Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/ZoQbl98kyGM_SKTOSQ3nacDIaiM.roa
File: ZoQbl98kyGM_SKTOSQ3nacDIaiM.roa (raw, json)
Hash identifier: VIXjmphd8hlaakdSDQG+DYwM5ExbMpW7kSdLzpu2OUY=
Subject key identifier: 66:84:1B:97:DF:24:C8:63:3F:48:A4:CE:49:0D:E7:69:C0:C8:6A:23
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 5F98
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/ZoQbl98kyGM_SKTOSQ3nacDIaiM.roa
Signing time: Tue 13 May 2025 00:11:46 +0000
ROA not before: Tue 13 May 2025 00:11:46 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 24426
IP address blocks: 43.239.48.0/22 maxlen: 22
43.246.0.0/22 maxlen: 22
43.246.4.0/22 maxlen: 22
43.246.12.0/22 maxlen: 22
43.246.16.0/22 maxlen: 22
43.246.20.0/22 maxlen: 22
43.246.24.0/22 maxlen: 22
43.246.28.0/22 maxlen: 22
43.246.32.0/22 maxlen: 22
43.246.36.0/22 maxlen: 22
43.246.40.0/22 maxlen: 22
43.246.44.0/22 maxlen: 22
43.246.52.0/22 maxlen: 22
43.246.56.0/22 maxlen: 22
43.246.60.0/22 maxlen: 22
43.246.64.0/22 maxlen: 22
43.246.68.0/22 maxlen: 22
43.246.72.0/22 maxlen: 22
43.246.76.0/22 maxlen: 22
43.246.80.0/22 maxlen: 22
43.246.84.0/22 maxlen: 22
43.246.88.0/22 maxlen: 22
43.246.92.0/22 maxlen: 22
43.246.96.0/22 maxlen: 22
103.35.48.0/22 maxlen: 22
103.236.0.0/22 maxlen: 22
103.236.4.0/22 maxlen: 22
103.236.8.0/22 maxlen: 22
103.236.12.0/22 maxlen: 22
103.236.16.0/22 maxlen: 22
103.236.20.0/22 maxlen: 22
103.236.28.0/22 maxlen: 22
103.236.32.0/22 maxlen: 22
103.236.36.0/22 maxlen: 22
103.236.40.0/22 maxlen: 22
103.236.44.0/22 maxlen: 22
103.236.48.0/22 maxlen: 22
103.236.52.0/22 maxlen: 22
103.236.56.0/22 maxlen: 22
103.236.60.0/22 maxlen: 22
103.236.64.0/22 maxlen: 22
103.236.68.0/22 maxlen: 22
103.236.72.0/22 maxlen: 22
103.236.76.0/22 maxlen: 22
103.236.80.0/22 maxlen: 22
103.236.84.0/22 maxlen: 22
103.236.88.0/22 maxlen: 22
103.236.92.0/22 maxlen: 22
103.236.96.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 24472 (0x5f98)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 13 00:11:46 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=66841B97DF24C8633F48A4CE490DE769C0C86A23
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:bb:ee:58:f1:19:70:ca:8d:cc:27:75:17:12:
4c:bf:fd:22:b8:3f:fb:f3:8b:9a:44:bd:5a:80:83:
2c:09:90:dc:3e:99:a0:29:f4:23:61:f5:2d:aa:79:
1d:99:26:d4:a1:b4:32:14:cc:c1:e5:06:6d:f3:2e:
4f:83:16:32:cb:78:ef:51:b4:28:b5:ac:17:aa:e4:
38:28:25:e3:5b:c6:4f:be:02:6c:d5:b4:db:25:3e:
ca:e5:c0:29:1a:78:cb:b3:86:f4:fd:e4:36:9f:f9:
98:54:0f:58:0b:f6:17:b2:a7:3a:a6:b6:e8:94:6b:
14:26:48:1d:8a:02:18:97:1c:5b:f7:ca:f5:25:34:
3c:59:49:0b:20:fd:47:25:74:ae:da:95:f5:32:c2:
51:b6:d4:68:cd:ef:76:08:a2:94:49:c3:27:08:52:
d6:49:87:af:d2:e3:e0:95:68:93:e7:5b:23:8b:3a:
79:95:c0:1b:eb:2a:c6:6b:25:c4:6e:0d:1b:d0:3b:
12:25:fb:27:66:2a:79:bc:46:9a:b7:d2:b9:a4:02:
45:30:85:de:0e:4c:9a:41:be:f1:2f:12:bb:3b:80:
33:04:be:0c:04:c7:42:27:66:db:48:8d:57:45:4d:
96:f0:e6:1d:8e:1d:c7:18:46:bb:67:8e:c0:de:df:
6a:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:84:1B:97:DF:24:C8:63:3F:48:A4:CE:49:0D:E7:69:C0:C8:6A:23
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/ZoQbl98kyGM_SKTOSQ3nacDIaiM.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.48.0/22
43.246.0.0/21
43.246.12.0-43.246.47.255
43.246.52.0-43.246.99.255
103.35.48.0/22
103.236.0.0-103.236.23.255
103.236.28.0-103.236.99.255
Signature Algorithm: sha256WithRSAEncryption
71:56:e8:59:24:de:63:77:4d:b8:4f:33:bf:72:30:9b:81:2a:
93:b2:69:df:db:82:6e:dd:60:06:fa:55:81:5a:79:ed:f8:95:
05:e8:a8:02:60:81:87:d0:78:eb:ba:df:7b:1c:49:e7:02:16:
08:55:fa:9a:90:8f:38:19:89:ba:1e:69:9b:6a:38:ea:5e:d2:
9f:69:71:e3:d3:0c:9f:06:07:04:01:58:36:ae:c4:90:f6:98:
a8:bf:d2:1a:6c:a0:e8:dd:95:47:4e:f0:18:ca:d9:48:71:22:
ec:a9:9b:6e:71:72:05:8f:95:86:1b:7c:99:51:ed:0e:9e:3f:
81:46:2c:c2:b5:eb:3b:c3:fa:00:03:15:dc:b5:c1:32:e3:7b:
56:74:78:61:17:86:d3:8e:6c:6c:4c:83:61:86:dc:a7:fe:64:
8d:98:64:1c:d6:bf:f5:35:fb:44:a2:30:44:09:ad:ec:5b:2c:
05:ce:e3:e6:43:71:08:13:a0:52:ed:78:44:32:1f:e2:43:86:
eb:67:08:f0:9d:c9:36:9e:b9:b6:54:fd:58:19:cc:40:04:9d:
ee:34:52:82:b1:0f:3d:ae:3d:c1:43:d6:98:b5:9a:86:cb:71:
cf:c7:51:d4:7e:4c:4d:72:d9:09:0d:5f:1d:93:1a:51:3d:9e:
ea:2b:52:50
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgICX5gwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNTA1MTMw
MDExNDZaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDY2ODQxQjk3REYyNEM4
NjMzRjQ4QTRDRTQ5MERFNzY5QzBDODZBMjMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDRu+5Y8Rlwyo3MJ3UXEky//SK4P/vzi5pEvVqAgywJkNw+maAp
9CNh9S2qeR2ZJtShtDIUzMHlBm3zLk+DFjLLeO9RtCi1rBeq5DgoJeNbxk++AmzV
tNslPsrlwCkaeMuzhvT95Daf+ZhUD1gL9heypzqmtuiUaxQmSB2KAhiXHFv3yvUl
NDxZSQsg/UcldK7alfUywlG21GjN73YIopRJwycIUtZJh6/S4+CVaJPnWyOLOnmV
wBvrKsZrJcRuDRvQOxIl+ydmKnm8Rpq30rmkAkUwhd4OTJpBvvEvErs7gDMEvgwE
x0InZttIjVdFTZbw5h2OHccYRrtnjsDe32oXAgMBAAGjggI0MIICMDAdBgNVHQ4E
FgQUZoQbl98kyGM/SKTOSQ3nacDIaiMwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1pvUWJsOThreUdNX1NL
VE9TUTNuYWNESWFpTS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwYgYIKwYBBQUHAQcBAf8EUzBRME8EAgABMEkD
BAIr7zADBAMr9gAwDAMEAiv2DAMEBCv2IDAMAwQCK/Y0AwQCK/ZgAwQCZyMwMAsD
AwJn7AMEA2fsEDAMAwQCZ+wcAwQCZ+xgMA0GCSqGSIb3DQEBCwUAA4IBAQBxVuhZ
JN5jd024TzO/cjCbgSqTsmnf24Ju3WAG+lWBWnnt+JUF6KgCYIGH0Hjrut97HEnn
AhYIVfqakI84GYm6HmmbajjqXtKfaXHj0wyfBgcEAVg2rsSQ9piov9IabKDo3ZVH
TvAYytlIcSLsqZtucXIFj5WGG3yZUe0Onj+BRizCtes7w/oAAxXctcEy43tWdHhh
F4bTjmxsTINhhtyn/mSNmGQc1r/1NftEojBECa3sWywFzuPmQ3EIE6BS7XhEMh/i
Q4brZwjwnck2nrm2VP1YGcxABJ3uNFKCsQ89rj3BQ9aYtZqGy3HPx1HUfkxNctkJ
DV8dkxpRPZ7qK1JQ
-----END CERTIFICATE-----
Generated at Sat Jun 21 17:50:34 2025 by rpki-client