246.99.255
103.35.48.0/22
103.236.0.0-103.236.23.255
103.236.28.0-103.236.99.255
Signature Algorithm: sha256WithRSAEncryption
64:39:0b:2e:6e:ba:f0:dd:97:62:88:ae:4b:57:f2:7e:5f:b3:
d9:96:02:0c:0f:24:71:06:4a:f7:0c:1a:d3:9c:9d:1d:7f:62:
8f:13:e0:17:a6:c5:a6:8c:d8:fc:f7:8a:94:15:3f:b3:66:36:
97:de:c0:6f:5c:5b:80:a3:5a:d9:ef:09:a5:8b:d7:86:f5:f3:
2c:af:a4:ca:d2:7f:35:0b:48:ae:6b:5b:02:39:62:91:36:db:
ee:51:25:37:fa:3a:31:17:e5:a2:99:b0:43:01:87:a1:4b:ee:
b8:74:e4:e2:5a:5d:e0:72:b5:c0:11:9e:7c:e2:25:d9:04:63:
15:12:cb:96:6a:90:67:32:f6:42:98:de:23:ab:75:94:d0:5e:
ae:fa:cf:e7:5d:a4:97:da:ec:84:c0:33:c5:40:b4:91:a3:8f:
7e:82:9b:ce:2f:20:71:6a:89:38:1e:52:73:92:35:2d:2e:e1:
84:95:a1:1d:b0:30:cb:cd:27:ee:e9:db:6c:fb:d3:92:45:e8:
bd:f3:fb:d7:ea:ec:54:1a:f8:86:7a:a0:0a:e7:b3:01:df:85:
b1:f6:7b:6e:eb:0a:25:52:c5:f3:26:af:0d:65:1f:fd:08:28:
ba:65:1c:f2:c8:13:b9:f8:f8:21:47:c6:df:74:0b:58:4d:1e:
c0:a1:d7:cf
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgICdz4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNTA3MTUw
NzQzNTJaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKEI5M0EwRTU4QkI0MjNC
NTFBQzc1RTYxMDE0NjM3QzlDRjM2MDhCQzgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC71HCj82qs2Zs+b1GjR6mIAw7bLQ1WgiOS311z0jbG8TWH6Dxp
dSIuZkvO1YA9QWbRc7ObgbzUf7YxOyfAab+ahV8snDDPuOWR1LeuMC3hw4WTWbXN
qtD9ldysmx8iESWgEyRJW9LK3AFlnLD55obCMdYfB3jyBiMZCzmRoi+MM6pke6Do
Uazxjm96Z/++C8izS1Y2qemFRyX37QtDcuPdmRMh5xzSDdl0McPlqdRGDF6lsRtv
gE+26K+/9McHSltdobZye7tlEBVbsrPbh3LCyEXpR1p4p8nW9wXWJ6zmr6WpE5DK
AqcZXeMMSY+olr496iFzS5xxlte+wz8sUcgJAgMBAAGjggI0MIICMDAdBgNVHQ4E
FgQUuToOWLtCO1GsdeYQFGN8nPNgi8gwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3VUb09XTHRDTzFHc2Rl
WVFGR044blBOZ2k4Zy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwYgYIKwYBBQUHAQcBAf8EUzBRME8EAgABMEkD
BAIr7zADBAMr9gAwDAMEAiv2DAMEBCv2IDAMAwQCK/Y0AwQCK/ZgAwQCZyMwMAsD
AwJn7AMEA2fsEDAMAwQCZ+wcAwQCZ+xgMA0GCSqGSIb3DQEBCwUAA4IBAQBkOQsu
brrw3ZdiiK5LV/J+X7PZlgIMDyRxBkr3DBrTnJ0df2KPE+AXpsWmjNj894qUFT+z
ZjaX3sBvXFuAo1rZ7wmli9eG9fMsr6TK0n81C0iua1sCOWKRNtvuUSU3+joxF+Wi
mbBDAYehS+64dOTiWl3gcrXAEZ584iXZBGMVEsuWapBnMvZCmN4jq3WU0F6u+s/n
XaSX2uyEwDPFQLSRo49+gpvOLyBxaok4HlJzkjUtLuGElaEdsDDLzSfu6dts+9OS
Rei98/vX6uxUGviGeqAK57MB34Wx9ntu6wolUsXzJq8NZR/9CCi6ZRzyyBO5+Pgh
R8bfdAtYTR7AodfP
-----END CERTIFICATE-----
Generated at Sun Jul 20 12:47:35 2025 by rpki-client