Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/vxT3qgyncqNgSF4KAj3p0JFnxjc.roa
File: vxT3qgyncqNgSF4KAj3p0JFnxjc.roa (raw, json)
Hash identifier: yswp2/piNnN9xnfQIn7KBH2v1tp24bddsH8IcKbL3sY=
Subject key identifier: BF:14:F7:AA:0C:A7:72:A3:60:48:5E:0A:02:3D:E9:D0:91:67:C6:37
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 649E
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vxT3qgyncqNgSF4KAj3p0JFnxjc.roa
Signing time: Mon 26 May 2025 09:41:04 +0000
ROA not before: Mon 26 May 2025 09:41:04 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 24426
IP address blocks: 43.239.48.0/22 maxlen: 22
43.246.0.0/22 maxlen: 22
43.246.4.0/22 maxlen: 22
43.246.12.0/22 maxlen: 22
43.246.16.0/22 maxlen: 22
43.246.20.0/22 maxlen: 22
43.246.24.0/22 maxlen: 22
43.246.28.0/22 maxlen: 22
43.246.32.0/22 maxlen: 22
43.246.36.0/22 maxlen: 22
43.246.40.0/22 maxlen: 22
43.246.44.0/22 maxlen: 22
43.246.52.0/22 maxlen: 22
43.246.56.0/22 maxlen: 22
43.246.60.0/22 maxlen: 22
43.246.64.0/22 maxlen: 22
43.246.68.0/22 maxlen: 22
43.246.72.0/22 maxlen: 22
43.246.76.0/22 maxlen: 22
43.246.80.0/22 maxlen: 22
43.246.84.0/22 maxlen: 22
43.246.88.0/22 maxlen: 22
43.246.92.0/22 maxlen: 22
43.246.96.0/22 maxlen: 22
103.35.48.0/22 maxlen: 22
103.236.0.0/22 maxlen: 22
103.236.4.0/22 maxlen: 22
103.236.8.0/22 maxlen: 22
103.236.12.0/22 maxlen: 22
103.236.16.0/22 maxlen: 22
103.236.20.0/22 maxlen: 22
103.236.28.0/22 maxlen: 22
103.236.32.0/22 maxlen: 22
103.236.36.0/22 maxlen: 22
103.236.40.0/22 maxlen: 22
103.236.44.0/22 maxlen: 22
103.236.48.0/22 maxlen: 22
103.236.52.0/22 maxlen: 22
103.236.56.0/22 maxlen: 22
103.236.60.0/22 maxlen: 22
103.236.64.0/22 maxlen: 22
103.236.68.0/22 maxlen: 22
103.236.72.0/22 maxlen: 22
103.236.76.0/22 maxlen: 22
103.236.80.0/22 maxlen: 22
103.236.84.0/22 maxlen: 22
103.236.88.0/22 maxlen: 22
103.236.92.0/22 maxlen: 22
103.236.96.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 25758 (0x649e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 26 09:41:04 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=BF14F7AA0CA772A360485E0A023DE9D09167C637
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:44:10:ae:58:76:e2:c9:19:3d:fb:86:98:fc:
b1:b9:7a:56:ff:5b:33:21:d5:cb:c7:14:7a:c0:c9:
52:75:3f:4c:54:50:fb:47:15:97:fb:f2:43:89:48:
34:59:cb:29:7f:90:41:0e:fb:82:5e:cf:5b:ea:ec:
44:ea:b8:a2:a9:81:ee:8e:e8:a4:29:8d:55:c3:d4:
52:15:33:67:31:c8:13:e5:4e:09:3f:d5:02:b2:8d:
dc:e3:43:82:0f:23:1d:c1:78:5c:e7:d4:e5:24:04:
20:56:c3:13:bf:b8:93:70:22:57:cc:2a:ec:f8:bd:
39:33:3c:0b:e2:86:1e:bb:e4:ab:8b:51:29:83:d8:
de:62:b5:e4:63:82:13:fb:c0:7d:c8:ae:ee:00:84:
1d:d8:8d:58:ef:a8:d5:76:d9:40:5c:a9:a3:bd:78:
31:22:1c:09:a5:ee:ef:5d:ee:72:42:d0:23:a2:64:
22:63:73:76:78:de:19:b0:58:86:6c:31:76:1a:87:
ee:f3:87:00:ad:77:83:03:2a:6d:83:0a:29:fb:14:
db:c3:73:54:86:28:52:9a:d2:59:d7:94:7e:7f:e4:
2e:8e:e9:f2:d0:c6:81:61:6a:de:23:14:97:26:7e:
bb:71:77:07:c9:24:b8:7c:1f:0e:1a:85:f1:f9:86:
1d:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:14:F7:AA:0C:A7:72:A3:60:48:5E:0A:02:3D:E9:D0:91:67:C6:37
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vxT3qgyncqNgSF4KAj3p0JFnxjc.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.48.0/22
43.246.0.0/21
43.246.12.0-43.246.47.255
43.246.52.0-43.246.99.255
103.35.48.0/22
103.236.0.0-103.236.23.255
103.236.28.0-103.236.99.255
Signature Algorithm: sha256WithRSAEncryption
8c:13:ed:17:6c:35:0d:de:ea:7c:ec:ce:2f:d0:9b:2b:c5:83:
05:3f:1b:e3:35:0d:99:9e:14:00:e6:bb:c7:5d:01:10:c8:44:
11:43:93:07:fc:9d:35:02:a8:83:45:6a:79:d0:57:55:2f:35:
c2:3b:1c:66:7d:2c:8c:ac:9c:26:a2:55:39:83:9d:9f:0e:aa:
03:42:e0:7e:ad:d5:2c:ac:d4:a5:09:93:ac:26:e9:72:60:88:
10:e0:24:34:37:b7:65:1d:a2:3f:8c:c9:e7:b9:79:3a:16:d6:
2e:da:f4:3d:2e:1b:c2:f6:d3:fa:10:bc:00:58:4a:41:31:88:
78:d1:8a:a4:46:d5:8e:ec:c1:a7:71:c2:f6:7a:92:95:3d:70:
e6:ec:5a:ac:95:04:5a:a8:c4:1c:c1:80:01:0d:ed:5e:e0:eb:
4d:b2:8f:b2:e0:d8:c4:f4:48:0f:5e:ac:c7:d6:18:80:a0:c9:
68:f2:05:a3:b2:93:0b:b2:6c:6d:ad:0e:a4:b5:a9:9b:3b:dd:
b7:01:cc:c8:8b:eb:1c:7a:bd:ae:84:41:15:70:35:6a:2d:00:
88:9c:3e:7b:9f:f3:f7:0f:16:e7:3c:0e:6d:bf:4f:db:10:f7:
06:ab:66:8a:46:3b:40:26:ce:a0:b8:2a:c1:55:e0:a6:68:ef:
39:b2:9e:63
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgICZJ4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNTA1MjYw
OTQxMDRaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKEJGMTRGN0FBMENBNzcy
QTM2MDQ4NUUwQTAyM0RFOUQwOTE2N0M2MzcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDFRBCuWHbiyRk9+4aY/LG5elb/WzMh1cvHFHrAyVJ1P0xUUPtH
FZf78kOJSDRZyyl/kEEO+4Jez1vq7ETquKKpge6O6KQpjVXD1FIVM2cxyBPlTgk/
1QKyjdzjQ4IPIx3BeFzn1OUkBCBWwxO/uJNwIlfMKuz4vTkzPAvihh675KuLUSmD
2N5iteRjghP7wH3Iru4AhB3YjVjvqNV22UBcqaO9eDEiHAml7u9d7nJC0COiZCJj
c3Z43hmwWIZsMXYah+7zhwCtd4MDKm2DCin7FNvDc1SGKFKa0lnXlH5/5C6O6fLQ
xoFhat4jFJcmfrtxdwfJJLh8Hw4ahfH5hh2/AgMBAAGjggI0MIICMDAdBgNVHQ4E
FgQUvxT3qgyncqNgSF4KAj3p0JFnxjcwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3Z4VDNxZ3luY3FOZ1NG
NEtBajNwMEpGbnhqYy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwYgYIKwYBBQUHAQcBAf8EUzBRME8EAgABMEkD
BAIr7zADBAMr9gAwDAMEAiv2DAMEBCv2IDAMAwQCK/Y0AwQCK/ZgAwQCZyMwMAsD
AwJn7AMEA2fsEDAMAwQCZ+wcAwQCZ+xgMA0GCSqGSIb3DQEBCwUAA4IBAQCME+0X
bDUN3up87M4v0JsrxYMFPxvjNQ2ZnhQA5rvHXQEQyEQRQ5MH/J01AqiDRWp50FdV
LzXCOxxmfSyMrJwmolU5g52fDqoDQuB+rdUsrNSlCZOsJulyYIgQ4CQ0N7dlHaI/
jMnnuXk6FtYu2vQ9LhvC9tP6ELwAWEpBMYh40YqkRtWO7MGnccL2epKVPXDm7Fqs
lQRaqMQcwYABDe1e4OtNso+y4NjE9EgPXqzH1hiAoMlo8gWjspMLsmxtrQ6ktamb
O923AczIi+scer2uhEEVcDVqLQCInD57n/P3DxbnPA5tv0/bEPcGq2aKRjtAJs6g
uCrBVeCmaO85sp5j
-----END CERTIFICATE-----
Generated at Wed Jun 4 01:20:54 2025 by rpki-client