Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/0JUVC6SNCAfCy0emzhYLeEm8OiQ.roa
File: 0JUVC6SNCAfCy0emzhYLeEm8OiQ.roa (raw, json)
Hash identifier: vgpKc6bGzNtF6mcwknrQoTD10Qu2cSPB6tdPG44bFSQ=
Subject key identifier: D0:95:15:0B:A4:8D:08:07:C2:CB:47:A6:CE:16:0B:78:49:BC:3A:24
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 6A36
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/0JUVC6SNCAfCy0emzhYLeEm8OiQ.roa
Signing time: Tue 10 Jun 2025 07:44:33 +0000
ROA not before: Tue 10 Jun 2025 07:44:33 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 24426
IP address blocks: 43.239.48.0/22 maxlen: 22
43.246.0.0/22 maxlen: 22
43.246.4.0/22 maxlen: 22
43.246.12.0/22 maxlen: 22
43.246.16.0/22 maxlen: 22
43.246.20.0/22 maxlen: 22
43.246.24.0/22 maxlen: 22
43.246.28.0/22 maxlen: 22
43.246.32.0/22 maxlen: 22
43.246.36.0/22 maxlen: 22
43.246.40.0/22 maxlen: 22
43.246.44.0/22 maxlen: 22
43.246.52.0/22 maxlen: 22
43.246.56.0/22 maxlen: 22
43.246.60.0/22 maxlen: 22
43.246.64.0/22 maxlen: 22
43.246.68.0/22 maxlen: 22
43.246.72.0/22 maxlen: 22
43.246.76.0/22 maxlen: 22
43.246.80.0/22 maxlen: 22
43.246.84.0/22 maxlen: 22
43.246.88.0/22 maxlen: 22
43.246.92.0/22 maxlen: 22
43.246.96.0/22 maxlen: 22
103.35.48.0/22 maxlen: 22
103.236.0.0/22 maxlen: 22
103.236.4.0/22 maxlen: 22
103.236.8.0/22 maxlen: 22
103.236.12.0/22 maxlen: 22
103.236.16.0/22 maxlen: 22
103.236.20.0/22 maxlen: 22
103.236.28.0/22 maxlen: 22
103.236.32.0/22 maxlen: 22
103.236.36.0/22 maxlen: 22
103.236.40.0/22 maxlen: 22
103.236.44.0/22 maxlen: 22
103.236.48.0/22 maxlen: 22
103.236.52.0/22 maxlen: 22
103.236.56.0/22 maxlen: 22
103.236.60.0/22 maxlen: 22
103.236.64.0/22 maxlen: 22
103.236.68.0/22 maxlen: 22
103.236.72.0/22 maxlen: 22
103.236.76.0/22 maxlen: 22
103.236.80.0/22 maxlen: 22
103.236.84.0/22 maxlen: 22
103.236.88.0/22 maxlen: 22
103.236.92.0/22 maxlen: 22
103.236.96.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 27190 (0x6a36)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Jun 10 07:44:33 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=D095150BA48D0807C2CB47A6CE160B7849BC3A24
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:00:bf:f6:82:9c:88:09:5d:30:7a:f6:22:90:
a8:cd:3b:db:d9:2d:46:b1:41:98:9c:f5:18:d7:be:
91:06:19:39:46:34:87:66:31:b9:1a:d5:3c:ec:d8:
70:bd:0c:71:af:b5:46:b2:b6:5b:93:d5:fc:db:b3:
4c:db:65:e2:8f:35:b5:c5:da:14:4f:77:b7:6a:64:
e2:b4:33:d1:14:00:f6:e8:fb:26:0d:92:ff:69:6f:
dd:fc:cb:55:1d:70:f6:f3:61:40:8d:c8:b2:12:be:
39:b5:13:5d:f4:2e:c5:a6:e6:fa:50:47:1f:74:df:
57:77:a5:24:ee:c6:9b:e6:ed:21:42:de:1e:01:28:
79:c7:68:97:fc:ad:8e:7d:82:4e:ec:e7:3e:1b:18:
3c:d5:ae:96:9b:9a:af:46:ef:f8:4d:7f:59:22:c4:
e3:51:b7:16:41:07:48:25:98:bc:e9:9b:14:db:94:
db:85:4f:5e:eb:f4:a8:ce:c8:74:22:a0:81:4d:99:
0d:41:01:1e:f5:d2:94:22:72:75:cb:aa:c0:f4:33:
f6:d3:0b:ab:f9:96:16:2b:6e:9f:4f:af:79:d9:9d:
e9:ee:fc:12:c9:f7:0b:71:d5:70:37:2a:c8:d8:6b:
ad:6d:6a:ac:99:03:c8:7d:e7:45:18:c0:a0:ce:6d:
57:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:95:15:0B:A4:8D:08:07:C2:CB:47:A6:CE:16:0B:78:49:BC:3A:24
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/0JUVC6SNCAfCy0emzhYLeEm8OiQ.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.48.0/22
43.246.0.0/21
43.246.12.0-43.246.47.255
43.246.52.0-43.246.99.255
103.35.48.0/22
103.236.0.0-103.236.23.255
103.236.28.0-103.236.99.255
Signature Algorithm: sha256WithRSAEncryption
42:46:b6:ea:a3:7f:37:8a:b1:5a:e6:fd:60:68:f1:28:0a:e2:
9c:4e:cc:2d:6d:6b:78:cd:ee:4c:21:ec:94:c4:86:e3:6a:ff:
c9:d9:21:5c:7c:73:13:45:b0:9e:4a:2d:98:11:84:b6:54:70:
a5:7d:53:8b:2b:0b:44:7c:53:35:29:90:d3:a9:97:3a:92:7a:
62:59:aa:95:8a:05:5f:12:c6:e9:48:c5:9b:01:d8:1a:e7:a7:
15:bf:98:3c:d1:15:f8:69:9a:b9:1d:e0:be:48:ea:63:22:ae:
37:7d:ca:3b:f5:4b:8f:ac:e8:f9:96:63:44:9e:31:52:a9:35:
ba:03:2d:c7:4c:8e:32:03:9b:44:e8:d9:2d:6d:ef:6a:68:b2:
4b:60:f1:a8:f3:93:d6:38:e2:32:6b:d7:c5:b2:3b:70:c8:66:
7f:31:a4:1f:bc:28:73:9a:81:ac:11:56:0c:75:ca:96:08:2f:
b8:f5:2c:8f:c6:6b:2f:d2:98:fe:98:05:af:23:eb:e7:27:d1:
47:ca:b4:c6:61:88:39:ca:d7:3a:91:f6:b2:60:6b:c8:5c:f2:
eb:e5:ea:44:e4:c3:72:6b:8f:a7:03:95:96:de:d1:11:8d:72:
4a:8c:e1:ff:76:1c:dc:54:6c:5e:bc:69:36:d5:e7:20:9f:dc:
1e:33:ed:e8
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgICajYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNTA2MTAw
NzQ0MzNaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKEQwOTUxNTBCQTQ4RDA4
MDdDMkNCNDdBNkNFMTYwQjc4NDlCQzNBMjQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDyAL/2gpyICV0wevYikKjNO9vZLUaxQZic9RjXvpEGGTlGNIdm
Mbka1Tzs2HC9DHGvtUaytluT1fzbs0zbZeKPNbXF2hRPd7dqZOK0M9EUAPbo+yYN
kv9pb938y1UdcPbzYUCNyLISvjm1E130LsWm5vpQRx9031d3pSTuxpvm7SFC3h4B
KHnHaJf8rY59gk7s5z4bGDzVrpabmq9G7/hNf1kixONRtxZBB0glmLzpmxTblNuF
T17r9KjOyHQioIFNmQ1BAR710pQicnXLqsD0M/bTC6v5lhYrbp9Pr3nZnenu/BLJ
9wtx1XA3KsjYa61taqyZA8h950UYwKDObVcdAgMBAAGjggI0MIICMDAdBgNVHQ4E
FgQU0JUVC6SNCAfCy0emzhYLeEm8OiQwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzBKVVZDNlNOQ0FmQ3kw
ZW16aFlMZUVtOE9pUS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwYgYIKwYBBQUHAQcBAf8EUzBRME8EAgABMEkD
BAIr7zADBAMr9gAwDAMEAiv2DAMEBCv2IDAMAwQCK/Y0AwQCK/ZgAwQCZyMwMAsD
AwJn7AMEA2fsEDAMAwQCZ+wcAwQCZ+xgMA0GCSqGSIb3DQEBCwUAA4IBAQBCRrbq
o383irFa5v1gaPEoCuKcTswtbWt4ze5MIeyUxIbjav/J2SFcfHMTRbCeSi2YEYS2
VHClfVOLKwtEfFM1KZDTqZc6knpiWaqVigVfEsbpSMWbAdga56cVv5g80RX4aZq5
HeC+SOpjIq43fco79UuPrOj5lmNEnjFSqTW6Ay3HTI4yA5tE6Nktbe9qaLJLYPGo
85PWOOIya9fFsjtwyGZ/MaQfvChzmoGsEVYMdcqWCC+49SyPxmsv0pj+mAWvI+vn
J9FHyrTGYYg5ytc6kfayYGvIXPLr5epE5MNya4+nA5WW3tERjXJKjOH/dhzcVGxe
vGk21ecgn9weM+3o
-----END CERTIFICATE-----
Generated at Sun Jun 22 03:28:19 2025 by rpki-client