Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/SA8Uf7obfNaHRC-KD-oIrzuMago.roa
File: SA8Uf7obfNaHRC-KD-oIrzuMago.roa (raw, json)
Hash identifier: QtH10OPzsgLglK2+tJerhkdEbg8xqYkk1KyoCurwVy4=
Subject key identifier: 48:0F:14:7F:BA:1B:7C:D6:87:44:2F:8A:0F:EA:08:AF:3B:8C:6A:0A
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 6C34
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/SA8Uf7obfNaHRC-KD-oIrzuMago.roa
Signing time: Sun 15 Jun 2025 15:12:26 +0000
ROA not before: Sun 15 Jun 2025 15:12:26 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 24426
IP address blocks: 43.239.48.0/22 maxlen: 22
43.246.0.0/22 maxlen: 22
43.246.4.0/22 maxlen: 22
43.246.12.0/22 maxlen: 22
43.246.16.0/22 maxlen: 22
43.246.20.0/22 maxlen: 22
43.246.24.0/22 maxlen: 22
43.246.28.0/22 maxlen: 22
43.246.32.0/22 maxlen: 22
43.246.36.0/22 maxlen: 22
43.246.40.0/22 maxlen: 22
43.246.44.0/22 maxlen: 22
43.246.52.0/22 maxlen: 22
43.246.56.0/22 maxlen: 22
43.246.60.0/22 maxlen: 22
43.246.64.0/22 maxlen: 22
43.246.68.0/22 maxlen: 22
43.246.72.0/22 maxlen: 22
43.246.76.0/22 maxlen: 22
43.246.80.0/22 maxlen: 22
43.246.84.0/22 maxlen: 22
43.246.88.0/22 maxlen: 22
43.246.92.0/22 maxlen: 22
43.246.96.0/22 maxlen: 22
103.35.48.0/22 maxlen: 22
103.236.0.0/22 maxlen: 22
103.236.4.0/22 maxlen: 22
103.236.8.0/22 maxlen: 22
103.236.12.0/22 maxlen: 22
103.236.16.0/22 maxlen: 22
103.236.20.0/22 maxlen: 22
103.236.28.0/22 maxlen: 22
103.236.32.0/22 maxlen: 22
103.236.36.0/22 maxlen: 22
103.236.40.0/22 maxlen: 22
103.236.44.0/22 maxlen: 22
103.236.48.0/22 maxlen: 22
103.236.52.0/22 maxlen: 22
103.236.56.0/22 maxlen: 22
103.236.60.0/22 maxlen: 22
103.236.64.0/22 maxlen: 22
103.236.68.0/22 maxlen: 22
103.236.72.0/22 maxlen: 22
103.236.76.0/22 maxlen: 22
103.236.80.0/22 maxlen: 22
103.236.84.0/22 maxlen: 22
103.236.88.0/22 maxlen: 22
103.236.92.0/22 maxlen: 22
103.236.96.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 27700 (0x6c34)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Jun 15 15:12:26 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=480F147FBA1B7CD687442F8A0FEA08AF3B8C6A0A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:6a:95:52:34:71:8a:c2:19:53:98:e7:98:3e:
42:63:0f:e8:81:52:47:3a:ec:15:49:b1:02:ae:03:
0d:8f:7f:7e:e5:84:34:40:98:82:cc:4c:0e:2b:a1:
4e:8d:06:1c:d8:6a:9d:39:7e:c8:0a:5a:a7:80:73:
2f:ea:39:b5:a1:f6:b4:d1:f3:16:24:3b:d6:bc:f7:
19:3e:2d:b3:1a:9b:32:ad:15:b3:f2:89:5d:2c:df:
ef:e8:3c:45:da:c6:76:92:37:1c:7e:c6:d9:9b:57:
58:e0:06:51:aa:5d:4d:e9:41:90:1c:33:01:f9:d9:
8b:a6:b1:89:2c:74:61:f3:50:b1:71:f2:a9:18:70:
c2:6d:c0:88:95:0a:c2:3a:2d:f5:b7:ef:e4:2c:63:
5a:8d:18:30:33:42:f0:aa:d8:1c:91:e4:ae:b4:5b:
cc:04:5e:f5:37:3d:84:cb:79:02:17:73:9a:68:0e:
9c:9f:26:41:e5:24:16:13:b4:01:7c:24:e0:12:2c:
aa:fd:0f:6e:9c:22:5e:89:52:3c:f5:e2:65:78:86:
bc:bf:d2:25:29:40:77:f0:7e:be:ad:49:10:3c:38:
88:a9:00:cb:69:98:a5:d2:f7:72:d4:1f:af:a6:aa:
94:bf:70:95:a0:70:a8:84:83:69:bb:31:d9:55:fa:
36:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:0F:14:7F:BA:1B:7C:D6:87:44:2F:8A:0F:EA:08:AF:3B:8C:6A:0A
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/SA8Uf7obfNaHRC-KD-oIrzuMago.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.48.0/22
43.246.0.0/21
43.246.12.0-43.246.47.255
43.246.52.0-43.246.99.255
103.35.48.0/22
103.236.0.0-103.236.23.255
103.236.28.0-103.236.99.255
Signature Algorithm: sha256WithRSAEncryption
b5:a5:6f:95:f9:02:3e:5c:07:96:75:40:34:a9:5a:5b:17:ad:
95:27:7b:f7:66:8a:fb:8b:a3:e9:89:d2:a1:c6:75:e3:40:d5:
cf:3b:af:2b:5e:ea:88:29:70:66:80:10:59:0c:e0:2e:49:90:
cd:ce:37:01:02:b2:e0:9d:a2:74:03:3c:2e:a8:4e:39:49:51:
44:e1:09:12:18:fc:7d:54:05:ea:81:66:f2:29:6d:b3:a3:02:
4f:c7:17:81:bf:ee:54:8f:29:b4:d6:ed:cd:27:4e:8b:15:1c:
80:f3:78:48:57:a4:76:54:2f:00:f6:4d:6e:66:28:b8:58:1c:
e5:3c:79:56:60:06:44:e1:ed:a0:49:14:ce:21:aa:0d:c3:b7:
99:cf:2c:1d:a3:75:d6:21:66:58:9b:0e:30:90:94:68:ce:ab:
2c:fe:ba:22:fd:fd:21:d1:85:62:c1:3a:be:ec:72:14:d6:6a:
88:53:c3:0d:fd:3e:56:0e:f9:a7:10:11:03:8f:60:a4:71:a3:
6e:82:3b:1a:22:a9:cf:21:9a:28:f7:90:95:22:db:21:02:c8:
9e:00:fa:2b:1c:da:94:19:05:89:0c:97:c1:2b:89:43:30:63:
40:89:50:81:17:e5:43:07:41:35:7c:5c:6d:1e:22:d2:5f:d2:
8b:13:79:79
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgICbDQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNTA2MTUx
NTEyMjZaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDQ4MEYxNDdGQkExQjdD
RDY4NzQ0MkY4QTBGRUEwOEFGM0I4QzZBMEEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC+apVSNHGKwhlTmOeYPkJjD+iBUkc67BVJsQKuAw2Pf37lhDRA
mILMTA4roU6NBhzYap05fsgKWqeAcy/qObWh9rTR8xYkO9a89xk+LbMamzKtFbPy
iV0s3+/oPEXaxnaSNxx+xtmbV1jgBlGqXU3pQZAcMwH52YumsYksdGHzULFx8qkY
cMJtwIiVCsI6LfW37+QsY1qNGDAzQvCq2ByR5K60W8wEXvU3PYTLeQIXc5poDpyf
JkHlJBYTtAF8JOASLKr9D26cIl6JUjz14mV4hry/0iUpQHfwfr6tSRA8OIipAMtp
mKXS93LUH6+mqpS/cJWgcKiEg2m7MdlV+jZnAgMBAAGjggI0MIICMDAdBgNVHQ4E
FgQUSA8Uf7obfNaHRC+KD+oIrzuMagowHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1NBOFVmN29iZk5hSFJD
LUtELW9Jcnp1TWFnby5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwYgYIKwYBBQUHAQcBAf8EUzBRME8EAgABMEkD
BAIr7zADBAMr9gAwDAMEAiv2DAMEBCv2IDAMAwQCK/Y0AwQCK/ZgAwQCZyMwMAsD
AwJn7AMEA2fsEDAMAwQCZ+wcAwQCZ+xgMA0GCSqGSIb3DQEBCwUAA4IBAQC1pW+V
+QI+XAeWdUA0qVpbF62VJ3v3Zor7i6PpidKhxnXjQNXPO68rXuqIKXBmgBBZDOAu
SZDNzjcBArLgnaJ0AzwuqE45SVFE4QkSGPx9VAXqgWbyKW2zowJPxxeBv+5Ujym0
1u3NJ06LFRyA83hIV6R2VC8A9k1uZii4WBzlPHlWYAZE4e2gSRTOIaoNw7eZzywd
o3XWIWZYmw4wkJRozqss/roi/f0h0YViwTq+7HIU1mqIU8MN/T5WDvmnEBEDj2Ck
caNugjsaIqnPIZoo95CVItshAsieAPorHNqUGQWJDJfBK4lDMGNAiVCBF+VDB0E1
fFxtHiLSX9KLE3l5
-----END CERTIFICATE-----
Generated at Sat Jun 21 16:17:44 2025 by rpki-client