Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/Buvf-MQKYH63YSjo5ST_yloQOss.roa
File: Buvf-MQKYH63YSjo5ST_yloQOss.roa (raw, json)
Hash identifier: T6woy26/1nRRNnkvrx1vOE0msFSBO2cOdQUtKvI2JYU=
Subject key identifier: 06:EB:DF:F8:C4:0A:60:7E:B7:61:28:E8:E5:24:FF:CA:5A:10:3A:CB
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 6318
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/Buvf-MQKYH63YSjo5ST_yloQOss.roa
Signing time: Thu 22 May 2025 08:10:46 +0000
ROA not before: Thu 22 May 2025 08:10:46 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 24426
IP address blocks: 43.239.48.0/22 maxlen: 22
43.246.0.0/22 maxlen: 22
43.246.4.0/22 maxlen: 22
43.246.12.0/22 maxlen: 22
43.246.16.0/22 maxlen: 22
43.246.20.0/22 maxlen: 22
43.246.24.0/22 maxlen: 22
43.246.28.0/22 maxlen: 22
43.246.32.0/22 maxlen: 22
43.246.36.0/22 maxlen: 22
43.246.40.0/22 maxlen: 22
43.246.44.0/22 maxlen: 22
43.246.52.0/22 maxlen: 22
43.246.56.0/22 maxlen: 22
43.246.60.0/22 maxlen: 22
43.246.64.0/22 maxlen: 22
43.246.68.0/22 maxlen: 22
43.246.72.0/22 maxlen: 22
43.246.76.0/22 maxlen: 22
43.246.80.0/22 maxlen: 22
43.246.84.0/22 maxlen: 22
43.246.88.0/22 maxlen: 22
43.246.92.0/22 maxlen: 22
43.246.96.0/22 maxlen: 22
103.35.48.0/22 maxlen: 22
103.236.0.0/22 maxlen: 22
103.236.4.0/22 maxlen: 22
103.236.8.0/22 maxlen: 22
103.236.12.0/22 maxlen: 22
103.236.16.0/22 maxlen: 22
103.236.20.0/22 maxlen: 22
103.236.28.0/22 maxlen: 22
103.236.32.0/22 maxlen: 22
103.236.36.0/22 maxlen: 22
103.236.40.0/22 maxlen: 22
103.236.44.0/22 maxlen: 22
103.236.48.0/22 maxlen: 22
103.236.52.0/22 maxlen: 22
103.236.56.0/22 maxlen: 22
103.236.60.0/22 maxlen: 22
103.236.64.0/22 maxlen: 22
103.236.68.0/22 maxlen: 22
103.236.72.0/22 maxlen: 22
103.236.76.0/22 maxlen: 22
103.236.80.0/22 maxlen: 22
103.236.84.0/22 maxlen: 22
103.236.88.0/22 maxlen: 22
103.236.92.0/22 maxlen: 22
103.236.96.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 25368 (0x6318)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 22 08:10:46 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=06EBDFF8C40A607EB76128E8E524FFCA5A103ACB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:81:70:6d:e4:c3:7e:db:f4:6c:dd:de:97:a3:
5c:23:d1:04:c3:d8:05:50:7c:ec:58:f6:92:2f:6e:
44:9b:ef:9e:20:eb:24:b6:15:fa:55:49:6d:bf:c8:
5c:c5:a7:d0:ba:26:68:84:8b:c4:9b:37:2f:3f:cb:
f8:eb:d4:fe:c0:90:b6:fc:ad:95:37:06:ab:58:16:
7e:b0:51:ac:23:bd:ab:90:b5:bb:89:72:b5:13:ce:
68:aa:34:37:b8:1d:3d:2c:09:39:79:75:04:12:02:
46:28:fd:78:bf:f6:08:a3:f8:96:d5:56:7d:5c:91:
93:7d:51:73:4f:b6:c3:d6:ac:37:fd:7f:a9:92:7d:
7a:63:0c:1b:c5:7b:98:30:40:90:ce:3b:57:6c:73:
8d:27:76:2e:39:a7:45:24:12:d6:75:c8:dc:fe:53:
e2:48:64:26:f4:08:05:48:0e:74:8b:1d:9d:77:0b:
81:fd:a3:4a:e1:2d:dd:d1:6c:ee:5f:15:b7:77:36:
ac:5f:a6:25:1c:47:9b:71:ae:98:0a:07:53:99:ed:
c7:4c:b2:ed:b4:f8:9f:55:7a:71:c0:d4:51:6b:44:
3d:41:2b:57:47:26:67:d7:6b:3a:ed:ba:61:11:72:
c2:d7:8d:6f:1f:5e:69:2d:f7:12:f8:ed:24:f5:47:
9e:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:EB:DF:F8:C4:0A:60:7E:B7:61:28:E8:E5:24:FF:CA:5A:10:3A:CB
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/Buvf-MQKYH63YSjo5ST_yloQOss.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.48.0/22
43.246.0.0/21
43.246.12.0-43.246.47.255
43.246.52.0-43.246.99.255
103.35.48.0/22
103.236.0.0-103.236.23.255
103.236.28.0-103.236.99.255
Signature Algorithm: sha256WithRSAEncryption
17:23:89:ba:84:3d:0c:d4:90:95:23:d6:93:cb:df:c9:00:a9:
cd:d3:2e:18:c0:13:6d:db:14:59:0b:ad:61:01:c2:b3:3e:fd:
4c:d8:17:1b:f7:58:dd:68:5c:49:48:4a:27:57:9d:ef:6f:f2:
c7:c4:35:00:cd:30:5c:46:4b:81:c4:df:4e:04:a3:86:ac:d0:
db:cd:84:43:fc:b4:61:25:29:b4:3f:39:a3:6a:13:3b:0d:9b:
42:e6:1e:2b:e2:93:b6:69:a8:06:fd:63:2d:3a:57:76:7b:05:
a6:2e:8d:5b:4f:31:2d:cc:11:06:0a:b5:ee:ce:1b:21:14:1c:
c7:f7:23:e6:de:b7:c4:81:94:66:1d:70:a4:6b:42:e4:a1:f9:
f5:f8:31:4d:f5:74:98:a5:f3:31:ff:d1:fc:4f:a9:c4:fd:a7:
c1:25:d1:5c:79:ba:e7:c1:c5:7c:4a:be:9a:b0:5e:77:64:f4:
ff:3b:89:9e:d1:bf:38:f3:85:15:84:2b:e8:71:0f:4a:0c:c9:
cf:d0:04:72:2c:04:22:3d:a2:88:ea:e5:4c:28:eb:9e:8e:47:
ce:c5:a5:84:5b:68:ea:de:6b:4f:26:13:36:ae:99:6b:f3:fe:
bf:f8:b1:46:04:af:19:d4:55:32:11:93:65:78:5a:7f:7e:f4:
02:25:10:18
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgICYxgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNTA1MjIw
ODEwNDZaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDA2RUJERkY4QzQwQTYw
N0VCNzYxMjhFOEU1MjRGRkNBNUExMDNBQ0IwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCxgXBt5MN+2/Rs3d6Xo1wj0QTD2AVQfOxY9pIvbkSb754g6yS2
FfpVSW2/yFzFp9C6JmiEi8SbNy8/y/jr1P7AkLb8rZU3BqtYFn6wUawjvauQtbuJ
crUTzmiqNDe4HT0sCTl5dQQSAkYo/Xi/9gij+JbVVn1ckZN9UXNPtsPWrDf9f6mS
fXpjDBvFe5gwQJDOO1dsc40ndi45p0UkEtZ1yNz+U+JIZCb0CAVIDnSLHZ13C4H9
o0rhLd3RbO5fFbd3NqxfpiUcR5txrpgKB1OZ7cdMsu20+J9VenHA1FFrRD1BK1dH
JmfXazrtumERcsLXjW8fXmkt9xL47ST1R57/AgMBAAGjggI0MIICMDAdBgNVHQ4E
FgQUBuvf+MQKYH63YSjo5ST/yloQOsswHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0J1dmYtTVFLWUg2M1lT
am81U1RfeWxvUU9zcy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwYgYIKwYBBQUHAQcBAf8EUzBRME8EAgABMEkD
BAIr7zADBAMr9gAwDAMEAiv2DAMEBCv2IDAMAwQCK/Y0AwQCK/ZgAwQCZyMwMAsD
AwJn7AMEA2fsEDAMAwQCZ+wcAwQCZ+xgMA0GCSqGSIb3DQEBCwUAA4IBAQAXI4m6
hD0M1JCVI9aTy9/JAKnN0y4YwBNt2xRZC61hAcKzPv1M2Bcb91jdaFxJSEonV53v
b/LHxDUAzTBcRkuBxN9OBKOGrNDbzYRD/LRhJSm0PzmjahM7DZtC5h4r4pO2aagG
/WMtOld2ewWmLo1bTzEtzBEGCrXuzhshFBzH9yPm3rfEgZRmHXCka0Lkofn1+DFN
9XSYpfMx/9H8T6nE/afBJdFcebrnwcV8Sr6asF53ZPT/O4me0b8484UVhCvocQ9K
DMnP0ARyLAQiPaKI6uVMKOuejkfOxaWEW2jq3mtPJhM2rplr8/6/+LFGBK8Z1FUy
EZNleFp/fvQCJRAY
-----END CERTIFICATE-----
Generated at Fri Jun 20 22:30:43 2025 by rpki-client