Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/v1lbI38ZFf_uelPF-q7bmS4merM.roa
File: v1lbI38ZFf_uelPF-q7bmS4merM.roa (raw, json)
Hash identifier: mAJHEPWMiP7N9c6V8W5oOsqTQdFjB55SlwfTIpstBmA=
Subject key identifier: BF:59:5B:23:7F:19:15:FF:EE:7A:53:C5:FA:AE:DB:99:2E:26:7A:B3
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 66CE
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/v1lbI38ZFf_uelPF-q7bmS4merM.roa
Signing time: Sun 01 Jun 2025 05:41:37 +0000
ROA not before: Sun 01 Jun 2025 05:41:37 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 24426
IP address blocks: 43.239.48.0/22 maxlen: 22
43.246.0.0/22 maxlen: 22
43.246.4.0/22 maxlen: 22
43.246.12.0/22 maxlen: 22
43.246.16.0/22 maxlen: 22
43.246.20.0/22 maxlen: 22
43.246.24.0/22 maxlen: 22
43.246.28.0/22 maxlen: 22
43.246.32.0/22 maxlen: 22
43.246.36.0/22 maxlen: 22
43.246.40.0/22 maxlen: 22
43.246.44.0/22 maxlen: 22
43.246.52.0/22 maxlen: 22
43.246.56.0/22 maxlen: 22
43.246.60.0/22 maxlen: 22
43.246.64.0/22 maxlen: 22
43.246.68.0/22 maxlen: 22
43.246.72.0/22 maxlen: 22
43.246.76.0/22 maxlen: 22
43.246.80.0/22 maxlen: 22
43.246.84.0/22 maxlen: 22
43.246.88.0/22 maxlen: 22
43.246.92.0/22 maxlen: 22
43.246.96.0/22 maxlen: 22
103.35.48.0/22 maxlen: 22
103.236.0.0/22 maxlen: 22
103.236.4.0/22 maxlen: 22
103.236.8.0/22 maxlen: 22
103.236.12.0/22 maxlen: 22
103.236.16.0/22 maxlen: 22
103.236.20.0/22 maxlen: 22
103.236.28.0/22 maxlen: 22
103.236.32.0/22 maxlen: 22
103.236.36.0/22 maxlen: 22
103.236.40.0/22 maxlen: 22
103.236.44.0/22 maxlen: 22
103.236.48.0/22 maxlen: 22
103.236.52.0/22 maxlen: 22
103.236.56.0/22 maxlen: 22
103.236.60.0/22 maxlen: 22
103.236.64.0/22 maxlen: 22
103.236.68.0/22 maxlen: 22
103.236.72.0/22 maxlen: 22
103.236.76.0/22 maxlen: 22
103.236.80.0/22 maxlen: 22
103.236.84.0/22 maxlen: 22
103.236.88.0/22 maxlen: 22
103.236.92.0/22 maxlen: 22
103.236.96.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 26318 (0x66ce)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Jun 1 05:41:37 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=BF595B237F1915FFEE7A53C5FAAEDB992E267AB3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:c1:84:2f:1c:37:94:5d:9e:93:f7:6a:c2:cb:
69:fe:4b:94:b7:28:d0:96:84:ed:b4:62:a0:1b:e2:
94:09:ad:7c:9b:a0:7a:bd:f6:1b:a4:ed:56:9e:63:
de:67:60:7a:62:85:b6:5a:e5:b3:e4:46:97:36:53:
9b:a3:cb:83:0b:d4:1e:50:64:4a:be:44:77:1f:8d:
82:dd:94:9b:d7:7d:88:fe:6a:53:21:6d:5f:b4:7d:
cc:3d:55:f3:7c:06:28:fe:95:1b:9b:b4:b2:fe:2a:
e2:c6:22:89:0a:61:45:14:11:3f:c1:9b:b2:8d:5a:
8f:82:2a:da:70:87:de:81:98:90:5d:e9:79:cc:2d:
b9:4c:69:1e:a9:30:49:ed:12:09:5f:32:a7:79:ad:
53:8c:ec:a5:d7:c4:a2:e6:85:3c:4a:28:d6:6a:01:
8d:a0:ff:a2:01:d2:43:eb:b4:ba:00:f3:5b:f3:d6:
b2:79:8e:9a:00:67:bd:35:23:33:5b:b9:55:5c:a0:
6a:9a:83:a7:25:3c:33:d3:fa:bf:1e:ef:e8:05:0f:
69:da:46:e4:f4:f4:a3:9e:cd:63:1e:76:29:0b:2b:
04:8d:a0:4e:e0:0c:e8:cc:87:2e:42:06:d7:11:3c:
58:5e:6a:3b:88:a2:fa:8a:1b:73:f8:c3:da:3c:4a:
e9:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:59:5B:23:7F:19:15:FF:EE:7A:53:C5:FA:AE:DB:99:2E:26:7A:B3
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/v1lbI38ZFf_uelPF-q7bmS4merM.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.48.0/22
43.246.0.0/21
43.246.12.0-43.246.47.255
43.246.52.0-43.246.99.255
103.35.48.0/22
103.236.0.0-103.236.23.255
103.236.28.0-103.236.99.255
Signature Algorithm: sha256WithRSAEncryption
14:58:46:51:27:e3:14:68:3f:95:31:23:53:4c:56:c6:51:6d:
d5:49:ca:10:0a:d8:04:48:37:b7:2e:10:98:2a:54:74:39:64:
20:57:19:7d:d0:36:b4:20:2f:32:74:9d:85:6e:4d:ac:bb:bc:
f0:9b:4f:ce:48:9e:22:39:08:a3:61:4c:6b:64:ea:ae:10:5d:
c2:d1:3a:af:6c:95:79:40:a5:1d:2b:86:ed:2b:ac:16:eb:a1:
19:b5:f7:bc:34:f0:5d:c1:6c:12:40:3f:52:de:84:69:fc:16:
53:41:1c:7c:f6:0d:e2:1e:8f:88:d9:23:db:86:db:f8:ec:ec:
95:39:59:19:da:2a:47:83:dc:57:02:2c:0f:f8:59:e9:14:3c:
da:c7:6d:6c:82:77:29:53:b0:ac:eb:c9:8d:18:24:f5:f2:72:
51:a4:5e:a9:74:3d:62:b7:b1:89:75:22:be:6f:7b:b6:f0:64:
c2:b3:c4:6c:d0:71:0e:e7:72:27:dc:a6:d9:b0:6a:40:45:7e:
75:03:33:f3:fc:84:3b:e4:ab:93:fc:ea:e0:81:3f:47:3c:00:
7e:1d:84:ad:29:cb:e9:fa:81:41:f2:42:28:fa:30:78:27:d3:
40:bb:1a:58:1f:07:b4:ae:06:8c:b8:b5:f2:04:4a:f0:f0:b1:
2a:11:21:e5
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgICZs4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNTA2MDEw
NTQxMzdaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKEJGNTk1QjIzN0YxOTE1
RkZFRTdBNTNDNUZBQUVEQjk5MkUyNjdBQjMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDBwYQvHDeUXZ6T92rCy2n+S5S3KNCWhO20YqAb4pQJrXyboHq9
9huk7VaeY95nYHpihbZa5bPkRpc2U5ujy4ML1B5QZEq+RHcfjYLdlJvXfYj+alMh
bV+0fcw9VfN8Bij+lRubtLL+KuLGIokKYUUUET/Bm7KNWo+CKtpwh96BmJBd6XnM
LblMaR6pMEntEglfMqd5rVOM7KXXxKLmhTxKKNZqAY2g/6IB0kPrtLoA81vz1rJ5
jpoAZ701IzNbuVVcoGqag6clPDPT+r8e7+gFD2naRuT09KOezWMedikLKwSNoE7g
DOjMhy5CBtcRPFheajuIovqKG3P4w9o8SukxAgMBAAGjggI0MIICMDAdBgNVHQ4E
FgQUv1lbI38ZFf/uelPF+q7bmS4merMwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3YxbGJJMzhaRmZfdWVs
UEYtcTdibVM0bWVyTS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwYgYIKwYBBQUHAQcBAf8EUzBRME8EAgABMEkD
BAIr7zADBAMr9gAwDAMEAiv2DAMEBCv2IDAMAwQCK/Y0AwQCK/ZgAwQCZyMwMAsD
AwJn7AMEA2fsEDAMAwQCZ+wcAwQCZ+xgMA0GCSqGSIb3DQEBCwUAA4IBAQAUWEZR
J+MUaD+VMSNTTFbGUW3VScoQCtgESDe3LhCYKlR0OWQgVxl90Da0IC8ydJ2Fbk2s
u7zwm0/OSJ4iOQijYUxrZOquEF3C0TqvbJV5QKUdK4btK6wW66EZtfe8NPBdwWwS
QD9S3oRp/BZTQRx89g3iHo+I2SPbhtv47OyVOVkZ2ipHg9xXAiwP+FnpFDzax21s
gncpU7Cs68mNGCT18nJRpF6pdD1it7GJdSK+b3u28GTCs8Rs0HEO53In3KbZsGpA
RX51AzPz/IQ75KuT/OrggT9HPAB+HYStKcvp+oFB8kIo+jB4J9NAuxpYHwe0rgaM
uLXyBErw8LEqESHl
-----END CERTIFICATE-----
Generated at Wed Jun 4 01:10:03 2025 by rpki-client