Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/QEev-m4gcMBiwk-uIJOi-4sne_c.roa
File: QEev-m4gcMBiwk-uIJOi-4sne_c.roa (raw, json)
Hash identifier: gNP5VMufTat/Ves4DgGuxzFwco2zc4FEMMYXaSEZOr0=
Subject key identifier: 40:47:AF:FA:6E:20:70:C0:62:C2:4F:AE:20:93:A2:FB:8B:27:7B:F7
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 6BCA
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/QEev-m4gcMBiwk-uIJOi-4sne_c.roa
Signing time: Sat 14 Jun 2025 12:42:25 +0000
ROA not before: Sat 14 Jun 2025 12:42:25 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 24426
IP address blocks: 43.239.48.0/22 maxlen: 22
43.246.0.0/22 maxlen: 22
43.246.4.0/22 maxlen: 22
43.246.12.0/22 maxlen: 22
43.246.16.0/22 maxlen: 22
43.246.20.0/22 maxlen: 22
43.246.24.0/22 maxlen: 22
43.246.28.0/22 maxlen: 22
43.246.32.0/22 maxlen: 22
43.246.36.0/22 maxlen: 22
43.246.40.0/22 maxlen: 22
43.246.44.0/22 maxlen: 22
43.246.52.0/22 maxlen: 22
43.246.56.0/22 maxlen: 22
43.246.60.0/22 maxlen: 22
43.246.64.0/22 maxlen: 22
43.246.68.0/22 maxlen: 22
43.246.72.0/22 maxlen: 22
43.246.76.0/22 maxlen: 22
43.246.80.0/22 maxlen: 22
43.246.84.0/22 maxlen: 22
43.246.88.0/22 maxlen: 22
43.246.92.0/22 maxlen: 22
43.246.96.0/22 maxlen: 22
103.35.48.0/22 maxlen: 22
103.236.0.0/22 maxlen: 22
103.236.4.0/22 maxlen: 22
103.236.8.0/22 maxlen: 22
103.236.12.0/22 maxlen: 22
103.236.16.0/22 maxlen: 22
103.236.20.0/22 maxlen: 22
103.236.28.0/22 maxlen: 22
103.236.32.0/22 maxlen: 22
103.236.36.0/22 maxlen: 22
103.236.40.0/22 maxlen: 22
103.236.44.0/22 maxlen: 22
103.236.48.0/22 maxlen: 22
103.236.52.0/22 maxlen: 22
103.236.56.0/22 maxlen: 22
103.236.60.0/22 maxlen: 22
103.236.64.0/22 maxlen: 22
103.236.68.0/22 maxlen: 22
103.236.72.0/22 maxlen: 22
103.236.76.0/22 maxlen: 22
103.236.80.0/22 maxlen: 22
103.236.84.0/22 maxlen: 22
103.236.88.0/22 maxlen: 22
103.236.92.0/22 maxlen: 22
103.236.96.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 27594 (0x6bca)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Jun 14 12:42:25 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=4047AFFA6E2070C062C24FAE2093A2FB8B277BF7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:d0:02:ef:dd:5b:0d:b7:18:b7:b9:e0:05:70:
22:63:b5:10:c3:1c:5c:2d:8f:db:c5:2a:12:20:11:
4e:f6:67:8e:73:65:cb:15:8d:cf:8d:f7:61:e3:2b:
d3:ff:2a:2a:9f:2c:83:c1:ed:8d:e8:67:03:b4:a4:
67:b4:e7:86:05:5b:ee:22:2f:bd:db:2a:d9:de:4a:
6d:4d:20:5a:9d:fa:5a:a5:52:74:e3:e4:28:a5:da:
07:d0:49:48:8f:e2:24:18:b2:d9:e8:c5:bf:02:ae:
07:7a:67:6e:35:23:5b:44:64:84:c3:ef:1c:6e:dc:
db:50:b7:66:01:8c:7e:cf:17:d3:fc:ec:db:e1:84:
a4:71:10:a7:1d:ea:55:d4:58:5e:4b:e3:3f:aa:c0:
c5:61:e9:6f:53:93:52:99:f8:de:80:71:ea:97:b8:
c1:1f:11:18:e7:58:d0:95:58:b2:c2:77:76:4d:85:
11:2f:4d:33:09:97:f5:d0:44:84:1c:50:c3:f1:36:
79:ad:e3:88:55:c5:42:93:37:ab:05:c1:da:ca:c7:
3c:e0:79:35:c2:0d:3d:ae:e8:df:8d:0a:a3:b6:5d:
2c:c1:6a:f1:eb:49:2e:dc:b6:2e:9e:a1:bd:1b:7d:
c1:5c:d4:21:b9:5b:e7:61:41:61:e0:43:5d:6c:89:
25:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:47:AF:FA:6E:20:70:C0:62:C2:4F:AE:20:93:A2:FB:8B:27:7B:F7
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/QEev-m4gcMBiwk-uIJOi-4sne_c.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.48.0/22
43.246.0.0/21
43.246.12.0-43.246.47.255
43.246.52.0-43.246.99.255
103.35.48.0/22
103.236.0.0-103.236.23.255
103.236.28.0-103.236.99.255
Signature Algorithm: sha256WithRSAEncryption
2f:72:43:14:7d:5a:28:16:31:25:ff:ef:6e:2d:84:b3:d4:9d:
e5:24:0e:e5:ad:13:84:0a:ea:9a:cb:c3:f5:f9:ee:2b:4f:05:
81:5c:70:65:1b:24:18:65:2e:d7:60:6f:46:f6:57:63:e0:bc:
13:5f:bd:3a:00:03:e5:4a:72:04:d8:60:75:6d:11:d3:78:17:
fa:b8:42:12:5a:a6:0d:7f:56:01:ca:0a:45:43:05:25:bf:4d:
c2:0a:da:00:14:eb:ec:b8:eb:80:c5:5a:4c:02:0e:5c:ab:9e:
f8:f8:be:d6:f5:9f:d2:54:6f:09:2e:b7:76:5b:5c:45:cc:07:
e6:38:8d:97:95:27:83:a8:be:22:73:ea:f0:b9:1c:e9:42:05:
98:c2:01:21:bc:bb:e3:e3:87:23:fc:a9:46:49:43:a3:90:67:
b9:00:39:5a:8f:57:7e:aa:59:8a:77:b3:41:d9:b5:65:6f:ff:
63:ba:3c:0a:45:6c:7e:08:f6:4d:b0:26:fb:60:d1:77:8e:8b:
6b:17:72:95:3b:c3:df:90:11:e6:ee:5b:f4:83:e3:78:53:f0:
01:11:eb:8d:57:d9:3f:15:5f:8a:55:3c:29:d8:9e:a3:04:d6:
49:de:7a:4a:5d:e0:a0:1d:46:b8:af:ac:38:93:6d:a4:f1:80:
ae:39:b6:2b
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgICa8owDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNTA2MTQx
MjQyMjVaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDQwNDdBRkZBNkUyMDcw
QzA2MkMyNEZBRTIwOTNBMkZCOEIyNzdCRjcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDl0ALv3VsNtxi3ueAFcCJjtRDDHFwtj9vFKhIgEU72Z45zZcsV
jc+N92HjK9P/KiqfLIPB7Y3oZwO0pGe054YFW+4iL73bKtneSm1NIFqd+lqlUnTj
5Cil2gfQSUiP4iQYstnoxb8Crgd6Z241I1tEZITD7xxu3NtQt2YBjH7PF9P87Nvh
hKRxEKcd6lXUWF5L4z+qwMVh6W9Tk1KZ+N6AceqXuMEfERjnWNCVWLLCd3ZNhREv
TTMJl/XQRIQcUMPxNnmt44hVxUKTN6sFwdrKxzzgeTXCDT2u6N+NCqO2XSzBavHr
SS7cti6eob0bfcFc1CG5W+dhQWHgQ11siSUtAgMBAAGjggI0MIICMDAdBgNVHQ4E
FgQUQEev+m4gcMBiwk+uIJOi+4sne/cwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1FFZXYtbTRnY01CaXdr
LXVJSk9pLTRzbmVfYy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwYgYIKwYBBQUHAQcBAf8EUzBRME8EAgABMEkD
BAIr7zADBAMr9gAwDAMEAiv2DAMEBCv2IDAMAwQCK/Y0AwQCK/ZgAwQCZyMwMAsD
AwJn7AMEA2fsEDAMAwQCZ+wcAwQCZ+xgMA0GCSqGSIb3DQEBCwUAA4IBAQAvckMU
fVooFjEl/+9uLYSz1J3lJA7lrROECuqay8P1+e4rTwWBXHBlGyQYZS7XYG9G9ldj
4LwTX706AAPlSnIE2GB1bRHTeBf6uEISWqYNf1YBygpFQwUlv03CCtoAFOvsuOuA
xVpMAg5cq574+L7W9Z/SVG8JLrd2W1xFzAfmOI2XlSeDqL4ic+rwuRzpQgWYwgEh
vLvj44cj/KlGSUOjkGe5ADlaj1d+qlmKd7NB2bVlb/9jujwKRWx+CPZNsCb7YNF3
jotrF3KVO8PfkBHm7lv0g+N4U/ABEeuNV9k/FV+KVTwp2J6jBNZJ3npKXeCgHUa4
r6w4k22k8YCuObYr
-----END CERTIFICATE-----
Generated at Sun Jun 22 12:12:27 2025 by rpki-client