Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/APIWuL-MMqY0KXENWdTxRql1Gqs.roa
File: APIWuL-MMqY0KXENWdTxRql1Gqs.roa (raw, json)
Hash identifier: aNZ7eff5zQonxKQJxZFVxhq3jYefByNuAnWp8vlTvkw=
Subject key identifier: 00:F2:16:B8:BF:8C:32:A6:34:29:71:0D:59:D4:F1:46:A9:75:1A:AB
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 696C
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/APIWuL-MMqY0KXENWdTxRql1Gqs.roa
Signing time: Sun 08 Jun 2025 05:11:57 +0000
ROA not before: Sun 08 Jun 2025 05:11:57 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 24426
IP address blocks: 43.239.48.0/22 maxlen: 22
43.246.0.0/22 maxlen: 22
43.246.4.0/22 maxlen: 22
43.246.12.0/22 maxlen: 22
43.246.16.0/22 maxlen: 22
43.246.20.0/22 maxlen: 22
43.246.24.0/22 maxlen: 22
43.246.28.0/22 maxlen: 22
43.246.32.0/22 maxlen: 22
43.246.36.0/22 maxlen: 22
43.246.40.0/22 maxlen: 22
43.246.44.0/22 maxlen: 22
43.246.52.0/22 maxlen: 22
43.246.56.0/22 maxlen: 22
43.246.60.0/22 maxlen: 22
43.246.64.0/22 maxlen: 22
43.246.68.0/22 maxlen: 22
43.246.72.0/22 maxlen: 22
43.246.76.0/22 maxlen: 22
43.246.80.0/22 maxlen: 22
43.246.84.0/22 maxlen: 22
43.246.88.0/22 maxlen: 22
43.246.92.0/22 maxlen: 22
43.246.96.0/22 maxlen: 22
103.35.48.0/22 maxlen: 22
103.236.0.0/22 maxlen: 22
103.236.4.0/22 maxlen: 22
103.236.8.0/22 maxlen: 22
103.236.12.0/22 maxlen: 22
103.236.16.0/22 maxlen: 22
103.236.20.0/22 maxlen: 22
103.236.28.0/22 maxlen: 22
103.236.32.0/22 maxlen: 22
103.236.36.0/22 maxlen: 22
103.236.40.0/22 maxlen: 22
103.236.44.0/22 maxlen: 22
103.236.48.0/22 maxlen: 22
103.236.52.0/22 maxlen: 22
103.236.56.0/22 maxlen: 22
103.236.60.0/22 maxlen: 22
103.236.64.0/22 maxlen: 22
103.236.68.0/22 maxlen: 22
103.236.72.0/22 maxlen: 22
103.236.76.0/22 maxlen: 22
103.236.80.0/22 maxlen: 22
103.236.84.0/22 maxlen: 22
103.236.88.0/22 maxlen: 22
103.236.92.0/22 maxlen: 22
103.236.96.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 26988 (0x696c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Jun 8 05:11:57 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=00F216B8BF8C32A63429710D59D4F146A9751AAB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:fd:c0:3a:c0:a2:a2:0d:d8:6f:5d:37:e4:af:
31:bb:23:52:fa:4f:86:ff:5f:b9:d5:41:44:5b:ac:
27:9e:4d:81:9b:73:73:84:15:79:31:6e:01:88:9c:
03:71:ea:a1:6f:9a:18:46:b3:cb:68:64:f6:6a:5c:
f8:e9:42:c5:5b:1a:29:3c:d6:a1:95:db:d2:46:62:
51:05:8a:31:72:3c:9d:77:21:a1:26:7d:e3:34:47:
3a:86:51:9d:f7:b2:0e:8b:b3:06:33:f2:ff:89:5f:
02:5b:0d:0f:4e:a2:09:e2:4b:4c:6f:94:7e:27:f1:
b3:0d:6c:6b:40:c5:b3:ad:f0:8e:9b:a1:83:ad:b7:
69:a4:09:cd:96:2b:93:85:fc:8e:c5:89:07:e4:61:
79:21:e4:70:b0:84:6b:dd:e3:8f:7d:4f:97:f3:5e:
92:6b:21:1f:ce:ef:62:c3:bb:61:82:fb:02:bf:a9:
74:2a:4d:73:0c:53:44:34:61:ec:80:05:f4:3f:98:
41:45:d3:2c:7b:7e:f6:dd:fb:1d:94:15:41:7e:64:
52:1c:eb:8d:ed:1d:f9:d3:e6:b4:d6:c5:aa:21:a3:
c1:07:e7:8c:19:ef:6e:b7:13:ab:58:72:ff:64:e6:
ca:fe:94:0f:82:a7:e8:d2:61:da:ee:2f:e8:81:0b:
55:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:F2:16:B8:BF:8C:32:A6:34:29:71:0D:59:D4:F1:46:A9:75:1A:AB
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/APIWuL-MMqY0KXENWdTxRql1Gqs.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.48.0/22
43.246.0.0/21
43.246.12.0-43.246.47.255
43.246.52.0-43.246.99.255
103.35.48.0/22
103.236.0.0-103.236.23.255
103.236.28.0-103.236.99.255
Signature Algorithm: sha256WithRSAEncryption
5e:5e:c6:1f:20:33:fa:ad:a0:e6:89:89:58:80:b8:5d:f8:8e:
ae:b2:aa:00:ce:b3:6e:85:2a:0b:6b:d3:62:1a:16:99:e8:08:
0e:9d:80:7c:bb:c2:06:3d:cf:ea:69:d3:83:c1:bf:94:a4:5a:
5e:b8:79:ca:e7:9e:09:50:42:3d:56:a0:95:65:17:3d:89:60:
27:84:a0:69:51:19:12:73:e3:89:79:11:25:3d:38:de:77:bc:
2e:4a:bc:47:2d:ae:40:1d:ea:be:f3:27:b1:69:62:6f:d8:d2:
21:2b:94:3f:89:92:bd:9c:39:3d:26:a9:08:16:71:79:93:0e:
02:80:da:b7:e4:fb:0e:d3:01:e2:95:13:22:5d:e1:90:de:0e:
80:24:ef:9a:60:a4:ee:f7:18:95:10:60:33:36:38:c2:2b:4c:
ab:eb:6a:c9:57:4c:60:2f:bc:3b:cb:a0:31:33:c8:3d:cf:c9:
62:7e:20:4c:e1:f7:64:b2:ec:f5:de:4c:86:b8:1e:36:1e:1b:
99:a6:db:d6:79:89:1e:ab:99:ea:f9:b7:55:19:c8:bb:f3:73:
a9:f9:7e:53:63:ba:92:2c:04:e5:3c:63:7e:f7:3e:9b:d8:7a:
f9:e3:5c:eb:31:cc:72:72:7d:74:71:27:86:2c:96:a5:c5:bc:
b7:8f:aa:f4
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgICaWwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNTA2MDgw
NTExNTdaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDAwRjIxNkI4QkY4QzMy
QTYzNDI5NzEwRDU5RDRGMTQ2QTk3NTFBQUIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDR/cA6wKKiDdhvXTfkrzG7I1L6T4b/X7nVQURbrCeeTYGbc3OE
FXkxbgGInANx6qFvmhhGs8toZPZqXPjpQsVbGik81qGV29JGYlEFijFyPJ13IaEm
feM0RzqGUZ33sg6LswYz8v+JXwJbDQ9OogniS0xvlH4n8bMNbGtAxbOt8I6boYOt
t2mkCc2WK5OF/I7FiQfkYXkh5HCwhGvd4499T5fzXpJrIR/O72LDu2GC+wK/qXQq
TXMMU0Q0YeyABfQ/mEFF0yx7fvbd+x2UFUF+ZFIc643tHfnT5rTWxaoho8EH54wZ
7263E6tYcv9k5sr+lA+Cp+jSYdruL+iBC1W/AgMBAAGjggI0MIICMDAdBgNVHQ4E
FgQUAPIWuL+MMqY0KXENWdTxRql1GqswHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0FQSVd1TC1NTXFZMEtY
RU5XZFR4UnFsMUdxcy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwYgYIKwYBBQUHAQcBAf8EUzBRME8EAgABMEkD
BAIr7zADBAMr9gAwDAMEAiv2DAMEBCv2IDAMAwQCK/Y0AwQCK/ZgAwQCZyMwMAsD
AwJn7AMEA2fsEDAMAwQCZ+wcAwQCZ+xgMA0GCSqGSIb3DQEBCwUAA4IBAQBeXsYf
IDP6raDmiYlYgLhd+I6usqoAzrNuhSoLa9NiGhaZ6AgOnYB8u8IGPc/qadODwb+U
pFpeuHnK554JUEI9VqCVZRc9iWAnhKBpURkSc+OJeRElPTjed7wuSrxHLa5AHeq+
8yexaWJv2NIhK5Q/iZK9nDk9JqkIFnF5kw4CgNq35PsO0wHilRMiXeGQ3g6AJO+a
YKTu9xiVEGAzNjjCK0yr62rJV0xgL7w7y6AxM8g9z8lifiBM4fdksuz13kyGuB42
HhuZptvWeYkeq5nq+bdVGci783Op+X5TY7qSLATlPGN+9z6b2Hr541zrMcxycn10
cSeGLJalxby3j6r0
-----END CERTIFICATE-----
Generated at Wed Jun 18 20:49:37 2025 by rpki-client