Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/wpNaLXhKK6KTi-OJ-mFFQbm3H0Y.roa
File: wpNaLXhKK6KTi-OJ-mFFQbm3H0Y.roa (raw, json)
Hash identifier: FEpgR5JMDrJ4M2YLqfi7pL4Va1WPRMC1dFKsE3AgZNQ=
Subject key identifier: C2:93:5A:2D:78:4A:2B:A2:93:8B:E3:89:FA:61:45:41:B9:B7:1F:46
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 6430
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/wpNaLXhKK6KTi-OJ-mFFQbm3H0Y.roa
Signing time: Sun 25 May 2025 06:10:55 +0000
ROA not before: Sun 25 May 2025 06:10:55 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 24426
IP address blocks: 43.239.48.0/22 maxlen: 22
43.246.0.0/22 maxlen: 22
43.246.4.0/22 maxlen: 22
43.246.12.0/22 maxlen: 22
43.246.16.0/22 maxlen: 22
43.246.20.0/22 maxlen: 22
43.246.24.0/22 maxlen: 22
43.246.28.0/22 maxlen: 22
43.246.32.0/22 maxlen: 22
43.246.36.0/22 maxlen: 22
43.246.40.0/22 maxlen: 22
43.246.44.0/22 maxlen: 22
43.246.52.0/22 maxlen: 22
43.246.56.0/22 maxlen: 22
43.246.60.0/22 maxlen: 22
43.246.64.0/22 maxlen: 22
43.246.68.0/22 maxlen: 22
43.246.72.0/22 maxlen: 22
43.246.76.0/22 maxlen: 22
43.246.80.0/22 maxlen: 22
43.246.84.0/22 maxlen: 22
43.246.88.0/22 maxlen: 22
43.246.92.0/22 maxlen: 22
43.246.96.0/22 maxlen: 22
103.35.48.0/22 maxlen: 22
103.236.0.0/22 maxlen: 22
103.236.4.0/22 maxlen: 22
103.236.8.0/22 maxlen: 22
103.236.12.0/22 maxlen: 22
103.236.16.0/22 maxlen: 22
103.236.20.0/22 maxlen: 22
103.236.28.0/22 maxlen: 22
103.236.32.0/22 maxlen: 22
103.236.36.0/22 maxlen: 22
103.236.40.0/22 maxlen: 22
103.236.44.0/22 maxlen: 22
103.236.48.0/22 maxlen: 22
103.236.52.0/22 maxlen: 22
103.236.56.0/22 maxlen: 22
103.236.60.0/22 maxlen: 22
103.236.64.0/22 maxlen: 22
103.236.68.0/22 maxlen: 22
103.236.72.0/22 maxlen: 22
103.236.76.0/22 maxlen: 22
103.236.80.0/22 maxlen: 22
103.236.84.0/22 maxlen: 22
103.236.88.0/22 maxlen: 22
103.236.92.0/22 maxlen: 22
103.236.96.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 25648 (0x6430)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 25 06:10:55 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=C2935A2D784A2BA2938BE389FA614541B9B71F46
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:5b:43:63:11:a0:65:d9:70:47:fe:09:8f:12:
02:a3:d3:8a:36:a4:a6:bd:06:6a:7b:d6:2f:66:c3:
e2:e9:ab:cf:f2:49:d1:87:f5:62:fa:37:fd:fb:14:
40:83:0c:62:08:34:09:cc:6e:8d:b5:6c:a7:72:3a:
79:d2:58:ad:63:7e:0a:dd:5f:b3:fe:c8:e6:f2:cd:
f0:59:3e:53:ef:1e:b1:95:3d:93:66:fe:a4:99:5c:
ba:cb:bf:39:e0:ed:b6:ee:39:1f:fc:a2:e7:a6:1f:
90:83:fe:01:73:ba:24:d9:56:77:37:10:14:94:8c:
6d:70:92:cc:bd:cd:93:aa:84:66:26:2a:44:7d:08:
f2:24:08:1a:b1:65:9c:74:09:89:f7:ed:71:31:73:
94:75:8f:b5:b2:f2:fb:ec:4a:16:14:25:cf:c7:c2:
da:fd:a6:2f:e3:98:95:01:4d:ea:35:7a:12:43:54:
4f:a2:9a:7c:e0:49:69:b3:d5:64:28:15:88:8d:23:
ad:35:34:0a:7b:fa:9b:14:d6:4a:c1:cf:7e:1d:62:
1f:79:d3:f4:7c:d8:d0:12:04:25:ea:95:8b:5e:7c:
f4:e5:b4:79:6f:3b:1d:f9:58:5b:de:e3:b2:b3:54:
c1:fa:4a:85:a4:38:ef:ed:3a:31:8e:da:69:10:49:
06:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:93:5A:2D:78:4A:2B:A2:93:8B:E3:89:FA:61:45:41:B9:B7:1F:46
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/wpNaLXhKK6KTi-OJ-mFFQbm3H0Y.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.48.0/22
43.246.0.0/21
43.246.12.0-43.246.47.255
43.246.52.0-43.246.99.255
103.35.48.0/22
103.236.0.0-103.236.23.255
103.236.28.0-103.236.99.255
Signature Algorithm: sha256WithRSAEncryption
43:8b:e9:60:66:87:5a:25:e6:a4:8f:2e:fd:26:12:f6:b5:39:
b3:11:e5:dc:d9:1d:18:ab:7c:75:5a:b3:22:90:4e:31:a9:4e:
aa:73:14:b5:2d:aa:19:49:6e:29:9f:7a:75:70:d1:90:54:78:
14:1d:1d:71:a8:78:bc:6b:0e:0e:53:87:d8:58:6f:8d:68:83:
d1:70:a6:1e:75:ea:8e:f2:c7:8b:c6:22:e1:b2:20:a3:b5:86:
76:10:2b:d4:4d:e6:47:e0:cc:85:0c:e0:54:db:90:e8:1b:90:
13:f1:0e:56:aa:23:9b:07:3a:44:f9:55:0d:a3:05:ed:9e:86:
26:c9:92:1d:bc:51:7d:50:ef:11:8f:8c:1d:82:19:05:5d:78:
19:09:76:ae:9a:da:a1:37:c9:c1:09:8d:c6:c6:88:cc:8b:99:
b5:78:7f:ac:d8:56:3b:bd:95:62:09:72:01:3d:02:30:93:0a:
9d:6c:e3:5e:06:e9:a9:0b:3f:c9:5e:19:cb:38:01:6c:d3:36:
e0:51:dc:79:b3:bf:a8:f2:4e:2a:90:96:6c:db:86:e6:08:d6:
88:06:0e:7d:b1:c0:9f:e2:e4:71:d8:b5:c0:3d:6f:be:88:e0:
47:61:ad:ae:b1:ed:2c:4a:36:e9:5d:3e:fc:69:3a:f2:de:a7:
d0:ba:a3:3a
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgICZDAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNTA1MjUw
NjEwNTVaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKEMyOTM1QTJENzg0QTJC
QTI5MzhCRTM4OUZBNjE0NTQxQjlCNzFGNDYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDJW0NjEaBl2XBH/gmPEgKj04o2pKa9Bmp71i9mw+Lpq8/ySdGH
9WL6N/37FECDDGIINAnMbo21bKdyOnnSWK1jfgrdX7P+yObyzfBZPlPvHrGVPZNm
/qSZXLrLvzng7bbuOR/8ouemH5CD/gFzuiTZVnc3EBSUjG1wksy9zZOqhGYmKkR9
CPIkCBqxZZx0CYn37XExc5R1j7Wy8vvsShYUJc/Hwtr9pi/jmJUBTeo1ehJDVE+i
mnzgSWmz1WQoFYiNI601NAp7+psU1krBz34dYh950/R82NASBCXqlYtefPTltHlv
Ox35WFve47KzVMH6SoWkOO/tOjGO2mkQSQZxAgMBAAGjggI0MIICMDAdBgNVHQ4E
FgQUwpNaLXhKK6KTi+OJ+mFFQbm3H0YwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3dwTmFMWGhLSzZLVGkt
T0otbUZGUWJtM0gwWS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwYgYIKwYBBQUHAQcBAf8EUzBRME8EAgABMEkD
BAIr7zADBAMr9gAwDAMEAiv2DAMEBCv2IDAMAwQCK/Y0AwQCK/ZgAwQCZyMwMAsD
AwJn7AMEA2fsEDAMAwQCZ+wcAwQCZ+xgMA0GCSqGSIb3DQEBCwUAA4IBAQBDi+lg
ZodaJeakjy79JhL2tTmzEeXc2R0Yq3x1WrMikE4xqU6qcxS1LaoZSW4pn3p1cNGQ
VHgUHR1xqHi8aw4OU4fYWG+NaIPRcKYedeqO8seLxiLhsiCjtYZ2ECvUTeZH4MyF
DOBU25DoG5AT8Q5WqiObBzpE+VUNowXtnoYmyZIdvFF9UO8Rj4wdghkFXXgZCXau
mtqhN8nBCY3GxojMi5m1eH+s2FY7vZViCXIBPQIwkwqdbONeBumpCz/JXhnLOAFs
0zbgUdx5s7+o8k4qkJZs24bmCNaIBg59scCf4uRx2LXAPW++iOBHYa2use0sSjbp
XT78aTry3qfQuqM6
-----END CERTIFICATE-----
Generated at Wed Jun 4 00:52:01 2025 by rpki-client