Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/WVgs_pdRU1Z6a0rAanlsKf9paug.roa
File: WVgs_pdRU1Z6a0rAanlsKf9paug.roa (raw, json)
Hash identifier: 2eGeaAs61h3AEfzQh6V/05P8Oya2gg0npK/4NkF/7ls=
Subject key identifier: 59:58:2C:FE:97:51:53:56:7A:6B:4A:C0:6A:79:6C:29:FF:69:6A:E8
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 6176
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/WVgs_pdRU1Z6a0rAanlsKf9paug.roa
Signing time: Sat 17 May 2025 23:40:29 +0000
ROA not before: Sat 17 May 2025 23:40:29 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 24426
IP address blocks: 43.239.48.0/22 maxlen: 22
43.246.0.0/22 maxlen: 22
43.246.4.0/22 maxlen: 22
43.246.12.0/22 maxlen: 22
43.246.16.0/22 maxlen: 22
43.246.20.0/22 maxlen: 22
43.246.24.0/22 maxlen: 22
43.246.28.0/22 maxlen: 22
43.246.32.0/22 maxlen: 22
43.246.36.0/22 maxlen: 22
43.246.40.0/22 maxlen: 22
43.246.44.0/22 maxlen: 22
43.246.52.0/22 maxlen: 22
43.246.56.0/22 maxlen: 22
43.246.60.0/22 maxlen: 22
43.246.64.0/22 maxlen: 22
43.246.68.0/22 maxlen: 22
43.246.72.0/22 maxlen: 22
43.246.76.0/22 maxlen: 22
43.246.80.0/22 maxlen: 22
43.246.84.0/22 maxlen: 22
43.246.88.0/22 maxlen: 22
43.246.92.0/22 maxlen: 22
43.246.96.0/22 maxlen: 22
103.35.48.0/22 maxlen: 22
103.236.0.0/22 maxlen: 22
103.236.4.0/22 maxlen: 22
103.236.8.0/22 maxlen: 22
103.236.12.0/22 maxlen: 22
103.236.16.0/22 maxlen: 22
103.236.20.0/22 maxlen: 22
103.236.28.0/22 maxlen: 22
103.236.32.0/22 maxlen: 22
103.236.36.0/22 maxlen: 22
103.236.40.0/22 maxlen: 22
103.236.44.0/22 maxlen: 22
103.236.48.0/22 maxlen: 22
103.236.52.0/22 maxlen: 22
103.236.56.0/22 maxlen: 22
103.236.60.0/22 maxlen: 22
103.236.64.0/22 maxlen: 22
103.236.68.0/22 maxlen: 22
103.236.72.0/22 maxlen: 22
103.236.76.0/22 maxlen: 22
103.236.80.0/22 maxlen: 22
103.236.84.0/22 maxlen: 22
103.236.88.0/22 maxlen: 22
103.236.92.0/22 maxlen: 22
103.236.96.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 24950 (0x6176)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 17 23:40:29 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=59582CFE975153567A6B4AC06A796C29FF696AE8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:bf:64:4e:40:08:07:1c:83:c6:d3:18:26:27:
89:8e:be:dd:1a:f7:e7:54:a1:e6:12:fc:08:64:68:
50:c8:09:f5:4d:6a:a3:ea:c9:d9:f0:7a:f9:ad:34:
0b:7d:d3:49:83:0d:8e:2a:b7:b7:d0:c0:f3:0f:77:
5e:4f:f8:fe:53:c9:46:81:37:b3:75:df:ee:85:03:
75:94:05:79:ed:99:df:27:42:0c:42:c3:f3:b6:56:
3c:8a:9b:ff:62:9d:d0:10:14:35:e0:86:50:ad:5e:
9d:98:dd:c9:65:85:83:b8:41:e3:e7:a1:21:ca:90:
70:99:ae:dc:17:63:8e:c7:ab:52:60:a5:b2:1d:bd:
89:bf:5a:04:b4:bf:7d:8f:07:54:f8:04:eb:c3:af:
9d:25:21:22:4c:a2:fb:f0:5d:ab:4c:51:ee:6d:15:
e0:df:aa:3d:41:e5:47:19:a9:b6:b3:8a:fe:79:56:
c4:95:35:5b:8e:ea:28:9b:57:aa:cd:bb:1d:a0:0e:
37:2b:46:41:81:d4:29:7c:a5:be:c1:f6:cd:85:8e:
da:b7:6d:6d:32:41:8e:6b:6d:a5:a8:a8:72:37:65:
4e:f8:94:6f:12:ca:e2:db:f4:af:00:4c:65:f7:1e:
19:56:00:40:62:fc:52:f5:0f:13:f8:c0:85:66:45:
4e:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:58:2C:FE:97:51:53:56:7A:6B:4A:C0:6A:79:6C:29:FF:69:6A:E8
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/WVgs_pdRU1Z6a0rAanlsKf9paug.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.48.0/22
43.246.0.0/21
43.246.12.0-43.246.47.255
43.246.52.0-43.246.99.255
103.35.48.0/22
103.236.0.0-103.236.23.255
103.236.28.0-103.236.99.255
Signature Algorithm: sha256WithRSAEncryption
6e:14:fd:46:a3:cf:ca:f6:b8:41:58:72:7a:a8:a7:43:d7:8e:
19:2e:bc:29:75:0f:91:90:20:b0:31:7c:b2:dc:f8:4d:ca:60:
65:a5:09:44:ed:ef:75:42:47:68:e7:4f:1c:29:4e:c6:a5:c2:
e0:07:4e:60:15:51:76:4a:0c:ea:95:97:24:2e:18:b1:3c:18:
24:e9:f9:26:7d:ae:b8:81:96:14:b9:80:0b:8c:ff:4b:86:a3:
89:ad:08:08:5d:a4:24:58:d5:ed:e1:13:65:73:00:e8:3c:05:
5f:39:18:4c:01:86:ae:b9:6e:83:dc:09:1b:26:70:ca:00:09:
af:1c:be:7a:dc:65:1c:56:a6:f5:19:ef:da:b8:7f:af:f3:c8:
28:e3:47:a7:5a:65:c4:88:eb:6b:40:00:c4:61:70:71:5d:9c:
ff:0b:d0:2e:7a:fe:8f:90:81:d5:0f:e5:83:a5:a6:a3:20:19:
42:0d:7a:e8:18:1b:d4:8f:2b:d4:a0:f5:40:5e:d9:12:af:7f:
f9:1c:f0:fa:bd:45:75:26:cf:75:f7:8b:fd:da:38:f5:f3:7d:
a2:2c:f1:62:f1:2d:0a:d1:d2:07:87:f7:8f:42:ca:39:3f:25:
d8:bb:88:d4:12:54:9d:eb:be:19:c5:47:a9:79:47:ec:a0:d2:
70:d9:6b:64
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgICYXYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNTA1MTcy
MzQwMjlaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDU5NTgyQ0ZFOTc1MTUz
NTY3QTZCNEFDMDZBNzk2QzI5RkY2OTZBRTgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDWv2ROQAgHHIPG0xgmJ4mOvt0a9+dUoeYS/AhkaFDICfVNaqPq
ydnwevmtNAt900mDDY4qt7fQwPMPd15P+P5TyUaBN7N13+6FA3WUBXntmd8nQgxC
w/O2VjyKm/9indAQFDXghlCtXp2Y3cllhYO4QePnoSHKkHCZrtwXY47Hq1JgpbId
vYm/WgS0v32PB1T4BOvDr50lISJMovvwXatMUe5tFeDfqj1B5UcZqbaziv55VsSV
NVuO6iibV6rNux2gDjcrRkGB1Cl8pb7B9s2Fjtq3bW0yQY5rbaWoqHI3ZU74lG8S
yuLb9K8ATGX3HhlWAEBi/FL1DxP4wIVmRU5NAgMBAAGjggI0MIICMDAdBgNVHQ4E
FgQUWVgs/pdRU1Z6a0rAanlsKf9paugwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1dWZ3NfcGRSVTFaNmEw
ckFhbmxzS2Y5cGF1Zy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwYgYIKwYBBQUHAQcBAf8EUzBRME8EAgABMEkD
BAIr7zADBAMr9gAwDAMEAiv2DAMEBCv2IDAMAwQCK/Y0AwQCK/ZgAwQCZyMwMAsD
AwJn7AMEA2fsEDAMAwQCZ+wcAwQCZ+xgMA0GCSqGSIb3DQEBCwUAA4IBAQBuFP1G
o8/K9rhBWHJ6qKdD144ZLrwpdQ+RkCCwMXyy3PhNymBlpQlE7e91Qkdo508cKU7G
pcLgB05gFVF2SgzqlZckLhixPBgk6fkmfa64gZYUuYALjP9LhqOJrQgIXaQkWNXt
4RNlcwDoPAVfORhMAYauuW6D3AkbJnDKAAmvHL563GUcVqb1Ge/auH+v88go40en
WmXEiOtrQADEYXBxXZz/C9Auev6PkIHVD+WDpaajIBlCDXroGBvUjyvUoPVAXtkS
r3/5HPD6vUV1Js9194v92jj1832iLPFi8S0K0dIHh/ePQso5PyXYu4jUElSd674Z
xUepeUfsoNJw2Wtk
-----END CERTIFICATE-----
Generated at Sat Jun 21 22:22:54 2025 by rpki-client