Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/AJVSAEUE0u8x99ZsRVGYWFuQZDQ.roa
File: AJVSAEUE0u8x99ZsRVGYWFuQZDQ.roa (raw, json)
Hash identifier: vV0Ugw+G5b2t6cVtDPQAzDDaGyaAr/XZn3S4Os7OIJ8=
Subject key identifier: 00:95:52:00:45:04:D2:EF:31:F7:D6:6C:45:51:98:58:5B:90:64:34
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 66DC
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/AJVSAEUE0u8x99ZsRVGYWFuQZDQ.roa
Signing time: Sun 01 Jun 2025 09:11:40 +0000
ROA not before: Sun 01 Jun 2025 09:11:40 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 24426
IP address blocks: 43.239.48.0/22 maxlen: 22
43.246.0.0/22 maxlen: 22
43.246.4.0/22 maxlen: 22
43.246.12.0/22 maxlen: 22
43.246.16.0/22 maxlen: 22
43.246.20.0/22 maxlen: 22
43.246.24.0/22 maxlen: 22
43.246.28.0/22 maxlen: 22
43.246.32.0/22 maxlen: 22
43.246.36.0/22 maxlen: 22
43.246.40.0/22 maxlen: 22
43.246.44.0/22 maxlen: 22
43.246.52.0/22 maxlen: 22
43.246.56.0/22 maxlen: 22
43.246.60.0/22 maxlen: 22
43.246.64.0/22 maxlen: 22
43.246.68.0/22 maxlen: 22
43.246.72.0/22 maxlen: 22
43.246.76.0/22 maxlen: 22
43.246.80.0/22 maxlen: 22
43.246.84.0/22 maxlen: 22
43.246.88.0/22 maxlen: 22
43.246.92.0/22 maxlen: 22
43.246.96.0/22 maxlen: 22
103.35.48.0/22 maxlen: 22
103.236.0.0/22 maxlen: 22
103.236.4.0/22 maxlen: 22
103.236.8.0/22 maxlen: 22
103.236.12.0/22 maxlen: 22
103.236.16.0/22 maxlen: 22
103.236.20.0/22 maxlen: 22
103.236.28.0/22 maxlen: 22
103.236.32.0/22 maxlen: 22
103.236.36.0/22 maxlen: 22
103.236.40.0/22 maxlen: 22
103.236.44.0/22 maxlen: 22
103.236.48.0/22 maxlen: 22
103.236.52.0/22 maxlen: 22
103.236.56.0/22 maxlen: 22
103.236.60.0/22 maxlen: 22
103.236.64.0/22 maxlen: 22
103.236.68.0/22 maxlen: 22
103.236.72.0/22 maxlen: 22
103.236.76.0/22 maxlen: 22
103.236.80.0/22 maxlen: 22
103.236.84.0/22 maxlen: 22
103.236.88.0/22 maxlen: 22
103.236.92.0/22 maxlen: 22
103.236.96.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 26332 (0x66dc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Jun 1 09:11:40 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=009552004504D2EF31F7D66C455198585B906434
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:c1:47:b2:d2:45:ac:d3:bd:97:0a:31:93:61:
59:1b:c1:c5:db:b4:1c:cb:b5:11:aa:ce:91:1b:7d:
ff:a0:65:a9:95:7d:70:b5:09:bf:31:00:8f:a3:20:
34:f4:5a:22:a6:ef:57:e4:5a:e9:49:22:4e:92:6a:
e7:86:6c:26:73:b3:fb:fd:00:dd:ba:f6:00:67:9f:
72:7b:dc:55:44:fa:9e:1d:b3:09:40:d9:22:4f:0f:
8e:73:15:59:39:76:6b:cd:d7:a1:9f:4d:af:64:53:
fc:0a:46:57:c3:b9:9e:d0:10:0a:6e:88:62:81:9d:
95:5b:85:25:53:ef:4c:b5:a3:4c:4f:a1:ef:dc:95:
33:f1:f4:d4:b7:80:33:95:68:47:b8:1a:8d:54:aa:
77:a1:af:de:5e:2d:b3:1d:e2:a2:23:41:d7:d9:48:
ee:36:40:0c:86:09:f6:a6:8e:5c:a2:e9:33:24:b5:
7c:8d:9d:99:7c:bc:0c:0e:c6:7a:1b:06:90:66:ae:
65:14:85:4f:23:80:49:44:9d:54:c3:1f:06:45:93:
0b:b3:11:7a:1a:75:26:21:1d:5f:1f:6f:02:3a:71:
f8:70:00:1f:16:68:bb:60:ad:79:40:7b:5a:e3:2d:
e6:55:02:37:b7:58:f7:8d:b8:17:66:b8:95:cb:65:
a8:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:95:52:00:45:04:D2:EF:31:F7:D6:6C:45:51:98:58:5B:90:64:34
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/AJVSAEUE0u8x99ZsRVGYWFuQZDQ.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.48.0/22
43.246.0.0/21
43.246.12.0-43.246.47.255
43.246.52.0-43.246.99.255
103.35.48.0/22
103.236.0.0-103.236.23.255
103.236.28.0-103.236.99.255
Signature Algorithm: sha256WithRSAEncryption
1e:57:5b:b7:39:73:cb:04:70:00:17:d8:33:81:e9:a5:3d:09:
0e:a7:a6:60:ac:7f:1c:80:7d:38:7f:92:ec:6f:89:73:6c:0c:
61:e8:a7:eb:19:33:d8:41:65:1f:10:35:53:30:e3:9b:92:33:
8f:b0:b2:5b:0a:b6:55:78:e6:3b:20:7d:97:bc:1a:ac:86:cb:
94:39:95:54:88:d6:cb:0f:03:37:8d:00:fd:4d:a0:1c:aa:19:
28:d1:be:f0:19:5e:02:a2:3b:d6:56:66:cd:84:99:8d:ae:22:
53:ad:3f:90:82:d5:c0:ae:d2:d4:af:a0:ec:d3:bb:32:cb:f1:
73:93:8d:ed:45:b8:b7:0d:a2:a1:70:b1:3d:75:da:54:5b:84:
c3:41:d8:98:95:00:a1:37:89:4f:bb:06:26:0f:4c:f2:f2:8b:
ee:ed:c4:51:e2:78:65:f1:33:c3:16:fb:40:13:16:36:34:d3:
7c:6a:29:ad:21:85:52:14:03:f5:8c:be:9e:34:bb:72:0d:0f:
04:0e:5a:13:0f:96:87:53:c6:c1:fe:e1:1f:b2:6a:67:5f:18:
65:a2:90:db:2e:b3:a2:97:12:a0:4e:d7:52:a1:6a:80:45:f8:
ae:7f:7a:4e:28:d1:26:64:60:86:19:bc:ff:05:ee:ee:b3:51:
51:1d:a1:1e
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgICZtwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNTA2MDEw
OTExNDBaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDAwOTU1MjAwNDUwNEQy
RUYzMUY3RDY2QzQ1NTE5ODU4NUI5MDY0MzQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDVwUey0kWs072XCjGTYVkbwcXbtBzLtRGqzpEbff+gZamVfXC1
Cb8xAI+jIDT0WiKm71fkWulJIk6SaueGbCZzs/v9AN269gBnn3J73FVE+p4dswlA
2SJPD45zFVk5dmvN16GfTa9kU/wKRlfDuZ7QEApuiGKBnZVbhSVT70y1o0xPoe/c
lTPx9NS3gDOVaEe4Go1Uqnehr95eLbMd4qIjQdfZSO42QAyGCfamjlyi6TMktXyN
nZl8vAwOxnobBpBmrmUUhU8jgElEnVTDHwZFkwuzEXoadSYhHV8fbwI6cfhwAB8W
aLtgrXlAe1rjLeZVAje3WPeNuBdmuJXLZailAgMBAAGjggI0MIICMDAdBgNVHQ4E
FgQUAJVSAEUE0u8x99ZsRVGYWFuQZDQwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0FKVlNBRVVFMHU4eDk5
WnNSVkdZV0Z1UVpEUS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwYgYIKwYBBQUHAQcBAf8EUzBRME8EAgABMEkD
BAIr7zADBAMr9gAwDAMEAiv2DAMEBCv2IDAMAwQCK/Y0AwQCK/ZgAwQCZyMwMAsD
AwJn7AMEA2fsEDAMAwQCZ+wcAwQCZ+xgMA0GCSqGSIb3DQEBCwUAA4IBAQAeV1u3
OXPLBHAAF9gzgemlPQkOp6ZgrH8cgH04f5Lsb4lzbAxh6KfrGTPYQWUfEDVTMOOb
kjOPsLJbCrZVeOY7IH2XvBqshsuUOZVUiNbLDwM3jQD9TaAcqhko0b7wGV4CojvW
VmbNhJmNriJTrT+QgtXArtLUr6Ds07syy/Fzk43tRbi3DaKhcLE9ddpUW4TDQdiY
lQChN4lPuwYmD0zy8ovu7cRR4nhl8TPDFvtAExY2NNN8aimtIYVSFAP1jL6eNLty
DQ8EDloTD5aHU8bB/uEfsmpnXxhlopDbLrOilxKgTtdSoWqARfiuf3pOKNEmZGCG
Gbz/Be7us1FRHaEe
-----END CERTIFICATE-----
Generated at Sat Jun 21 16:54:30 2025 by rpki-client