Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/eQ-PnZccpHl3ttn4fgAL_0eiTDc.roa
File: eQ-PnZccpHl3ttn4fgAL_0eiTDc.roa (raw, json)
Hash identifier: 8LAh17EsUCQx2MwPA+TQ130jpRz2s8sDlP/WT/smRpY=
Subject key identifier: 79:0F:8F:9D:97:1C:A4:79:77:B6:D9:F8:7E:00:0B:FF:47:A2:4C:37
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 5FA4
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/eQ-PnZccpHl3ttn4fgAL_0eiTDc.roa
Signing time: Tue 13 May 2025 03:10:22 +0000
ROA not before: Tue 13 May 2025 03:10:22 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 24426
IP address blocks: 43.239.48.0/22 maxlen: 22
43.246.0.0/22 maxlen: 22
43.246.4.0/22 maxlen: 22
43.246.12.0/22 maxlen: 22
43.246.16.0/22 maxlen: 22
43.246.20.0/22 maxlen: 22
43.246.24.0/22 maxlen: 22
43.246.28.0/22 maxlen: 22
43.246.32.0/22 maxlen: 22
43.246.36.0/22 maxlen: 22
43.246.40.0/22 maxlen: 22
43.246.44.0/22 maxlen: 22
43.246.52.0/22 maxlen: 22
43.246.56.0/22 maxlen: 22
43.246.60.0/22 maxlen: 22
43.246.64.0/22 maxlen: 22
43.246.68.0/22 maxlen: 22
43.246.72.0/22 maxlen: 22
43.246.76.0/22 maxlen: 22
43.246.80.0/22 maxlen: 22
43.246.84.0/22 maxlen: 22
43.246.88.0/22 maxlen: 22
43.246.92.0/22 maxlen: 22
43.246.96.0/22 maxlen: 22
103.35.48.0/22 maxlen: 22
103.236.0.0/22 maxlen: 22
103.236.4.0/22 maxlen: 22
103.236.8.0/22 maxlen: 22
103.236.12.0/22 maxlen: 22
103.236.16.0/22 maxlen: 22
103.236.20.0/22 maxlen: 22
103.236.28.0/22 maxlen: 22
103.236.32.0/22 maxlen: 22
103.236.36.0/22 maxlen: 22
103.236.40.0/22 maxlen: 22
103.236.44.0/22 maxlen: 22
103.236.48.0/22 maxlen: 22
103.236.52.0/22 maxlen: 22
103.236.56.0/22 maxlen: 22
103.236.60.0/22 maxlen: 22
103.236.64.0/22 maxlen: 22
103.236.68.0/22 maxlen: 22
103.236.72.0/22 maxlen: 22
103.236.76.0/22 maxlen: 22
103.236.80.0/22 maxlen: 22
103.236.84.0/22 maxlen: 22
103.236.88.0/22 maxlen: 22
103.236.92.0/22 maxlen: 22
103.236.96.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 24484 (0x5fa4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 13 03:10:22 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=790F8F9D971CA47977B6D9F87E000BFF47A24C37
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:48:d7:ab:53:9d:f7:8e:f7:b3:4b:da:e7:65:
7b:ac:9c:f3:1c:f6:43:99:9a:70:a2:61:00:80:98:
64:ae:0a:b0:6c:e7:b4:9f:ae:30:3d:5f:bb:7b:8d:
59:75:14:9d:b6:b9:23:d5:5e:c9:47:4c:d8:c2:13:
25:e7:55:2e:da:af:c0:ac:2b:30:fa:a1:1a:fd:7a:
f4:79:74:c2:2a:8e:e6:dd:25:c8:2c:b5:be:34:2a:
5d:41:f1:f9:36:a1:cc:4b:e3:f6:9d:a6:c0:48:2d:
d5:1c:be:86:dc:db:83:8c:db:4d:5d:fd:f1:5e:ba:
92:d5:a9:64:28:9b:a8:d2:f0:27:a0:40:4c:b3:15:
0f:bf:74:ed:7e:fc:df:8e:86:7e:8e:a5:0f:b4:c6:
65:fe:79:cc:24:b5:71:23:0d:a6:17:7d:bb:58:d8:
58:b1:6e:1a:c6:b1:e6:b7:81:9d:e0:a5:40:f6:f7:
5a:b6:28:6f:04:2a:a2:05:b9:d4:13:32:9d:1e:5a:
dc:a0:ef:0a:4f:ab:e9:b5:9c:3c:3e:67:57:e8:2b:
e8:92:01:b9:ba:9f:f2:92:7a:95:98:68:7b:71:08:
d5:c2:1c:e8:57:fe:6d:9e:92:cf:23:2b:bb:43:d7:
15:c4:0c:e4:8b:7b:ab:26:da:3a:18:a6:b1:8a:59:
c3:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:0F:8F:9D:97:1C:A4:79:77:B6:D9:F8:7E:00:0B:FF:47:A2:4C:37
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/eQ-PnZccpHl3ttn4fgAL_0eiTDc.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.48.0/22
43.246.0.0/21
43.246.12.0-43.246.47.255
43.246.52.0-43.246.99.255
103.35.48.0/22
103.236.0.0-103.236.23.255
103.236.28.0-103.236.99.255
Signature Algorithm: sha256WithRSAEncryption
77:66:c6:38:2d:cc:0f:9c:6f:79:17:b0:32:96:2e:32:68:1b:
26:e2:98:55:0a:3d:6f:7c:4b:c8:40:60:50:9c:19:e4:33:09:
2d:e4:66:73:18:dc:fb:ed:7d:88:9c:55:fa:10:c9:06:f2:99:
4b:b4:07:61:91:5a:0f:78:94:c3:1a:91:cf:6a:3a:82:f4:77:
5b:d7:fc:b2:3c:ec:0f:1c:ea:43:2b:52:e3:9f:95:1a:c0:42:
5d:04:25:36:4a:5b:b0:f5:aa:04:68:26:71:0b:4d:14:2f:be:
45:e3:b8:35:f7:ea:4b:94:12:04:3f:90:7d:a7:3b:2e:49:58:
b4:83:7c:ca:f3:44:0e:35:30:de:0b:ed:38:b9:fe:05:5e:d1:
8c:3f:4b:cd:ce:02:2c:49:f0:be:2d:52:e3:d8:ae:96:94:42:
dd:59:9d:47:08:f6:86:33:7a:66:d1:2c:33:f4:7e:7f:83:03:
7e:a4:7f:71:93:b0:e2:66:31:5d:4f:54:5e:cc:0d:84:78:ac:
b0:e5:e0:1a:34:58:7d:b3:35:88:11:fc:84:44:a2:6b:16:90:
94:c4:8a:6e:56:ec:cc:99:c6:24:d5:f8:08:45:5d:79:03:19:
48:7a:be:67:98:cb:52:a5:7f:a4:46:9d:8c:17:88:8a:07:0c:
58:3d:04:79
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgICX6QwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNTA1MTMw
MzEwMjJaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDc5MEY4RjlEOTcxQ0E0
Nzk3N0I2RDlGODdFMDAwQkZGNDdBMjRDMzcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDISNerU533jvezS9rnZXusnPMc9kOZmnCiYQCAmGSuCrBs57Sf
rjA9X7t7jVl1FJ22uSPVXslHTNjCEyXnVS7ar8CsKzD6oRr9evR5dMIqjubdJcgs
tb40Kl1B8fk2ocxL4/adpsBILdUcvobc24OM201d/fFeupLVqWQom6jS8CegQEyz
FQ+/dO1+/N+Ohn6OpQ+0xmX+ecwktXEjDaYXfbtY2FixbhrGsea3gZ3gpUD291q2
KG8EKqIFudQTMp0eWtyg7wpPq+m1nDw+Z1foK+iSAbm6n/KSepWYaHtxCNXCHOhX
/m2eks8jK7tD1xXEDOSLe6sm2joYprGKWcNNAgMBAAGjggI0MIICMDAdBgNVHQ4E
FgQUeQ+PnZccpHl3ttn4fgAL/0eiTDcwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2VRLVBuWmNjcEhsM3R0
bjRmZ0FMXzBlaVREYy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwYgYIKwYBBQUHAQcBAf8EUzBRME8EAgABMEkD
BAIr7zADBAMr9gAwDAMEAiv2DAMEBCv2IDAMAwQCK/Y0AwQCK/ZgAwQCZyMwMAsD
AwJn7AMEA2fsEDAMAwQCZ+wcAwQCZ+xgMA0GCSqGSIb3DQEBCwUAA4IBAQB3ZsY4
LcwPnG95F7Ayli4yaBsm4phVCj1vfEvIQGBQnBnkMwkt5GZzGNz77X2InFX6EMkG
8plLtAdhkVoPeJTDGpHPajqC9Hdb1/yyPOwPHOpDK1Ljn5UawEJdBCU2Sluw9aoE
aCZxC00UL75F47g19+pLlBIEP5B9pzsuSVi0g3zK80QONTDeC+04uf4FXtGMP0vN
zgIsSfC+LVLj2K6WlELdWZ1HCPaGM3pm0Swz9H5/gwN+pH9xk7DiZjFdT1RezA2E
eKyw5eAaNFh9szWIEfyERKJrFpCUxIpuVuzMmcYk1fgIRV15AxlIer5nmMtSpX+k
Rp2MF4iKBwxYPQR5
-----END CERTIFICATE-----
Generated at Fri Jun 20 16:47:58 2025 by rpki-client