Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/QT8ymlHkL700h7J_4d2gcG7Lpuo.roa
File: QT8ymlHkL700h7J_4d2gcG7Lpuo.roa (raw, json)
Hash identifier: wJaoCyplLss43hA/Lw5Icx8NcLIPgQnvpwvjO9B8oUM=
Subject key identifier: 41:3F:32:9A:51:E4:2F:BD:34:87:B2:7F:E1:DD:A0:70:6E:CB:A6:EA
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 60FC
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/QT8ymlHkL700h7J_4d2gcG7Lpuo.roa
Signing time: Fri 16 May 2025 17:13:51 +0000
ROA not before: Fri 16 May 2025 17:13:51 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 24426
IP address blocks: 43.239.48.0/22 maxlen: 22
43.246.0.0/22 maxlen: 22
43.246.4.0/22 maxlen: 22
43.246.12.0/22 maxlen: 22
43.246.16.0/22 maxlen: 22
43.246.20.0/22 maxlen: 22
43.246.24.0/22 maxlen: 22
43.246.28.0/22 maxlen: 22
43.246.32.0/22 maxlen: 22
43.246.36.0/22 maxlen: 22
43.246.40.0/22 maxlen: 22
43.246.44.0/22 maxlen: 22
43.246.52.0/22 maxlen: 22
43.246.56.0/22 maxlen: 22
43.246.60.0/22 maxlen: 22
43.246.64.0/22 maxlen: 22
43.246.68.0/22 maxlen: 22
43.246.72.0/22 maxlen: 22
43.246.76.0/22 maxlen: 22
43.246.80.0/22 maxlen: 22
43.246.84.0/22 maxlen: 22
43.246.88.0/22 maxlen: 22
43.246.92.0/22 maxlen: 22
43.246.96.0/22 maxlen: 22
103.35.48.0/22 maxlen: 22
103.236.0.0/22 maxlen: 22
103.236.4.0/22 maxlen: 22
103.236.8.0/22 maxlen: 22
103.236.12.0/22 maxlen: 22
103.236.16.0/22 maxlen: 22
103.236.20.0/22 maxlen: 22
103.236.28.0/22 maxlen: 22
103.236.32.0/22 maxlen: 22
103.236.36.0/22 maxlen: 22
103.236.40.0/22 maxlen: 22
103.236.44.0/22 maxlen: 22
103.236.48.0/22 maxlen: 22
103.236.52.0/22 maxlen: 22
103.236.56.0/22 maxlen: 22
103.236.60.0/22 maxlen: 22
103.236.64.0/22 maxlen: 22
103.236.68.0/22 maxlen: 22
103.236.72.0/22 maxlen: 22
103.236.76.0/22 maxlen: 22
103.236.80.0/22 maxlen: 22
103.236.84.0/22 maxlen: 22
103.236.88.0/22 maxlen: 22
103.236.92.0/22 maxlen: 22
103.236.96.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 24828 (0x60fc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 16 17:13:51 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=413F329A51E42FBD3487B27FE1DDA0706ECBA6EA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:f4:b3:b1:67:74:75:f5:09:1c:82:09:06:c3:
29:f1:65:de:66:52:6b:77:98:a9:5c:9c:ed:b1:db:
aa:e9:bc:6d:6e:fa:11:16:c9:ac:d7:2d:8c:0b:7c:
9e:38:cd:f3:0f:44:ee:69:28:dc:44:4f:c8:3d:7e:
9e:0d:1c:bc:a0:e1:c1:c1:9d:c2:1e:67:2a:92:7f:
2b:2a:01:2e:c1:8e:30:7a:5e:51:33:40:55:c8:00:
97:e5:73:86:3d:38:a2:20:cb:14:28:9c:17:a6:f2:
52:52:51:6d:0f:a4:9a:3a:39:d5:72:38:f5:d7:fc:
53:d4:f7:42:f6:70:9b:d3:c8:7f:59:c9:be:14:3b:
2c:bb:6d:54:65:18:39:c4:03:b8:0c:33:ec:79:98:
ed:36:4a:7d:47:7a:3d:f2:73:c2:55:a5:63:af:57:
1a:ca:96:f9:df:19:5b:fd:96:80:0e:f7:db:d4:d5:
f0:9a:00:e6:19:7c:af:59:f0:15:33:87:b4:86:58:
0d:02:30:f1:eb:1f:ef:48:06:f5:e7:33:92:0b:d1:
56:b3:b0:a4:d2:16:e8:c3:12:57:c2:f0:7b:77:ea:
c6:d4:8d:a5:f3:dc:12:a6:68:0b:31:99:aa:f6:52:
37:5a:0e:3f:28:95:4e:b3:d3:21:98:1e:83:ca:69:
fd:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:3F:32:9A:51:E4:2F:BD:34:87:B2:7F:E1:DD:A0:70:6E:CB:A6:EA
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/QT8ymlHkL700h7J_4d2gcG7Lpuo.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.48.0/22
43.246.0.0/21
43.246.12.0-43.246.47.255
43.246.52.0-43.246.99.255
103.35.48.0/22
103.236.0.0-103.236.23.255
103.236.28.0-103.236.99.255
Signature Algorithm: sha256WithRSAEncryption
21:26:62:10:19:03:49:47:67:22:15:2e:d2:9b:b8:b4:8b:45:
96:9a:70:c6:f1:f5:0f:42:80:c7:b1:d3:d3:d7:38:76:e5:f4:
9b:dd:97:16:c3:82:55:ee:06:8d:27:d7:a1:13:e7:3c:9b:56:
38:06:3c:94:0c:a8:fa:2d:4a:24:5e:84:74:87:da:5f:8c:5d:
2c:10:db:7e:c5:2e:5b:f9:c5:f1:4b:b6:0d:7e:30:7d:fb:4a:
c5:70:e7:d5:c8:64:49:45:64:2b:97:f2:9b:14:3d:cb:dc:96:
7b:c7:e3:c7:23:bf:02:b9:8d:f8:d1:a1:02:50:d0:c0:63:6b:
d2:9f:d4:0f:db:9f:11:45:e4:58:e8:08:04:c9:1d:9a:9a:1d:
69:0c:1a:f1:e5:a3:c1:4e:18:20:25:f9:70:28:cf:d2:14:b9:
fe:1d:c1:2b:f2:14:b6:47:13:57:9a:1a:5b:57:84:8b:a9:0a:
29:11:97:88:8a:dd:d1:a7:93:e2:ec:fd:bc:51:83:92:d4:17:
20:af:82:a1:f8:de:de:00:c8:97:c6:01:57:28:10:e0:6b:7f:
f0:b2:a7:5f:7f:18:32:9e:97:75:bf:4b:bd:34:a6:fe:01:5d:
af:4b:e4:7d:13:78:7f:95:91:64:0c:3a:12:18:96:08:7e:c2:
d3:b7:5d:99
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgICYPwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNTA1MTYx
NzEzNTFaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDQxM0YzMjlBNTFFNDJG
QkQzNDg3QjI3RkUxRERBMDcwNkVDQkE2RUEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDj9LOxZ3R19QkcggkGwynxZd5mUmt3mKlcnO2x26rpvG1u+hEW
yazXLYwLfJ44zfMPRO5pKNxET8g9fp4NHLyg4cHBncIeZyqSfysqAS7BjjB6XlEz
QFXIAJflc4Y9OKIgyxQonBem8lJSUW0PpJo6OdVyOPXX/FPU90L2cJvTyH9Zyb4U
Oyy7bVRlGDnEA7gMM+x5mO02Sn1Hej3yc8JVpWOvVxrKlvnfGVv9loAO99vU1fCa
AOYZfK9Z8BUzh7SGWA0CMPHrH+9IBvXnM5IL0VazsKTSFujDElfC8Ht36sbUjaXz
3BKmaAsxmar2UjdaDj8olU6z0yGYHoPKaf2vAgMBAAGjggI0MIICMDAdBgNVHQ4E
FgQUQT8ymlHkL700h7J/4d2gcG7LpuowHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1FUOHltbEhrTDcwMGg3
Sl80ZDJnY0c3THB1by5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwYgYIKwYBBQUHAQcBAf8EUzBRME8EAgABMEkD
BAIr7zADBAMr9gAwDAMEAiv2DAMEBCv2IDAMAwQCK/Y0AwQCK/ZgAwQCZyMwMAsD
AwJn7AMEA2fsEDAMAwQCZ+wcAwQCZ+xgMA0GCSqGSIb3DQEBCwUAA4IBAQAhJmIQ
GQNJR2ciFS7Sm7i0i0WWmnDG8fUPQoDHsdPT1zh25fSb3ZcWw4JV7gaNJ9ehE+c8
m1Y4BjyUDKj6LUokXoR0h9pfjF0sENt+xS5b+cXxS7YNfjB9+0rFcOfVyGRJRWQr
l/KbFD3L3JZ7x+PHI78CuY340aECUNDAY2vSn9QP258RReRY6AgEyR2amh1pDBrx
5aPBThggJflwKM/SFLn+HcEr8hS2RxNXmhpbV4SLqQopEZeIit3Rp5Pi7P28UYOS
1Bcgr4Kh+N7eAMiXxgFXKBDga3/wsqdffxgynpd1v0u9NKb+AV2vS+R9E3h/lZFk
DDoSGJYIfsLTt12Z
-----END CERTIFICATE-----
Generated at Sun Jun 22 01:10:57 2025 by rpki-client