Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/1uyPqqtt1KCAnr2MzdqY4vDzNOg.roa
File: 1uyPqqtt1KCAnr2MzdqY4vDzNOg.roa (raw, json)
Hash identifier: iq2qWLDRAyvGj9CPttIzrehXBbOH5bZurGOhdUjVG4M=
Subject key identifier: D6:EC:8F:AA:AB:6D:D4:A0:80:9E:BD:8C:CD:DA:98:E2:F0:F3:34:E8
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 6138
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/1uyPqqtt1KCAnr2MzdqY4vDzNOg.roa
Signing time: Sat 17 May 2025 08:13:49 +0000
ROA not before: Sat 17 May 2025 08:13:49 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 24426
IP address blocks: 43.239.48.0/22 maxlen: 22
43.246.0.0/22 maxlen: 22
43.246.4.0/22 maxlen: 22
43.246.12.0/22 maxlen: 22
43.246.16.0/22 maxlen: 22
43.246.20.0/22 maxlen: 22
43.246.24.0/22 maxlen: 22
43.246.28.0/22 maxlen: 22
43.246.32.0/22 maxlen: 22
43.246.36.0/22 maxlen: 22
43.246.40.0/22 maxlen: 22
43.246.44.0/22 maxlen: 22
43.246.52.0/22 maxlen: 22
43.246.56.0/22 maxlen: 22
43.246.60.0/22 maxlen: 22
43.246.64.0/22 maxlen: 22
43.246.68.0/22 maxlen: 22
43.246.72.0/22 maxlen: 22
43.246.76.0/22 maxlen: 22
43.246.80.0/22 maxlen: 22
43.246.84.0/22 maxlen: 22
43.246.88.0/22 maxlen: 22
43.246.92.0/22 maxlen: 22
43.246.96.0/22 maxlen: 22
103.35.48.0/22 maxlen: 22
103.236.0.0/22 maxlen: 22
103.236.4.0/22 maxlen: 22
103.236.8.0/22 maxlen: 22
103.236.12.0/22 maxlen: 22
103.236.16.0/22 maxlen: 22
103.236.20.0/22 maxlen: 22
103.236.28.0/22 maxlen: 22
103.236.32.0/22 maxlen: 22
103.236.36.0/22 maxlen: 22
103.236.40.0/22 maxlen: 22
103.236.44.0/22 maxlen: 22
103.236.48.0/22 maxlen: 22
103.236.52.0/22 maxlen: 22
103.236.56.0/22 maxlen: 22
103.236.60.0/22 maxlen: 22
103.236.64.0/22 maxlen: 22
103.236.68.0/22 maxlen: 22
103.236.72.0/22 maxlen: 22
103.236.76.0/22 maxlen: 22
103.236.80.0/22 maxlen: 22
103.236.84.0/22 maxlen: 22
103.236.88.0/22 maxlen: 22
103.236.92.0/22 maxlen: 22
103.236.96.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 24888 (0x6138)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 17 08:13:49 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=D6EC8FAAAB6DD4A0809EBD8CCDDA98E2F0F334E8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:7d:0c:07:da:01:d6:78:1b:ef:80:bd:c4:f8:
da:fb:31:1c:36:b0:5d:45:50:f1:ae:f6:b9:2a:76:
61:42:34:26:b0:5c:d3:c8:a8:09:e7:1c:05:ea:8f:
97:2f:d8:c2:6f:1e:b9:d7:58:fc:a8:a9:2e:58:28:
d6:99:a9:dc:1f:63:c7:35:e8:c6:76:79:a7:e3:19:
e7:8d:15:91:c6:3f:d7:91:a6:09:0f:a0:49:30:ca:
f9:2d:83:57:88:c9:79:27:42:8b:53:ed:3c:3b:63:
e4:d6:6b:88:6d:8f:1c:91:ec:77:4f:31:8b:d6:39:
1d:ac:e0:d0:48:2e:4d:0a:0a:06:46:c0:74:5e:08:
a3:33:d6:27:a4:ea:0c:0a:25:79:d1:55:1e:d7:52:
79:03:50:ef:13:99:d9:55:45:db:7e:43:c9:c6:10:
fa:6f:ea:41:9d:7a:3c:f1:06:44:7e:ec:28:1e:2c:
59:d7:0a:3c:13:d7:73:1a:c9:ae:5d:0d:b0:a0:64:
3d:56:af:11:7c:2f:2b:28:35:0a:a1:ad:9b:f4:3d:
15:f1:94:ae:0d:53:80:e5:37:63:fc:7d:3a:84:32:
8b:d3:be:24:27:ba:a1:f8:ea:09:e5:d4:f9:43:e8:
a0:32:48:fc:7f:cf:37:c1:15:e7:d0:9c:8d:63:8b:
81:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:EC:8F:AA:AB:6D:D4:A0:80:9E:BD:8C:CD:DA:98:E2:F0:F3:34:E8
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/1uyPqqtt1KCAnr2MzdqY4vDzNOg.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.48.0/22
43.246.0.0/21
43.246.12.0-43.246.47.255
43.246.52.0-43.246.99.255
103.35.48.0/22
103.236.0.0-103.236.23.255
103.236.28.0-103.236.99.255
Signature Algorithm: sha256WithRSAEncryption
4e:77:be:e5:a3:52:03:82:72:72:85:f8:8c:37:18:8b:e1:bd:
37:60:87:c1:15:d1:eb:31:e0:64:a3:34:10:53:49:3d:c7:eb:
42:18:ff:4a:a7:b4:d2:59:ed:99:a3:ae:d1:c2:51:53:54:29:
99:8b:d4:91:3b:23:00:b0:ee:8b:ec:b0:42:dc:e3:38:ea:3c:
b0:30:51:0a:2a:e4:2a:ed:af:c9:a4:7e:c1:2d:fa:b2:03:01:
44:f5:7c:f3:e2:43:ca:f1:8f:ba:8e:d5:e3:f6:58:bc:a4:54:
d2:8a:0b:2d:56:80:e9:c1:7d:ad:07:b4:57:59:ea:1a:18:d1:
c0:9d:9e:95:e5:1f:3e:cc:0e:51:d8:b2:cc:68:db:0f:63:b5:
9e:86:95:57:87:e9:77:03:f9:4e:5a:53:56:4a:37:1c:33:e9:
f9:52:fa:7f:24:f0:0c:f1:53:31:60:05:06:72:88:ca:0b:1c:
7b:99:7c:1c:54:78:72:1b:7d:0e:4e:28:22:ec:d2:4e:b9:0c:
91:93:38:e0:14:0c:09:82:a7:45:92:01:8c:8f:17:50:36:85:
6c:6d:91:49:51:8b:e4:df:29:af:5d:23:57:38:54:58:ab:18:
66:7b:b3:fa:f6:f2:6a:b7:94:81:ba:0c:20:51:86:83:2d:ec:
50:3c:c3:7c
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgICYTgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNTA1MTcw
ODEzNDlaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKEQ2RUM4RkFBQUI2REQ0
QTA4MDlFQkQ4Q0NEREE5OEUyRjBGMzM0RTgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDGfQwH2gHWeBvvgL3E+Nr7MRw2sF1FUPGu9rkqdmFCNCawXNPI
qAnnHAXqj5cv2MJvHrnXWPyoqS5YKNaZqdwfY8c16MZ2eafjGeeNFZHGP9eRpgkP
oEkwyvktg1eIyXknQotT7Tw7Y+TWa4htjxyR7HdPMYvWOR2s4NBILk0KCgZGwHRe
CKMz1iek6gwKJXnRVR7XUnkDUO8TmdlVRdt+Q8nGEPpv6kGdejzxBkR+7CgeLFnX
CjwT13Maya5dDbCgZD1WrxF8LysoNQqhrZv0PRXxlK4NU4DlN2P8fTqEMovTviQn
uqH46gnl1PlD6KAySPx/zzfBFefQnI1ji4E1AgMBAAGjggI0MIICMDAdBgNVHQ4E
FgQU1uyPqqtt1KCAnr2MzdqY4vDzNOgwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzF1eVBxcXR0MUtDQW5y
Mk16ZHFZNHZEek5PZy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwYgYIKwYBBQUHAQcBAf8EUzBRME8EAgABMEkD
BAIr7zADBAMr9gAwDAMEAiv2DAMEBCv2IDAMAwQCK/Y0AwQCK/ZgAwQCZyMwMAsD
AwJn7AMEA2fsEDAMAwQCZ+wcAwQCZ+xgMA0GCSqGSIb3DQEBCwUAA4IBAQBOd77l
o1IDgnJyhfiMNxiL4b03YIfBFdHrMeBkozQQU0k9x+tCGP9Kp7TSWe2Zo67RwlFT
VCmZi9SROyMAsO6L7LBC3OM46jywMFEKKuQq7a/JpH7BLfqyAwFE9Xzz4kPK8Y+6
jtXj9li8pFTSigstVoDpwX2tB7RXWeoaGNHAnZ6V5R8+zA5R2LLMaNsPY7WehpVX
h+l3A/lOWlNWSjccM+n5Uvp/JPAM8VMxYAUGcojKCxx7mXwcVHhyG30OTigi7NJO
uQyRkzjgFAwJgqdFkgGMjxdQNoVsbZFJUYvk3ymvXSNXOFRYqxhme7P69vJqt5SB
ugwgUYaDLexQPMN8
-----END CERTIFICATE-----
Generated at Sun Jun 22 06:12:22 2025 by rpki-client