Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/Fjv7-P794Wl2fGaWtzfbDSM2f_A.roa
File: Fjv7-P794Wl2fGaWtzfbDSM2f_A.roa (raw, json)
Hash identifier: ehVRlI43sejxGegS0awzh2KTEhDFSZUyCuineGcl4CU=
Subject key identifier: 16:3B:FB:F8:FE:FD:E1:69:76:7C:66:96:B7:37:DB:0D:23:36:7F:F0
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 6A18
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/Fjv7-P794Wl2fGaWtzfbDSM2f_A.roa
Signing time: Tue 10 Jun 2025 00:12:08 +0000
ROA not before: Tue 10 Jun 2025 00:12:08 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 24426
IP address blocks: 43.239.48.0/22 maxlen: 22
43.246.0.0/22 maxlen: 22
43.246.4.0/22 maxlen: 22
43.246.12.0/22 maxlen: 22
43.246.16.0/22 maxlen: 22
43.246.20.0/22 maxlen: 22
43.246.24.0/22 maxlen: 22
43.246.28.0/22 maxlen: 22
43.246.32.0/22 maxlen: 22
43.246.36.0/22 maxlen: 22
43.246.40.0/22 maxlen: 22
43.246.44.0/22 maxlen: 22
43.246.52.0/22 maxlen: 22
43.246.56.0/22 maxlen: 22
43.246.60.0/22 maxlen: 22
43.246.64.0/22 maxlen: 22
43.246.68.0/22 maxlen: 22
43.246.72.0/22 maxlen: 22
43.246.76.0/22 maxlen: 22
43.246.80.0/22 maxlen: 22
43.246.84.0/22 maxlen: 22
43.246.88.0/22 maxlen: 22
43.246.92.0/22 maxlen: 22
43.246.96.0/22 maxlen: 22
103.35.48.0/22 maxlen: 22
103.236.0.0/22 maxlen: 22
103.236.4.0/22 maxlen: 22
103.236.8.0/22 maxlen: 22
103.236.12.0/22 maxlen: 22
103.236.16.0/22 maxlen: 22
103.236.20.0/22 maxlen: 22
103.236.28.0/22 maxlen: 22
103.236.32.0/22 maxlen: 22
103.236.36.0/22 maxlen: 22
103.236.40.0/22 maxlen: 22
103.236.44.0/22 maxlen: 22
103.236.48.0/22 maxlen: 22
103.236.52.0/22 maxlen: 22
103.236.56.0/22 maxlen: 22
103.236.60.0/22 maxlen: 22
103.236.64.0/22 maxlen: 22
103.236.68.0/22 maxlen: 22
103.236.72.0/22 maxlen: 22
103.236.76.0/22 maxlen: 22
103.236.80.0/22 maxlen: 22
103.236.84.0/22 maxlen: 22
103.236.88.0/22 maxlen: 22
103.236.92.0/22 maxlen: 22
103.236.96.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 27160 (0x6a18)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Jun 10 00:12:08 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=163BFBF8FEFDE169767C6696B737DB0D23367FF0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:2b:44:d7:a7:07:73:46:46:fb:06:96:94:02:
8d:b5:64:13:33:de:d6:66:8a:3c:51:ae:34:6a:f2:
67:97:7c:d8:9d:2b:d9:a2:d3:1f:b0:40:58:3f:2c:
17:f0:1b:75:b9:ea:32:45:ff:48:be:72:dc:d4:0a:
24:e6:eb:84:3e:c1:5b:d9:4d:67:ae:44:72:97:ae:
3e:ce:da:ad:a9:f2:5a:14:46:1b:99:f8:03:eb:a2:
18:44:a6:f3:a7:5b:e7:bc:92:79:0b:ee:ad:88:02:
75:f2:91:7a:21:df:b9:34:3e:68:2b:f7:7e:1c:e0:
10:f6:f6:2a:e3:5c:c9:9b:5a:8f:8d:5f:24:32:56:
a1:a3:72:15:71:52:9c:39:72:f3:7c:66:78:81:92:
2d:fc:92:e7:71:90:1a:3f:76:92:6a:04:c4:19:9b:
ee:9a:f8:a2:66:d4:9f:12:df:2f:45:05:2f:87:d3:
a0:7f:29:d1:cf:a1:5f:8f:de:9e:d9:b3:47:db:c6:
90:1b:fd:66:cb:72:b4:fa:98:f8:8a:30:d2:ed:0c:
68:c6:bf:d5:df:64:c6:4f:4b:a9:8a:0b:b6:f3:98:
07:b0:6b:e6:f3:88:84:29:f9:4a:d3:5f:99:e6:eb:
52:cf:c9:c0:16:ca:03:40:8a:b6:04:0f:bf:31:eb:
2b:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:3B:FB:F8:FE:FD:E1:69:76:7C:66:96:B7:37:DB:0D:23:36:7F:F0
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/Fjv7-P794Wl2fGaWtzfbDSM2f_A.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.48.0/22
43.246.0.0/21
43.246.12.0-43.246.47.255
43.246.52.0-43.246.99.255
103.35.48.0/22
103.236.0.0-103.236.23.255
103.236.28.0-103.236.99.255
Signature Algorithm: sha256WithRSAEncryption
46:76:13:b9:3a:0a:8f:3c:24:ad:48:b6:b6:42:64:6d:7b:d2:
23:93:11:e6:7f:de:29:55:5c:2b:65:5d:83:e6:eb:fb:6e:5d:
93:c5:6c:11:b2:57:39:36:38:60:64:c7:c1:e6:71:09:17:a7:
0d:24:ce:f2:64:c1:ae:dc:7d:7f:b1:8a:8a:f7:be:d2:db:d9:
2d:90:8e:ce:46:6f:8f:37:e8:35:90:86:d6:a3:49:9f:ca:e6:
ca:73:08:4b:30:6f:94:15:71:8f:c4:21:55:9e:b4:51:73:88:
4a:42:22:83:c9:35:4d:00:ff:d7:17:3b:99:54:69:ea:57:43:
41:96:10:4c:68:0e:b6:f6:24:4e:4d:cb:89:d2:90:32:cd:ef:
47:da:96:16:53:2d:78:63:81:09:d9:06:9d:50:81:0a:34:13:
25:72:25:59:31:18:6a:12:d6:08:01:cf:ff:07:92:cf:1c:e5:
70:d7:ff:56:0c:af:26:87:22:57:af:e4:b4:16:fa:83:39:1c:
ef:a8:a9:6a:20:0c:72:9a:e1:01:bc:17:de:34:82:2e:f0:ca:
3f:9f:c2:20:9e:b9:73:3e:ab:72:2f:06:db:af:3e:28:2f:cf:
2c:46:f8:3b:01:6a:e0:57:31:4a:1b:6f:e7:8f:f3:a1:ea:4a:
f1:5d:9e:8e
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgICahgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNTA2MTAw
MDEyMDhaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDE2M0JGQkY4RkVGREUx
Njk3NjdDNjY5NkI3MzdEQjBEMjMzNjdGRjAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDQK0TXpwdzRkb7BpaUAo21ZBMz3tZmijxRrjRq8meXfNidK9mi
0x+wQFg/LBfwG3W56jJF/0i+ctzUCiTm64Q+wVvZTWeuRHKXrj7O2q2p8loURhuZ
+AProhhEpvOnW+e8knkL7q2IAnXykXoh37k0Pmgr934c4BD29irjXMmbWo+NXyQy
VqGjchVxUpw5cvN8ZniBki38kudxkBo/dpJqBMQZm+6a+KJm1J8S3y9FBS+H06B/
KdHPoV+P3p7Zs0fbxpAb/WbLcrT6mPiKMNLtDGjGv9XfZMZPS6mKC7bzmAewa+bz
iIQp+UrTX5nm61LPycAWygNAirYED78x6yvvAgMBAAGjggI0MIICMDAdBgNVHQ4E
FgQUFjv7+P794Wl2fGaWtzfbDSM2f/AwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0ZqdjctUDc5NFdsMmZH
YVd0emZiRFNNMmZfQS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwYgYIKwYBBQUHAQcBAf8EUzBRME8EAgABMEkD
BAIr7zADBAMr9gAwDAMEAiv2DAMEBCv2IDAMAwQCK/Y0AwQCK/ZgAwQCZyMwMAsD
AwJn7AMEA2fsEDAMAwQCZ+wcAwQCZ+xgMA0GCSqGSIb3DQEBCwUAA4IBAQBGdhO5
OgqPPCStSLa2QmRte9IjkxHmf94pVVwrZV2D5uv7bl2TxWwRslc5NjhgZMfB5nEJ
F6cNJM7yZMGu3H1/sYqK977S29ktkI7ORm+PN+g1kIbWo0mfyubKcwhLMG+UFXGP
xCFVnrRRc4hKQiKDyTVNAP/XFzuZVGnqV0NBlhBMaA629iROTcuJ0pAyze9H2pYW
Uy14Y4EJ2QadUIEKNBMlciVZMRhqEtYIAc//B5LPHOVw1/9WDK8mhyJXr+S0FvqD
ORzvqKlqIAxymuEBvBfeNIIu8Mo/n8IgnrlzPqtyLwbbrz4oL88sRvg7AWrgVzFK
G2/nj/Oh6krxXZ6O
-----END CERTIFICATE-----
Generated at Sun Jun 15 09:25:29 2025 by rpki-client