Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/woNX6rjWs6jw1c1wyyQhdqhyD1s.roa
File: woNX6rjWs6jw1c1wyyQhdqhyD1s.roa (raw, json)
Hash identifier: TIaP7RrzKDj+RqRFiXDi3gKUMHeviobzmeEkV+4+j7A=
Subject key identifier: C2:83:57:EA:B8:D6:B3:A8:F0:D5:CD:70:CB:24:21:76:A8:72:0F:5B
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 6A1E
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/woNX6rjWs6jw1c1wyyQhdqhyD1s.roa
Signing time: Tue 10 Jun 2025 01:42:08 +0000
ROA not before: Tue 10 Jun 2025 01:42:08 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 24426
IP address blocks: 43.239.48.0/22 maxlen: 22
43.246.0.0/22 maxlen: 22
43.246.4.0/22 maxlen: 22
43.246.12.0/22 maxlen: 22
43.246.16.0/22 maxlen: 22
43.246.20.0/22 maxlen: 22
43.246.24.0/22 maxlen: 22
43.246.28.0/22 maxlen: 22
43.246.32.0/22 maxlen: 22
43.246.36.0/22 maxlen: 22
43.246.40.0/22 maxlen: 22
43.246.44.0/22 maxlen: 22
43.246.52.0/22 maxlen: 22
43.246.56.0/22 maxlen: 22
43.246.60.0/22 maxlen: 22
43.246.64.0/22 maxlen: 22
43.246.68.0/22 maxlen: 22
43.246.72.0/22 maxlen: 22
43.246.76.0/22 maxlen: 22
43.246.80.0/22 maxlen: 22
43.246.84.0/22 maxlen: 22
43.246.88.0/22 maxlen: 22
43.246.92.0/22 maxlen: 22
43.246.96.0/22 maxlen: 22
103.35.48.0/22 maxlen: 22
103.236.0.0/22 maxlen: 22
103.236.4.0/22 maxlen: 22
103.236.8.0/22 maxlen: 22
103.236.12.0/22 maxlen: 22
103.236.16.0/22 maxlen: 22
103.236.20.0/22 maxlen: 22
103.236.28.0/22 maxlen: 22
103.236.32.0/22 maxlen: 22
103.236.36.0/22 maxlen: 22
103.236.40.0/22 maxlen: 22
103.236.44.0/22 maxlen: 22
103.236.48.0/22 maxlen: 22
103.236.52.0/22 maxlen: 22
103.236.56.0/22 maxlen: 22
103.236.60.0/22 maxlen: 22
103.236.64.0/22 maxlen: 22
103.236.68.0/22 maxlen: 22
103.236.72.0/22 maxlen: 22
103.236.76.0/22 maxlen: 22
103.236.80.0/22 maxlen: 22
103.236.84.0/22 maxlen: 22
103.236.88.0/22 maxlen: 22
103.236.92.0/22 maxlen: 22
103.236.96.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 27166 (0x6a1e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Jun 10 01:42:08 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=C28357EAB8D6B3A8F0D5CD70CB242176A8720F5B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:20:91:ad:b5:d5:87:ef:1d:0e:d0:2c:ca:1e:
c7:45:63:66:99:f2:a5:5e:d3:c2:b7:6a:72:e5:86:
67:69:32:ff:85:38:9b:42:6e:f2:f2:26:53:41:7e:
32:df:41:35:3f:bb:b1:53:0c:71:74:5b:78:39:54:
32:86:b3:63:4b:77:bc:b0:54:f6:0a:0f:b2:b8:da:
88:bf:20:5c:05:c3:d6:c9:3f:59:45:54:d5:75:eb:
ae:6a:35:3e:f4:db:4f:96:14:1a:bc:77:de:28:40:
5b:ed:11:f8:6b:88:62:da:46:3f:73:e5:0e:c5:89:
e3:f1:b7:1c:47:64:d3:5a:e0:68:67:57:34:76:82:
7a:6a:56:50:85:45:d3:90:e5:ab:d4:b9:3e:98:6f:
16:64:2b:14:19:d3:e8:df:2b:d4:7f:62:08:7d:3a:
aa:28:f5:11:02:0c:7d:e6:c5:fb:76:b5:e6:31:3e:
3f:c7:75:14:b8:17:c5:91:1a:62:3c:6b:3e:bf:2c:
7f:4a:2c:77:6a:2e:b8:1d:14:24:f6:1b:ab:90:f4:
86:90:39:ca:1b:bf:c1:be:8b:56:2e:b9:4f:dd:71:
8a:4c:a6:d5:11:8c:9f:81:c1:a5:cf:ae:18:78:66:
fe:66:a4:d7:98:6e:99:3f:48:51:88:5b:6f:51:b4:
5a:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:83:57:EA:B8:D6:B3:A8:F0:D5:CD:70:CB:24:21:76:A8:72:0F:5B
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/woNX6rjWs6jw1c1wyyQhdqhyD1s.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.48.0/22
43.246.0.0/21
43.246.12.0-43.246.47.255
43.246.52.0-43.246.99.255
103.35.48.0/22
103.236.0.0-103.236.23.255
103.236.28.0-103.236.99.255
Signature Algorithm: sha256WithRSAEncryption
a0:ff:95:62:54:65:d1:03:3d:5c:da:4f:10:e0:43:1a:aa:fe:
75:f8:61:a3:5f:bd:dc:51:7f:a4:3f:a2:94:26:30:fa:2f:7f:
85:3f:14:86:72:4e:28:38:e6:99:ca:45:f0:3f:41:84:41:f6:
3b:7f:c9:05:61:e1:2e:70:a6:cd:8a:83:08:8d:20:c4:ba:be:
f5:3d:01:d8:44:f4:b1:47:68:e6:d7:ad:88:ca:24:47:09:0e:
aa:f2:50:b8:43:01:c0:f7:75:48:e6:6e:de:bf:56:36:e6:ce:
2f:14:04:ba:5f:27:03:41:80:1b:36:12:60:3d:3d:b0:5f:33:
cd:88:d5:67:aa:be:60:6a:04:44:27:e4:58:d3:4e:85:2a:54:
ef:2e:77:3d:d3:95:05:cf:40:29:12:4f:26:b7:d0:3d:ed:b8:
61:cc:68:7a:1d:9f:cb:8a:f3:0a:30:67:44:97:5a:b7:3b:74:
6e:e3:e2:61:d0:c3:8e:0d:e2:e1:21:2f:8a:e0:0d:10:0c:ff:
05:14:1b:c4:87:89:60:62:1f:b8:b3:10:6c:49:9c:6d:e3:cb:
b3:53:7f:54:fb:6a:23:77:97:ee:e0:b8:ba:e6:a8:0f:9c:98:
8d:73:91:6c:0c:e4:94:49:fc:d1:0e:c2:89:15:de:7a:8c:94:
40:eb:44:af
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgICah4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNTA2MTAw
MTQyMDhaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKEMyODM1N0VBQjhENkIz
QThGMEQ1Q0Q3MENCMjQyMTc2QTg3MjBGNUIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDFIJGttdWH7x0O0CzKHsdFY2aZ8qVe08K3anLlhmdpMv+FOJtC
bvLyJlNBfjLfQTU/u7FTDHF0W3g5VDKGs2NLd7ywVPYKD7K42oi/IFwFw9bJP1lF
VNV1665qNT7020+WFBq8d94oQFvtEfhriGLaRj9z5Q7FiePxtxxHZNNa4GhnVzR2
gnpqVlCFRdOQ5avUuT6YbxZkKxQZ0+jfK9R/Ygh9Oqoo9RECDH3mxft2teYxPj/H
dRS4F8WRGmI8az6/LH9KLHdqLrgdFCT2G6uQ9IaQOcobv8G+i1YuuU/dcYpMptUR
jJ+BwaXPrhh4Zv5mpNeYbpk/SFGIW29RtFppAgMBAAGjggI0MIICMDAdBgNVHQ4E
FgQUwoNX6rjWs6jw1c1wyyQhdqhyD1swHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3dvTlg2cmpXczZqdzFj
MXd5eVFoZHFoeUQxcy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwYgYIKwYBBQUHAQcBAf8EUzBRME8EAgABMEkD
BAIr7zADBAMr9gAwDAMEAiv2DAMEBCv2IDAMAwQCK/Y0AwQCK/ZgAwQCZyMwMAsD
AwJn7AMEA2fsEDAMAwQCZ+wcAwQCZ+xgMA0GCSqGSIb3DQEBCwUAA4IBAQCg/5Vi
VGXRAz1c2k8Q4EMaqv51+GGjX73cUX+kP6KUJjD6L3+FPxSGck4oOOaZykXwP0GE
QfY7f8kFYeEucKbNioMIjSDEur71PQHYRPSxR2jm162IyiRHCQ6q8lC4QwHA93VI
5m7ev1Y25s4vFAS6XycDQYAbNhJgPT2wXzPNiNVnqr5gagREJ+RY006FKlTvLnc9
05UFz0ApEk8mt9A97bhhzGh6HZ/LivMKMGdEl1q3O3Ru4+Jh0MOODeLhIS+K4A0Q
DP8FFBvEh4lgYh+4sxBsSZxt48uzU39U+2ojd5fu4Li65qgPnJiNc5FsDOSUSfzR
DsKJFd56jJRA60Sv
-----END CERTIFICATE-----
Generated at Sun Jul 20 12:45:44 2025 by rpki-client