Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/dvAHmdUa48JZPZ0MYl6z-M1At4E.roa
File: dvAHmdUa48JZPZ0MYl6z-M1At4E.roa (raw, json)
Hash identifier: 67VWDFhdgH0zQFtPsaDx3g7tR8iKYXPTcpZtj09xQU8=
Subject key identifier: 76:F0:07:99:D5:1A:E3:C2:59:3D:9D:0C:62:5E:B3:F8:CD:40:B7:81
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 5FB6
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/dvAHmdUa48JZPZ0MYl6z-M1At4E.roa
Signing time: Tue 13 May 2025 07:40:16 +0000
ROA not before: Tue 13 May 2025 07:40:16 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 24426
IP address blocks: 43.239.48.0/22 maxlen: 22
43.246.0.0/22 maxlen: 22
43.246.4.0/22 maxlen: 22
43.246.12.0/22 maxlen: 22
43.246.16.0/22 maxlen: 22
43.246.20.0/22 maxlen: 22
43.246.24.0/22 maxlen: 22
43.246.28.0/22 maxlen: 22
43.246.32.0/22 maxlen: 22
43.246.36.0/22 maxlen: 22
43.246.40.0/22 maxlen: 22
43.246.44.0/22 maxlen: 22
43.246.52.0/22 maxlen: 22
43.246.56.0/22 maxlen: 22
43.246.60.0/22 maxlen: 22
43.246.64.0/22 maxlen: 22
43.246.68.0/22 maxlen: 22
43.246.72.0/22 maxlen: 22
43.246.76.0/22 maxlen: 22
43.246.80.0/22 maxlen: 22
43.246.84.0/22 maxlen: 22
43.246.88.0/22 maxlen: 22
43.246.92.0/22 maxlen: 22
43.246.96.0/22 maxlen: 22
103.35.48.0/22 maxlen: 22
103.236.0.0/22 maxlen: 22
103.236.4.0/22 maxlen: 22
103.236.8.0/22 maxlen: 22
103.236.12.0/22 maxlen: 22
103.236.16.0/22 maxlen: 22
103.236.20.0/22 maxlen: 22
103.236.28.0/22 maxlen: 22
103.236.32.0/22 maxlen: 22
103.236.36.0/22 maxlen: 22
103.236.40.0/22 maxlen: 22
103.236.44.0/22 maxlen: 22
103.236.48.0/22 maxlen: 22
103.236.52.0/22 maxlen: 22
103.236.56.0/22 maxlen: 22
103.236.60.0/22 maxlen: 22
103.236.64.0/22 maxlen: 22
103.236.68.0/22 maxlen: 22
103.236.72.0/22 maxlen: 22
103.236.76.0/22 maxlen: 22
103.236.80.0/22 maxlen: 22
103.236.84.0/22 maxlen: 22
103.236.88.0/22 maxlen: 22
103.236.92.0/22 maxlen: 22
103.236.96.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 24502 (0x5fb6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 13 07:40:16 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=76F00799D51AE3C2593D9D0C625EB3F8CD40B781
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:16:9e:04:d3:37:52:fb:d6:20:8d:f4:0a:6b:
9d:81:5b:ee:50:b1:70:de:37:0f:94:d9:c4:f4:ee:
66:1a:25:a6:cc:5b:0d:f2:1c:ce:31:2f:01:06:fa:
de:5f:4f:bc:c3:9b:93:36:93:d0:9b:ea:75:0c:aa:
ae:e5:41:06:0e:b6:f0:d2:73:90:21:5e:11:76:57:
fc:05:c2:90:e7:e7:7f:58:d0:87:d7:71:81:f8:08:
d1:2e:4d:57:13:d1:2d:b4:d7:86:8c:70:af:7a:6a:
94:fc:f1:55:5b:d8:97:97:80:06:d9:7d:0b:e5:83:
28:78:bc:3c:21:17:1e:ac:10:82:37:18:52:de:f9:
e3:42:43:20:a6:1c:22:a9:a8:14:b7:94:9c:a7:9a:
27:42:f5:7c:f6:fb:e1:45:7c:30:93:e7:01:18:d2:
80:82:3a:46:d0:16:51:f6:14:2d:2a:49:71:90:ea:
16:3c:cc:21:b7:3b:b2:5c:af:77:ec:77:b2:a5:f2:
c6:ef:0c:15:eb:04:6b:c0:a0:80:e8:62:34:68:8a:
b5:a5:6c:a8:10:54:6a:91:eb:10:33:63:ab:4b:9f:
a9:4c:90:6c:4c:cb:f0:72:02:47:32:b7:a6:7c:da:
86:fe:59:34:27:52:28:35:91:66:cf:c6:5d:4e:db:
9c:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:F0:07:99:D5:1A:E3:C2:59:3D:9D:0C:62:5E:B3:F8:CD:40:B7:81
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/dvAHmdUa48JZPZ0MYl6z-M1At4E.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.48.0/22
43.246.0.0/21
43.246.12.0-43.246.47.255
43.246.52.0-43.246.99.255
103.35.48.0/22
103.236.0.0-103.236.23.255
103.236.28.0-103.236.99.255
Signature Algorithm: sha256WithRSAEncryption
41:a7:f1:bd:15:99:56:ca:52:26:40:d2:11:86:8b:02:b2:9e:
19:c3:73:57:c0:6f:82:99:46:99:44:ac:d4:c8:4f:f2:48:87:
d2:5b:de:8e:fa:2b:a7:53:4d:df:13:d6:bf:21:c1:b3:01:87:
7b:52:8a:24:c5:a4:af:21:cc:6a:05:29:f2:c5:04:a5:04:45:
5b:ea:e8:e7:ef:14:1c:35:0a:44:fb:44:da:dd:94:a3:99:5f:
c8:71:51:ba:69:ab:df:c5:bb:26:e3:75:d9:4b:46:6c:c1:b6:
80:87:94:28:3b:0b:2e:ab:22:c3:04:9a:e1:78:39:65:f1:88:
0e:e9:73:17:92:1f:06:d7:79:2d:5d:6e:ca:b9:2a:72:9e:fe:
8e:87:d3:27:c1:1d:25:3c:30:cd:92:4e:19:49:95:00:dd:4f:
64:d0:f6:fe:49:23:57:d5:42:a2:de:1a:91:23:fa:9c:a0:06:
d7:d0:fa:03:b7:3e:a3:c0:35:1d:f2:d0:84:ee:fc:9c:ef:9f:
f6:f5:63:f4:b4:7c:d6:b8:17:59:25:4d:a7:3e:94:eb:c9:3d:
45:f2:5a:98:86:8e:f2:3c:45:08:d6:30:36:11:c3:b5:a2:6f:
d0:80:c3:cf:8c:a1:0d:76:a1:72:71:59:24:87:8d:38:2c:2a:
1e:3b:9f:39
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgICX7YwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNTA1MTMw
NzQwMTZaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDc2RjAwNzk5RDUxQUUz
QzI1OTNEOUQwQzYyNUVCM0Y4Q0Q0MEI3ODEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDrFp4E0zdS+9YgjfQKa52BW+5QsXDeNw+U2cT07mYaJabMWw3y
HM4xLwEG+t5fT7zDm5M2k9Cb6nUMqq7lQQYOtvDSc5AhXhF2V/wFwpDn539Y0IfX
cYH4CNEuTVcT0S2014aMcK96apT88VVb2JeXgAbZfQvlgyh4vDwhFx6sEII3GFLe
+eNCQyCmHCKpqBS3lJynmidC9Xz2++FFfDCT5wEY0oCCOkbQFlH2FC0qSXGQ6hY8
zCG3O7Jcr3fsd7Kl8sbvDBXrBGvAoIDoYjRoirWlbKgQVGqR6xAzY6tLn6lMkGxM
y/ByAkcyt6Z82ob+WTQnUig1kWbPxl1O25x9AgMBAAGjggI0MIICMDAdBgNVHQ4E
FgQUdvAHmdUa48JZPZ0MYl6z+M1At4EwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2R2QUhtZFVhNDhKWlBa
ME1ZbDZ6LU0xQXQ0RS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwYgYIKwYBBQUHAQcBAf8EUzBRME8EAgABMEkD
BAIr7zADBAMr9gAwDAMEAiv2DAMEBCv2IDAMAwQCK/Y0AwQCK/ZgAwQCZyMwMAsD
AwJn7AMEA2fsEDAMAwQCZ+wcAwQCZ+xgMA0GCSqGSIb3DQEBCwUAA4IBAQBBp/G9
FZlWylImQNIRhosCsp4Zw3NXwG+CmUaZRKzUyE/ySIfSW96O+iunU03fE9a/IcGz
AYd7UookxaSvIcxqBSnyxQSlBEVb6ujn7xQcNQpE+0Ta3ZSjmV/IcVG6aavfxbsm
43XZS0ZswbaAh5QoOwsuqyLDBJrheDll8YgO6XMXkh8G13ktXW7KuSpynv6Oh9Mn
wR0lPDDNkk4ZSZUA3U9k0Pb+SSNX1UKi3hqRI/qcoAbX0PoDtz6jwDUd8tCE7vyc
75/29WP0tHzWuBdZJU2nPpTryT1F8lqYho7yPEUI1jA2EcO1om/QgMPPjKENdqFy
cVkkh404LCoeO585
-----END CERTIFICATE-----
Generated at Sun Jun 22 04:37:20 2025 by rpki-client