Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/51bDviqN-z7Oiwfs5g2plMcF2eE.roa
File: 51bDviqN-z7Oiwfs5g2plMcF2eE.roa (raw, json)
Hash identifier: J4S7F6PBdosb6d3atpsr6NXD7/J0of3+YmfGcrXGWUc=
Subject key identifier: E7:56:C3:BE:2A:8D:FB:3E:CE:8B:07:EC:E6:0D:A9:94:C7:05:D9:E1
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 6462
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/51bDviqN-z7Oiwfs5g2plMcF2eE.roa
Signing time: Sun 25 May 2025 18:41:02 +0000
ROA not before: Sun 25 May 2025 18:41:02 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 24426
IP address blocks: 43.239.48.0/22 maxlen: 22
43.246.0.0/22 maxlen: 22
43.246.4.0/22 maxlen: 22
43.246.12.0/22 maxlen: 22
43.246.16.0/22 maxlen: 22
43.246.20.0/22 maxlen: 22
43.246.24.0/22 maxlen: 22
43.246.28.0/22 maxlen: 22
43.246.32.0/22 maxlen: 22
43.246.36.0/22 maxlen: 22
43.246.40.0/22 maxlen: 22
43.246.44.0/22 maxlen: 22
43.246.52.0/22 maxlen: 22
43.246.56.0/22 maxlen: 22
43.246.60.0/22 maxlen: 22
43.246.64.0/22 maxlen: 22
43.246.68.0/22 maxlen: 22
43.246.72.0/22 maxlen: 22
43.246.76.0/22 maxlen: 22
43.246.80.0/22 maxlen: 22
43.246.84.0/22 maxlen: 22
43.246.88.0/22 maxlen: 22
43.246.92.0/22 maxlen: 22
43.246.96.0/22 maxlen: 22
103.35.48.0/22 maxlen: 22
103.236.0.0/22 maxlen: 22
103.236.4.0/22 maxlen: 22
103.236.8.0/22 maxlen: 22
103.236.12.0/22 maxlen: 22
103.236.16.0/22 maxlen: 22
103.236.20.0/22 maxlen: 22
103.236.28.0/22 maxlen: 22
103.236.32.0/22 maxlen: 22
103.236.36.0/22 maxlen: 22
103.236.40.0/22 maxlen: 22
103.236.44.0/22 maxlen: 22
103.236.48.0/22 maxlen: 22
103.236.52.0/22 maxlen: 22
103.236.56.0/22 maxlen: 22
103.236.60.0/22 maxlen: 22
103.236.64.0/22 maxlen: 22
103.236.68.0/22 maxlen: 22
103.236.72.0/22 maxlen: 22
103.236.76.0/22 maxlen: 22
103.236.80.0/22 maxlen: 22
103.236.84.0/22 maxlen: 22
103.236.88.0/22 maxlen: 22
103.236.92.0/22 maxlen: 22
103.236.96.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 25698 (0x6462)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 25 18:41:02 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=E756C3BE2A8DFB3ECE8B07ECE60DA994C705D9E1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:6b:54:9d:ce:69:fb:bc:bb:0c:88:66:dd:71:
db:58:ce:c3:a0:93:fa:e0:cf:20:d7:04:46:99:38:
d9:be:34:30:07:ec:d1:5f:8b:29:21:f2:4c:ca:cb:
ac:3d:cd:e8:9f:0c:54:86:73:37:b7:c9:25:84:36:
b7:46:c3:29:73:0b:eb:cd:87:92:34:d4:e1:4e:64:
30:d2:01:b9:32:18:8a:8d:c9:6e:03:77:54:3e:d8:
d9:96:9c:4f:db:89:22:8a:53:d4:a1:fb:3f:ed:f0:
63:f3:5d:ad:fd:7c:d8:1e:8e:ee:56:08:94:05:53:
74:1c:27:64:c8:f3:34:d2:6e:15:37:9b:8a:c3:66:
a5:3b:0e:70:f0:c3:34:fa:18:00:0c:72:18:41:84:
8e:40:f6:c3:95:40:bb:64:ee:a1:9d:31:62:67:1f:
d0:74:02:b2:5e:c9:c0:f3:81:e3:71:2c:f3:2e:57:
fc:20:76:6a:cf:f9:b4:55:f9:17:f7:1b:56:74:33:
3d:ee:2d:65:c5:c5:83:60:b1:a2:cf:8e:93:63:f4:
d3:42:9a:85:a6:69:25:be:92:cb:2c:59:e2:53:8d:
18:a9:0c:fc:c5:61:b3:ee:33:b9:18:f3:a6:e0:44:
67:b4:18:0c:ab:eb:c4:6d:87:15:24:9d:a0:99:d4:
bd:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:56:C3:BE:2A:8D:FB:3E:CE:8B:07:EC:E6:0D:A9:94:C7:05:D9:E1
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/51bDviqN-z7Oiwfs5g2plMcF2eE.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.48.0/22
43.246.0.0/21
43.246.12.0-43.246.47.255
43.246.52.0-43.246.99.255
103.35.48.0/22
103.236.0.0-103.236.23.255
103.236.28.0-103.236.99.255
Signature Algorithm: sha256WithRSAEncryption
17:d7:0b:82:9c:e2:e2:6c:7f:4a:88:ba:78:52:2a:9f:c2:e0:
2a:85:fb:16:96:2a:05:37:3d:73:c0:39:82:3d:e6:3f:17:ff:
da:b1:e9:7a:25:50:80:98:62:1d:5b:dd:be:d9:a1:22:46:94:
a0:f8:be:8b:0b:76:27:65:20:0c:c8:12:5b:58:74:a0:0f:0d:
4f:80:8a:8e:78:c7:75:3e:7a:6c:7a:30:06:a2:b4:14:f2:44:
94:df:2d:9f:08:93:b3:2a:0f:de:88:d6:9e:fc:7f:1e:ce:6b:
df:7b:1b:42:f3:8f:4a:c2:3c:97:03:43:e7:11:90:91:b7:76:
56:ff:f9:9a:4b:4a:70:47:27:7b:e8:92:ef:27:69:9b:d3:c1:
a7:3f:ae:ae:89:b2:6c:a0:a3:5b:1b:60:42:54:b7:24:e2:e4:
10:df:cb:f3:99:e6:02:1f:37:cf:89:0e:12:38:5d:51:eb:c2:
99:d0:c1:22:76:af:c4:63:b0:4c:46:fe:23:94:5c:ee:54:e2:
a7:18:73:1f:1c:df:6d:fc:2a:d0:10:ca:82:9f:47:3c:6d:5f:
59:92:0c:20:18:72:85:e9:06:da:e2:71:60:2b:f7:ce:26:71:
47:21:bb:64:77:2c:ed:75:b9:42:51:f2:ea:2b:70:76:01:02:
f3:e1:13:e3
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgICZGIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNTA1MjUx
ODQxMDJaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKEU3NTZDM0JFMkE4REZC
M0VDRThCMDdFQ0U2MERBOTk0QzcwNUQ5RTEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCca1Sdzmn7vLsMiGbdcdtYzsOgk/rgzyDXBEaZONm+NDAH7NFf
iykh8kzKy6w9zeifDFSGcze3ySWENrdGwylzC+vNh5I01OFOZDDSAbkyGIqNyW4D
d1Q+2NmWnE/biSKKU9Sh+z/t8GPzXa39fNgeju5WCJQFU3QcJ2TI8zTSbhU3m4rD
ZqU7DnDwwzT6GAAMchhBhI5A9sOVQLtk7qGdMWJnH9B0ArJeycDzgeNxLPMuV/wg
dmrP+bRV+Rf3G1Z0Mz3uLWXFxYNgsaLPjpNj9NNCmoWmaSW+ksssWeJTjRipDPzF
YbPuM7kY86bgRGe0GAyr68RthxUknaCZ1L33AgMBAAGjggI0MIICMDAdBgNVHQ4E
FgQU51bDviqN+z7Oiwfs5g2plMcF2eEwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzUxYkR2aXFOLXo3T2l3
ZnM1ZzJwbE1jRjJlRS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwYgYIKwYBBQUHAQcBAf8EUzBRME8EAgABMEkD
BAIr7zADBAMr9gAwDAMEAiv2DAMEBCv2IDAMAwQCK/Y0AwQCK/ZgAwQCZyMwMAsD
AwJn7AMEA2fsEDAMAwQCZ+wcAwQCZ+xgMA0GCSqGSIb3DQEBCwUAA4IBAQAX1wuC
nOLibH9KiLp4UiqfwuAqhfsWlioFNz1zwDmCPeY/F//asel6JVCAmGIdW92+2aEi
RpSg+L6LC3YnZSAMyBJbWHSgDw1PgIqOeMd1PnpsejAGorQU8kSU3y2fCJOzKg/e
iNae/H8ezmvfextC849KwjyXA0PnEZCRt3ZW//maS0pwRyd76JLvJ2mb08GnP66u
ibJsoKNbG2BCVLck4uQQ38vzmeYCHzfPiQ4SOF1R68KZ0MEidq/EY7BMRv4jlFzu
VOKnGHMfHN9t/CrQEMqCn0c8bV9ZkgwgGHKF6Qba4nFgK/fOJnFHIbtkdyztdblC
UfLqK3B2AQLz4RPj
-----END CERTIFICATE-----
Generated at Sun Jun 22 16:50:00 2025 by rpki-client