Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/40H0gUlUAmJoIvjSHwtIbeDUOOo.roa
File: 40H0gUlUAmJoIvjSHwtIbeDUOOo.roa (raw, json)
Hash identifier: HiqQUw5qHy0nGitSGKKYBpqOZYkaqR47w8YdUIo/fZE=
Subject key identifier: E3:41:F4:81:49:54:02:62:68:22:F8:D2:1F:0B:48:6D:E0:D4:38:EA
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 6064
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/40H0gUlUAmJoIvjSHwtIbeDUOOo.roa
Signing time: Thu 15 May 2025 03:10:21 +0000
ROA not before: Thu 15 May 2025 03:10:21 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 24426
IP address blocks: 43.239.48.0/22 maxlen: 22
43.246.0.0/22 maxlen: 22
43.246.4.0/22 maxlen: 22
43.246.12.0/22 maxlen: 22
43.246.16.0/22 maxlen: 22
43.246.20.0/22 maxlen: 22
43.246.24.0/22 maxlen: 22
43.246.28.0/22 maxlen: 22
43.246.32.0/22 maxlen: 22
43.246.36.0/22 maxlen: 22
43.246.40.0/22 maxlen: 22
43.246.44.0/22 maxlen: 22
43.246.52.0/22 maxlen: 22
43.246.56.0/22 maxlen: 22
43.246.60.0/22 maxlen: 22
43.246.64.0/22 maxlen: 22
43.246.68.0/22 maxlen: 22
43.246.72.0/22 maxlen: 22
43.246.76.0/22 maxlen: 22
43.246.80.0/22 maxlen: 22
43.246.84.0/22 maxlen: 22
43.246.88.0/22 maxlen: 22
43.246.92.0/22 maxlen: 22
43.246.96.0/22 maxlen: 22
103.35.48.0/22 maxlen: 22
103.236.0.0/22 maxlen: 22
103.236.4.0/22 maxlen: 22
103.236.8.0/22 maxlen: 22
103.236.12.0/22 maxlen: 22
103.236.16.0/22 maxlen: 22
103.236.20.0/22 maxlen: 22
103.236.28.0/22 maxlen: 22
103.236.32.0/22 maxlen: 22
103.236.36.0/22 maxlen: 22
103.236.40.0/22 maxlen: 22
103.236.44.0/22 maxlen: 22
103.236.48.0/22 maxlen: 22
103.236.52.0/22 maxlen: 22
103.236.56.0/22 maxlen: 22
103.236.60.0/22 maxlen: 22
103.236.64.0/22 maxlen: 22
103.236.68.0/22 maxlen: 22
103.236.72.0/22 maxlen: 22
103.236.76.0/22 maxlen: 22
103.236.80.0/22 maxlen: 22
103.236.84.0/22 maxlen: 22
103.236.88.0/22 maxlen: 22
103.236.92.0/22 maxlen: 22
103.236.96.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 24676 (0x6064)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 15 03:10:21 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=E341F481495402626822F8D21F0B486DE0D438EA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:78:dd:9d:bf:2d:a5:fa:bc:17:e5:45:4f:42:
a5:6f:0b:5f:87:d8:fa:77:aa:e9:d7:74:52:50:c5:
18:9b:ab:37:fd:88:1b:e3:6e:75:10:a1:6b:0c:2f:
81:ab:82:c3:09:ce:1b:e7:e4:b1:50:9d:e2:02:87:
72:bc:cd:22:90:83:46:b8:1a:eb:ff:67:f2:21:a9:
31:3f:c7:54:9a:e2:3e:2d:19:b5:a6:86:23:4b:95:
90:a8:1b:b5:b9:7b:72:06:1b:03:f1:01:24:e2:ae:
e0:bd:9b:40:3c:11:66:e2:91:46:c3:44:65:93:ba:
cb:2f:64:ca:fd:77:16:14:da:7e:f9:7f:88:3d:3d:
8b:fe:0b:5d:6b:59:a8:34:28:63:35:bc:c6:d2:42:
56:9f:b5:fe:f2:07:91:b6:c0:c8:ca:cd:2e:19:ab:
bf:89:62:77:1f:41:9f:9e:c6:20:8f:51:a8:08:71:
12:62:06:aa:b9:51:e1:74:74:f9:b0:76:03:56:9f:
fb:12:1b:1e:9d:df:ac:27:9d:70:48:a0:03:b9:0d:
b6:9c:94:ac:91:ed:59:d2:bd:74:c0:1e:ad:35:9b:
de:ef:e7:65:ac:11:d4:a8:e6:81:c0:6e:c5:3f:09:
b1:29:b0:ff:55:4c:b6:e4:16:68:f6:01:c8:6d:ca:
f9:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:41:F4:81:49:54:02:62:68:22:F8:D2:1F:0B:48:6D:E0:D4:38:EA
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/40H0gUlUAmJoIvjSHwtIbeDUOOo.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.48.0/22
43.246.0.0/21
43.246.12.0-43.246.47.255
43.246.52.0-43.246.99.255
103.35.48.0/22
103.236.0.0-103.236.23.255
103.236.28.0-103.236.99.255
Signature Algorithm: sha256WithRSAEncryption
10:2d:a8:a8:de:ca:1b:78:73:a7:77:0e:2f:e3:f6:17:39:42:
91:b6:db:34:95:a5:f7:3f:b9:fd:dd:4c:03:a9:c7:39:fd:4c:
88:c6:30:f9:68:31:af:42:d9:51:37:04:fe:12:be:63:05:5a:
bd:b7:a3:fa:89:31:64:de:ae:46:86:9b:5b:79:18:da:60:9d:
3f:7f:54:26:93:f7:66:19:f1:0c:36:7f:b1:2d:a8:6f:39:31:
45:e4:a6:53:d7:c8:85:24:be:88:9c:0f:5d:72:d6:45:19:86:
52:2f:02:00:ca:c5:c7:ca:32:43:e3:68:f8:8b:99:8e:d2:ff:
f7:f4:65:9a:eb:60:97:f4:49:1a:10:06:9a:81:a6:87:db:f8:
52:5c:f6:18:fa:1f:16:71:d4:2f:13:c2:7e:b3:9f:a1:44:13:
50:0a:37:af:00:c6:87:bf:98:06:ce:d3:43:2e:fd:5c:09:dd:
1e:57:ee:cd:36:f9:4a:46:88:45:ff:d0:2f:81:e9:e7:51:f4:
23:af:89:92:99:b4:2f:45:8e:37:24:d8:e5:ce:12:9b:12:7c:
80:dd:3c:58:a2:f2:7b:bd:12:db:50:c6:bf:ea:b3:97:6e:c0:
96:62:b9:93:cb:1e:5b:96:8a:61:d9:ce:a3:f6:42:0e:3b:27:
ad:c7:78:a5
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgICYGQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNTA1MTUw
MzEwMjFaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKEUzNDFGNDgxNDk1NDAy
NjI2ODIyRjhEMjFGMEI0ODZERTBENDM4RUEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC2eN2dvy2l+rwX5UVPQqVvC1+H2Pp3qunXdFJQxRibqzf9iBvj
bnUQoWsML4GrgsMJzhvn5LFQneICh3K8zSKQg0a4Guv/Z/IhqTE/x1Sa4j4tGbWm
hiNLlZCoG7W5e3IGGwPxASTiruC9m0A8EWbikUbDRGWTussvZMr9dxYU2n75f4g9
PYv+C11rWag0KGM1vMbSQlaftf7yB5G2wMjKzS4Zq7+JYncfQZ+exiCPUagIcRJi
Bqq5UeF0dPmwdgNWn/sSGx6d36wnnXBIoAO5DbaclKyR7VnSvXTAHq01m97v52Ws
EdSo5oHAbsU/CbEpsP9VTLbkFmj2AchtyvmLAgMBAAGjggI0MIICMDAdBgNVHQ4E
FgQU40H0gUlUAmJoIvjSHwtIbeDUOOowHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzQwSDBnVWxVQW1Kb0l2
alNId3RJYmVEVU9Pby5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwYgYIKwYBBQUHAQcBAf8EUzBRME8EAgABMEkD
BAIr7zADBAMr9gAwDAMEAiv2DAMEBCv2IDAMAwQCK/Y0AwQCK/ZgAwQCZyMwMAsD
AwJn7AMEA2fsEDAMAwQCZ+wcAwQCZ+xgMA0GCSqGSIb3DQEBCwUAA4IBAQAQLaio
3sobeHOndw4v4/YXOUKRtts0laX3P7n93UwDqcc5/UyIxjD5aDGvQtlRNwT+Er5j
BVq9t6P6iTFk3q5GhptbeRjaYJ0/f1Qmk/dmGfEMNn+xLahvOTFF5KZT18iFJL6I
nA9dctZFGYZSLwIAysXHyjJD42j4i5mO0v/39GWa62CX9EkaEAaagaaH2/hSXPYY
+h8WcdQvE8J+s5+hRBNQCjevAMaHv5gGztNDLv1cCd0eV+7NNvlKRohF/9Avgenn
UfQjr4mSmbQvRY43JNjlzhKbEnyA3TxYovJ7vRLbUMa/6rOXbsCWYrmTyx5bloph
2c6j9kIOOyetx3il
-----END CERTIFICATE-----
Generated at Sat Jun 21 06:48:22 2025 by rpki-client