Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/Huy49klfqb5VYBaxsCWd9_sbEdQ.roa
File: Huy49klfqb5VYBaxsCWd9_sbEdQ.roa (raw, json)
Hash identifier: RxZ8aTpHKkVDagVNbRbbSFGWbyirNEoNiNMvj0Ypblo=
Subject key identifier: 1E:EC:B8:F6:49:5F:A9:BE:55:60:16:B1:B0:25:9D:F7:FB:1B:11:D4
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 60F0
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/Huy49klfqb5VYBaxsCWd9_sbEdQ.roa
Signing time: Fri 16 May 2025 14:10:37 +0000
ROA not before: Fri 16 May 2025 14:10:37 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 24426
IP address blocks: 43.239.48.0/22 maxlen: 22
43.246.0.0/22 maxlen: 22
43.246.4.0/22 maxlen: 22
43.246.12.0/22 maxlen: 22
43.246.16.0/22 maxlen: 22
43.246.20.0/22 maxlen: 22
43.246.24.0/22 maxlen: 22
43.246.28.0/22 maxlen: 22
43.246.32.0/22 maxlen: 22
43.246.36.0/22 maxlen: 22
43.246.40.0/22 maxlen: 22
43.246.44.0/22 maxlen: 22
43.246.52.0/22 maxlen: 22
43.246.56.0/22 maxlen: 22
43.246.60.0/22 maxlen: 22
43.246.64.0/22 maxlen: 22
43.246.68.0/22 maxlen: 22
43.246.72.0/22 maxlen: 22
43.246.76.0/22 maxlen: 22
43.246.80.0/22 maxlen: 22
43.246.84.0/22 maxlen: 22
43.246.88.0/22 maxlen: 22
43.246.92.0/22 maxlen: 22
43.246.96.0/22 maxlen: 22
103.35.48.0/22 maxlen: 22
103.236.0.0/22 maxlen: 22
103.236.4.0/22 maxlen: 22
103.236.8.0/22 maxlen: 22
103.236.12.0/22 maxlen: 22
103.236.16.0/22 maxlen: 22
103.236.20.0/22 maxlen: 22
103.236.28.0/22 maxlen: 22
103.236.32.0/22 maxlen: 22
103.236.36.0/22 maxlen: 22
103.236.40.0/22 maxlen: 22
103.236.44.0/22 maxlen: 22
103.236.48.0/22 maxlen: 22
103.236.52.0/22 maxlen: 22
103.236.56.0/22 maxlen: 22
103.236.60.0/22 maxlen: 22
103.236.64.0/22 maxlen: 22
103.236.68.0/22 maxlen: 22
103.236.72.0/22 maxlen: 22
103.236.76.0/22 maxlen: 22
103.236.80.0/22 maxlen: 22
103.236.84.0/22 maxlen: 22
103.236.88.0/22 maxlen: 22
103.236.92.0/22 maxlen: 22
103.236.96.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 24816 (0x60f0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 16 14:10:37 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=1EECB8F6495FA9BE556016B1B0259DF7FB1B11D4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:d4:94:79:11:74:b7:ef:71:8c:86:67:e7:10:
17:fc:26:51:0f:e4:0c:9b:b6:f5:85:b5:54:09:b4:
ea:bf:6e:90:0a:06:9b:96:03:a3:6f:4e:3f:c3:fd:
d2:e7:f3:22:68:be:71:7d:3d:3a:3c:23:31:a8:6d:
00:73:05:3f:cc:31:42:9b:97:a5:de:fd:b4:49:03:
4b:2f:83:00:d2:29:b9:7d:9b:b0:16:f9:4f:6e:c7:
21:aa:26:ff:fa:c1:eb:45:43:f8:db:ac:1a:48:96:
fb:8e:7c:99:1f:30:f6:96:75:87:df:f7:d9:34:ae:
4a:d3:62:33:10:55:a2:50:0d:17:4d:6b:5c:c2:91:
4e:ba:81:d8:c0:74:31:a2:a4:6e:d3:4d:76:39:60:
2e:d8:cf:f2:ef:70:cb:71:ec:4e:a1:7b:eb:6b:73:
2c:af:e2:d6:d6:30:f0:2f:44:87:15:54:6f:31:f6:
15:31:6f:8f:8f:c4:2a:25:22:23:d4:29:8a:41:c8:
03:4b:52:e7:a5:df:ec:df:9e:d4:17:d1:ab:89:6c:
d2:29:19:03:fc:60:a9:f7:fc:24:bf:c5:b3:df:d2:
5c:8b:7a:8d:c9:78:60:d5:5f:91:0b:2f:cf:be:2e:
c3:99:1c:42:71:d9:ca:91:27:e0:52:f4:e3:4f:50:
e7:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:EC:B8:F6:49:5F:A9:BE:55:60:16:B1:B0:25:9D:F7:FB:1B:11:D4
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/Huy49klfqb5VYBaxsCWd9_sbEdQ.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.48.0/22
43.246.0.0/21
43.246.12.0-43.246.47.255
43.246.52.0-43.246.99.255
103.35.48.0/22
103.236.0.0-103.236.23.255
103.236.28.0-103.236.99.255
Signature Algorithm: sha256WithRSAEncryption
69:0d:bb:b4:18:6b:af:07:6e:97:6f:3d:1f:2f:58:dd:ce:33:
5f:bf:f9:d8:01:c5:7b:3a:e6:b9:b8:44:07:79:df:fe:fb:03:
89:e7:61:f5:e5:89:d5:9d:fa:5d:c7:7b:f4:fd:9d:b0:66:81:
1b:98:09:35:ff:7c:48:32:3b:21:9d:6f:1c:10:c8:8a:40:d3:
97:c0:29:1f:c0:f9:c3:34:e7:c3:88:9c:6d:a0:bf:39:26:df:
94:b6:f1:d1:4b:3e:d9:cf:42:da:93:29:9e:89:d8:48:6d:86:
51:04:13:89:57:07:3a:c1:20:02:f7:f4:fa:d7:af:9d:93:6f:
e5:d4:bd:4a:6e:81:37:c5:fc:11:af:ea:6c:db:78:e4:30:e1:
e0:af:ec:4e:0d:8a:4b:7e:93:69:a7:f2:39:f5:7c:5e:b9:a1:
0d:af:61:a9:d2:3b:ad:ef:22:87:dd:d8:cb:cd:73:e5:f1:ba:
55:1b:e2:05:03:79:96:b0:28:51:cb:49:1f:3e:63:48:5b:cc:
7d:2f:1e:55:e3:b7:7c:09:bd:9a:8c:17:cd:98:fd:19:27:a0:
0e:37:14:38:e0:df:95:70:ee:f8:82:1a:ca:83:5b:55:93:dd:
03:bf:c1:da:30:55:8c:8b:e8:e0:e3:2d:50:cf:b4:a6:df:b4:
cc:ce:9c:0a
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgICYPAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNTA1MTYx
NDEwMzdaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDFFRUNCOEY2NDk1RkE5
QkU1NTYwMTZCMUIwMjU5REY3RkIxQjExRDQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDF1JR5EXS373GMhmfnEBf8JlEP5AybtvWFtVQJtOq/bpAKBpuW
A6NvTj/D/dLn8yJovnF9PTo8IzGobQBzBT/MMUKbl6Xe/bRJA0svgwDSKbl9m7AW
+U9uxyGqJv/6wetFQ/jbrBpIlvuOfJkfMPaWdYff99k0rkrTYjMQVaJQDRdNa1zC
kU66gdjAdDGipG7TTXY5YC7Yz/LvcMtx7E6he+trcyyv4tbWMPAvRIcVVG8x9hUx
b4+PxColIiPUKYpByANLUuel3+zfntQX0auJbNIpGQP8YKn3/CS/xbPf0lyLeo3J
eGDVX5ELL8++LsOZHEJx2cqRJ+BS9ONPUOepAgMBAAGjggI0MIICMDAdBgNVHQ4E
FgQUHuy49klfqb5VYBaxsCWd9/sbEdQwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0h1eTQ5a2xmcWI1VllC
YXhzQ1dkOV9zYkVkUS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwYgYIKwYBBQUHAQcBAf8EUzBRME8EAgABMEkD
BAIr7zADBAMr9gAwDAMEAiv2DAMEBCv2IDAMAwQCK/Y0AwQCK/ZgAwQCZyMwMAsD
AwJn7AMEA2fsEDAMAwQCZ+wcAwQCZ+xgMA0GCSqGSIb3DQEBCwUAA4IBAQBpDbu0
GGuvB26Xbz0fL1jdzjNfv/nYAcV7Oua5uEQHed/++wOJ52H15YnVnfpdx3v0/Z2w
ZoEbmAk1/3xIMjshnW8cEMiKQNOXwCkfwPnDNOfDiJxtoL85Jt+UtvHRSz7Zz0La
kymeidhIbYZRBBOJVwc6wSAC9/T616+dk2/l1L1KboE3xfwRr+ps23jkMOHgr+xO
DYpLfpNpp/I59XxeuaENr2Gp0jut7yKH3djLzXPl8bpVG+IFA3mWsChRy0kfPmNI
W8x9Lx5V47d8Cb2ajBfNmP0ZJ6AONxQ44N+VcO74ghrKg1tVk90Dv8HaMFWMi+jg
4y1Qz7Sm37TMzpwK
-----END CERTIFICATE-----
Generated at Sat Jun 21 16:53:03 2025 by rpki-client