Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/wwOE8u40qIBWhXc7GZy5mqWq_ac.roa
File: wwOE8u40qIBWhXc7GZy5mqWq_ac.roa (raw, json)
Hash identifier: nGrOY3l/hr1e8w9yvMcIZL2EWz8wNKpDyBnXk/EMI7M=
Subject key identifier: C3:03:84:F2:EE:34:A8:80:56:85:77:3B:19:9C:B9:9A:A5:AA:FD:A7
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 6C3E
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/wwOE8u40qIBWhXc7GZy5mqWq_ac.roa
Signing time: Sun 15 Jun 2025 17:42:25 +0000
ROA not before: Sun 15 Jun 2025 17:42:25 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 24426
IP address blocks: 43.239.48.0/22 maxlen: 22
43.246.0.0/22 maxlen: 22
43.246.4.0/22 maxlen: 22
43.246.12.0/22 maxlen: 22
43.246.16.0/22 maxlen: 22
43.246.20.0/22 maxlen: 22
43.246.24.0/22 maxlen: 22
43.246.28.0/22 maxlen: 22
43.246.32.0/22 maxlen: 22
43.246.36.0/22 maxlen: 22
43.246.40.0/22 maxlen: 22
43.246.44.0/22 maxlen: 22
43.246.52.0/22 maxlen: 22
43.246.56.0/22 maxlen: 22
43.246.60.0/22 maxlen: 22
43.246.64.0/22 maxlen: 22
43.246.68.0/22 maxlen: 22
43.246.72.0/22 maxlen: 22
43.246.76.0/22 maxlen: 22
43.246.80.0/22 maxlen: 22
43.246.84.0/22 maxlen: 22
43.246.88.0/22 maxlen: 22
43.246.92.0/22 maxlen: 22
43.246.96.0/22 maxlen: 22
103.35.48.0/22 maxlen: 22
103.236.0.0/22 maxlen: 22
103.236.4.0/22 maxlen: 22
103.236.8.0/22 maxlen: 22
103.236.12.0/22 maxlen: 22
103.236.16.0/22 maxlen: 22
103.236.20.0/22 maxlen: 22
103.236.28.0/22 maxlen: 22
103.236.32.0/22 maxlen: 22
103.236.36.0/22 maxlen: 22
103.236.40.0/22 maxlen: 22
103.236.44.0/22 maxlen: 22
103.236.48.0/22 maxlen: 22
103.236.52.0/22 maxlen: 22
103.236.56.0/22 maxlen: 22
103.236.60.0/22 maxlen: 22
103.236.64.0/22 maxlen: 22
103.236.68.0/22 maxlen: 22
103.236.72.0/22 maxlen: 22
103.236.76.0/22 maxlen: 22
103.236.80.0/22 maxlen: 22
103.236.84.0/22 maxlen: 22
103.236.88.0/22 maxlen: 22
103.236.92.0/22 maxlen: 22
103.236.96.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 27710 (0x6c3e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Jun 15 17:42:25 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=C30384F2EE34A8805685773B199CB99AA5AAFDA7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:e0:25:3b:86:e5:e1:59:52:36:44:55:4a:84:
8c:e9:12:c5:c8:d8:ed:32:48:08:89:91:9a:63:04:
6a:06:3f:24:26:37:e7:33:a1:7e:a9:df:b0:bb:7f:
09:79:74:2c:18:9d:45:9d:70:55:f3:56:76:2f:89:
e0:e4:a6:79:eb:d6:c4:e0:c7:08:ab:c3:e2:cb:22:
62:4e:a2:c9:f5:6c:91:9f:51:44:aa:42:8b:03:57:
70:e3:9c:31:00:2d:ef:d3:a0:97:24:44:5e:21:1b:
ff:50:cd:b5:7a:45:12:92:66:62:fd:e9:ee:17:f0:
86:11:0b:ee:84:03:1f:eb:eb:e7:a2:07:b6:22:fb:
74:c0:11:3b:d1:7e:65:72:b5:fb:a3:84:26:c5:84:
5f:be:da:9c:18:7e:02:a5:28:67:f2:7b:2d:48:51:
de:69:7f:df:60:30:51:47:c6:6d:af:56:a6:11:f6:
63:85:6b:88:e5:1d:07:1e:1c:87:5b:fb:86:9c:b0:
85:d8:63:34:07:c9:2a:b0:19:a9:0f:de:5a:8c:dd:
22:8d:eb:2b:96:93:62:df:45:48:f6:e1:d0:b6:93:
32:12:35:db:63:8b:ff:4d:e9:c2:3f:5d:5b:74:95:
6c:f6:d2:62:81:78:b4:7c:8c:e7:3d:e7:ab:d2:49:
6a:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:03:84:F2:EE:34:A8:80:56:85:77:3B:19:9C:B9:9A:A5:AA:FD:A7
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/wwOE8u40qIBWhXc7GZy5mqWq_ac.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.48.0/22
43.246.0.0/21
43.246.12.0-43.246.47.255
43.246.52.0-43.246.99.255
103.35.48.0/22
103.236.0.0-103.236.23.255
103.236.28.0-103.236.99.255
Signature Algorithm: sha256WithRSAEncryption
9e:e8:cf:ba:f8:f5:8c:86:df:88:b9:a0:4d:29:e7:99:60:e9:
f4:9a:a8:30:c4:a2:0d:76:57:dc:3e:e8:21:52:d9:2d:8e:84:
6e:66:e3:68:f3:2c:e8:51:67:83:8c:d9:96:f8:03:eb:e2:a0:
b7:5e:49:c8:1f:4c:da:df:ae:6c:99:4a:bc:f9:c1:9e:55:3f:
30:3e:64:87:ce:a4:6d:20:fc:35:96:44:ad:a8:a5:2b:3f:d6:
1f:20:a8:25:de:09:ec:0f:59:48:d3:bf:56:73:e0:7b:f8:62:
21:23:56:47:c6:3b:13:2c:0f:9c:bc:de:06:f4:bf:a1:21:a3:
b2:dd:c3:3f:2a:4d:ee:78:4b:2b:4a:30:da:af:68:91:da:31:
c4:8c:70:bb:b8:d1:c1:55:f2:aa:64:cb:85:60:1e:5e:ed:e3:
eb:24:ed:45:e7:79:12:0a:b5:f8:b9:40:be:e5:84:62:38:38:
d8:35:2d:b9:a1:41:43:e3:6f:f9:57:60:6e:7e:14:b9:2d:58:
50:9c:de:48:30:f8:2b:80:fa:96:77:a9:1e:12:f7:4f:dd:c4:
d4:8f:7b:51:48:04:c7:bc:a0:c0:ed:ec:44:15:05:fd:6a:91:
be:a1:65:c2:74:4f:5a:c9:db:5d:eb:54:66:e3:1d:84:27:a9:
97:aa:92:71
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgICbD4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNTA2MTUx
NzQyMjVaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKEMzMDM4NEYyRUUzNEE4
ODA1Njg1NzczQjE5OUNCOTlBQTVBQUZEQTcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC44CU7huXhWVI2RFVKhIzpEsXI2O0ySAiJkZpjBGoGPyQmN+cz
oX6p37C7fwl5dCwYnUWdcFXzVnYvieDkpnnr1sTgxwirw+LLImJOosn1bJGfUUSq
QosDV3DjnDEALe/ToJckRF4hG/9QzbV6RRKSZmL96e4X8IYRC+6EAx/r6+eiB7Yi
+3TAETvRfmVytfujhCbFhF++2pwYfgKlKGfyey1IUd5pf99gMFFHxm2vVqYR9mOF
a4jlHQceHIdb+4acsIXYYzQHySqwGakP3lqM3SKN6yuWk2LfRUj24dC2kzISNdtj
i/9N6cI/XVt0lWz20mKBeLR8jOc956vSSWo5AgMBAAGjggI0MIICMDAdBgNVHQ4E
FgQUwwOE8u40qIBWhXc7GZy5mqWq/acwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3d3T0U4dTQwcUlCV2hY
YzdHWnk1bXFXcV9hYy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwYgYIKwYBBQUHAQcBAf8EUzBRME8EAgABMEkD
BAIr7zADBAMr9gAwDAMEAiv2DAMEBCv2IDAMAwQCK/Y0AwQCK/ZgAwQCZyMwMAsD
AwJn7AMEA2fsEDAMAwQCZ+wcAwQCZ+xgMA0GCSqGSIb3DQEBCwUAA4IBAQCe6M+6
+PWMht+IuaBNKeeZYOn0mqgwxKINdlfcPughUtktjoRuZuNo8yzoUWeDjNmW+APr
4qC3XknIH0za365smUq8+cGeVT8wPmSHzqRtIPw1lkStqKUrP9YfIKgl3gnsD1lI
079Wc+B7+GIhI1ZHxjsTLA+cvN4G9L+hIaOy3cM/Kk3ueEsrSjDar2iR2jHEjHC7
uNHBVfKqZMuFYB5e7ePrJO1F53kSCrX4uUC+5YRiODjYNS25oUFD42/5V2BufhS5
LVhQnN5IMPgrgPqWd6keEvdP3cTUj3tRSATHvKDA7exEFQX9apG+oWXCdE9aydtd
61Rm4x2EJ6mXqpJx
-----END CERTIFICATE-----
Generated at Sun Jul 20 12:35:56 2025 by rpki-client