Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/xv-47MlssU-K17MUDVCXeBGVcx4.roa
File: xv-47MlssU-K17MUDVCXeBGVcx4.roa (raw, json)
Hash identifier: l1zHOtCdFGhbW2RobdCVDBL+ciGJ6ro+uy8W2XfsXF8=
Subject key identifier: C6:FF:B8:EC:C9:6C:B1:4F:8A:D7:B3:14:0D:50:97:78:11:95:73:1E
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 6F4E
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/xv-47MlssU-K17MUDVCXeBGVcx4.roa
Signing time: Tue 24 Jun 2025 09:14:25 +0000
ROA not before: Tue 24 Jun 2025 09:14:25 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 24426
IP address blocks: 43.239.48.0/22 maxlen: 22
43.246.0.0/22 maxlen: 22
43.246.4.0/22 maxlen: 22
43.246.12.0/22 maxlen: 22
43.246.16.0/22 maxlen: 22
43.246.20.0/22 maxlen: 22
43.246.24.0/22 maxlen: 22
43.246.28.0/22 maxlen: 22
43.246.32.0/22 maxlen: 22
43.246.36.0/22 maxlen: 22
43.246.40.0/22 maxlen: 22
43.246.44.0/22 maxlen: 22
43.246.52.0/22 maxlen: 22
43.246.56.0/22 maxlen: 22
43.246.60.0/22 maxlen: 22
43.246.64.0/22 maxlen: 22
43.246.68.0/22 maxlen: 22
43.246.72.0/22 maxlen: 22
43.246.76.0/22 maxlen: 22
43.246.80.0/22 maxlen: 22
43.246.84.0/22 maxlen: 22
43.246.88.0/22 maxlen: 22
43.246.92.0/22 maxlen: 22
43.246.96.0/22 maxlen: 22
103.35.48.0/22 maxlen: 22
103.236.0.0/22 maxlen: 22
103.236.4.0/22 maxlen: 22
103.236.8.0/22 maxlen: 22
103.236.12.0/22 maxlen: 22
103.236.16.0/22 maxlen: 22
103.236.20.0/22 maxlen: 22
103.236.28.0/22 maxlen: 22
103.236.32.0/22 maxlen: 22
103.236.36.0/22 maxlen: 22
103.236.40.0/22 maxlen: 22
103.236.44.0/22 maxlen: 22
103.236.48.0/22 maxlen: 22
103.236.52.0/22 maxlen: 22
103.236.56.0/22 maxlen: 22
103.236.60.0/22 maxlen: 22
103.236.64.0/22 maxlen: 22
103.236.68.0/22 maxlen: 22
103.236.72.0/22 maxlen: 22
103.236.76.0/22 maxlen: 22
103.236.80.0/22 maxlen: 22
103.236.84.0/22 maxlen: 22
103.236.88.0/22 maxlen: 22
103.236.92.0/22 maxlen: 22
103.236.96.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 28494 (0x6f4e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Jun 24 09:14:25 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=C6FFB8ECC96CB14F8AD7B3140D5097781195731E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:23:89:24:08:f5:34:30:bc:a1:99:83:ab:e4:
af:37:35:28:2b:0c:35:82:0e:9b:55:ef:1f:af:4f:
9f:c5:9f:90:e1:3b:a5:da:51:40:22:5d:c2:10:12:
98:66:0a:74:0b:40:9c:fa:e2:fa:f0:72:f0:1a:f5:
b2:14:ce:0e:66:3d:6d:97:3b:f0:19:ce:08:13:c1:
50:ea:48:ee:3d:00:ef:b6:19:53:09:4d:96:ba:aa:
69:46:1a:cf:3f:55:fa:2c:59:54:b2:73:34:eb:93:
89:0d:78:3e:9e:9f:b2:1e:c3:9d:74:59:84:df:87:
77:de:90:d2:07:cd:00:38:2d:00:19:db:1f:48:4e:
9c:46:be:41:1a:e2:0a:fd:df:da:44:48:81:ae:53:
4b:42:99:fd:24:d8:5a:dd:cf:66:3f:dd:1f:e6:41:
3d:79:63:aa:36:c2:d9:1d:bb:1c:8b:fd:c6:aa:bc:
ca:89:d1:ca:d9:42:a8:7a:e0:e9:ed:81:5c:2d:39:
f7:0c:d4:b0:3e:17:ca:04:ff:0a:8e:3b:52:56:f2:
f3:c4:22:65:db:c1:72:5c:73:58:b5:c7:f7:d8:1e:
01:91:91:59:09:5e:f5:6b:48:be:e3:73:07:81:3c:
73:46:19:e6:15:20:10:0a:33:7a:8c:64:d4:83:dc:
ce:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:FF:B8:EC:C9:6C:B1:4F:8A:D7:B3:14:0D:50:97:78:11:95:73:1E
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/xv-47MlssU-K17MUDVCXeBGVcx4.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.48.0/22
43.246.0.0/21
43.246.12.0-43.246.47.255
43.246.52.0-43.246.99.255
103.35.48.0/22
103.236.0.0-103.236.23.255
103.236.28.0-103.236.99.255
Signature Algorithm: sha256WithRSAEncryption
56:8b:3f:0f:41:79:14:b6:a9:17:0d:6f:01:6d:64:de:5e:99:
1d:71:46:a3:72:b2:bb:d0:c0:31:1f:dd:a6:4c:61:09:35:7c:
9a:61:d7:74:19:35:50:95:c8:52:d3:d4:2f:0e:b9:e0:8f:b5:
65:e6:01:8b:a8:39:2b:6c:92:fe:6f:d1:64:a1:f6:06:24:7d:
57:5f:d6:73:ed:be:e6:57:11:a6:83:bd:17:3f:46:17:a4:45:
02:ed:5d:e1:ad:51:95:6f:d5:ba:85:dc:63:52:8a:3d:d4:74:
83:70:68:76:6d:fe:7a:70:d5:f8:5e:f2:4c:2b:ab:ca:0f:8d:
8e:19:e8:ca:14:26:26:cf:f2:fd:88:9b:40:1e:84:47:73:65:
b7:5a:0f:36:7a:e0:b0:55:cd:1a:34:3d:22:68:fd:bc:e7:58:
d5:6b:ee:22:fc:21:30:e7:c5:0f:08:0f:47:42:5e:87:cd:ee:
3a:54:69:7b:ca:44:55:54:af:8f:c5:1c:a1:58:57:83:01:dd:
11:f1:28:e9:d2:5f:d5:a2:f6:b7:4b:de:8f:17:9a:a1:ad:e5:
92:39:90:e2:90:0e:f5:fc:4e:15:83:42:cc:82:6e:0e:ca:c1:
14:0c:c2:c3:f7:f2:be:89:dd:7a:21:0c:e0:9c:8e:70:fd:45:
ed:df:ff:a0
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgICb04wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNTA2MjQw
OTE0MjVaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKEM2RkZCOEVDQzk2Q0Ix
NEY4QUQ3QjMxNDBENTA5Nzc4MTE5NTczMUUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDaI4kkCPU0MLyhmYOr5K83NSgrDDWCDptV7x+vT5/Fn5DhO6Xa
UUAiXcIQEphmCnQLQJz64vrwcvAa9bIUzg5mPW2XO/AZzggTwVDqSO49AO+2GVMJ
TZa6qmlGGs8/VfosWVSyczTrk4kNeD6en7Iew510WYTfh3fekNIHzQA4LQAZ2x9I
TpxGvkEa4gr939pESIGuU0tCmf0k2Frdz2Y/3R/mQT15Y6o2wtkduxyL/caqvMqJ
0crZQqh64OntgVwtOfcM1LA+F8oE/wqOO1JW8vPEImXbwXJcc1i1x/fYHgGRkVkJ
XvVrSL7jcweBPHNGGeYVIBAKM3qMZNSD3M4dAgMBAAGjggI0MIICMDAdBgNVHQ4E
FgQUxv+47MlssU+K17MUDVCXeBGVcx4wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3h2LTQ3TWxzc1UtSzE3
TVVEVkNYZUJHVmN4NC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwYgYIKwYBBQUHAQcBAf8EUzBRME8EAgABMEkD
BAIr7zADBAMr9gAwDAMEAiv2DAMEBCv2IDAMAwQCK/Y0AwQCK/ZgAwQCZyMwMAsD
AwJn7AMEA2fsEDAMAwQCZ+wcAwQCZ+xgMA0GCSqGSIb3DQEBCwUAA4IBAQBWiz8P
QXkUtqkXDW8BbWTeXpkdcUajcrK70MAxH92mTGEJNXyaYdd0GTVQlchS09QvDrng
j7Vl5gGLqDkrbJL+b9FkofYGJH1XX9Zz7b7mVxGmg70XP0YXpEUC7V3hrVGVb9W6
hdxjUoo91HSDcGh2bf56cNX4XvJMK6vKD42OGejKFCYmz/L9iJtAHoRHc2W3Wg82
euCwVc0aND0iaP2851jVa+4i/CEw58UPCA9HQl6Hze46VGl7ykRVVK+PxRyhWFeD
Ad0R8Sjp0l/Vova3S96PF5qhreWSOZDikA71/E4Vg0LMgm4OysEUDMLD9/K+id16
IQzgnI5w/UXt3/+g
-----END CERTIFICATE-----
Generated at Sun Jul 20 12:49:38 2025 by rpki-client