Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/g1QUDNj5vddwbuVnKgDVc_QPhRY.roa
File: g1QUDNj5vddwbuVnKgDVc_QPhRY.roa (raw, json)
Hash identifier: sBdoGLuSRZQKP3v6COeRH6ocy4Uci5ns2hLdJEREhpo=
Subject key identifier: 83:54:14:0C:D8:F9:BD:D7:70:6E:E5:67:2A:00:D5:73:F4:0F:85:16
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 687C
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/g1QUDNj5vddwbuVnKgDVc_QPhRY.roa
Signing time: Thu 05 Jun 2025 17:11:53 +0000
ROA not before: Thu 05 Jun 2025 17:11:53 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 24426
IP address blocks: 43.239.48.0/22 maxlen: 22
43.246.0.0/22 maxlen: 22
43.246.4.0/22 maxlen: 22
43.246.12.0/22 maxlen: 22
43.246.16.0/22 maxlen: 22
43.246.20.0/22 maxlen: 22
43.246.24.0/22 maxlen: 22
43.246.28.0/22 maxlen: 22
43.246.32.0/22 maxlen: 22
43.246.36.0/22 maxlen: 22
43.246.40.0/22 maxlen: 22
43.246.44.0/22 maxlen: 22
43.246.52.0/22 maxlen: 22
43.246.56.0/22 maxlen: 22
43.246.60.0/22 maxlen: 22
43.246.64.0/22 maxlen: 22
43.246.68.0/22 maxlen: 22
43.246.72.0/22 maxlen: 22
43.246.76.0/22 maxlen: 22
43.246.80.0/22 maxlen: 22
43.246.84.0/22 maxlen: 22
43.246.88.0/22 maxlen: 22
43.246.92.0/22 maxlen: 22
43.246.96.0/22 maxlen: 22
103.35.48.0/22 maxlen: 22
103.236.0.0/22 maxlen: 22
103.236.4.0/22 maxlen: 22
103.236.8.0/22 maxlen: 22
103.236.12.0/22 maxlen: 22
103.236.16.0/22 maxlen: 22
103.236.20.0/22 maxlen: 22
103.236.28.0/22 maxlen: 22
103.236.32.0/22 maxlen: 22
103.236.36.0/22 maxlen: 22
103.236.40.0/22 maxlen: 22
103.236.44.0/22 maxlen: 22
103.236.48.0/22 maxlen: 22
103.236.52.0/22 maxlen: 22
103.236.56.0/22 maxlen: 22
103.236.60.0/22 maxlen: 22
103.236.64.0/22 maxlen: 22
103.236.68.0/22 maxlen: 22
103.236.72.0/22 maxlen: 22
103.236.76.0/22 maxlen: 22
103.236.80.0/22 maxlen: 22
103.236.84.0/22 maxlen: 22
103.236.88.0/22 maxlen: 22
103.236.92.0/22 maxlen: 22
103.236.96.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 26748 (0x687c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Jun 5 17:11:53 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=8354140CD8F9BDD7706EE5672A00D573F40F8516
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:57:ec:97:d8:09:e7:aa:51:f0:b6:49:89:ee:
66:37:91:cf:9f:af:86:35:a0:d4:cd:8f:e5:fa:d7:
80:a1:75:bc:52:c5:fc:0c:2a:5f:96:ec:b3:43:96:
40:a1:fb:2d:c6:9e:d9:d2:3a:3d:3f:80:ef:cf:85:
a8:c7:2a:35:d3:12:6a:89:5e:15:ca:f7:72:32:5f:
a9:e6:a0:9a:15:99:c5:46:44:c3:ee:6d:99:b1:88:
a7:e6:37:f2:18:1c:03:53:27:af:62:30:f3:17:88:
5a:15:10:1f:51:da:30:cd:5c:bf:aa:1a:66:ea:21:
5c:4a:cc:ad:45:8b:60:65:0a:b7:f9:79:e4:10:29:
44:f1:0c:5d:55:6b:09:20:9d:d6:2a:44:81:de:03:
24:26:54:6c:d7:f0:0d:34:3c:50:64:99:06:b9:b9:
7c:e1:7b:04:35:7b:36:a0:71:8a:5b:b1:49:51:38:
9a:7f:d0:ba:57:6a:28:ef:8e:13:59:6f:eb:16:bf:
f0:69:9a:25:de:9c:d7:17:e0:8c:67:7c:99:8f:fd:
ea:0b:8f:ed:bb:e5:ff:c6:25:e1:d8:04:7b:33:8b:
80:70:16:d7:59:e2:fa:86:55:ac:ee:c5:82:ac:29:
e8:ea:54:79:8d:4b:3d:5b:3f:3b:71:29:81:4f:0e:
ea:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:54:14:0C:D8:F9:BD:D7:70:6E:E5:67:2A:00:D5:73:F4:0F:85:16
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/g1QUDNj5vddwbuVnKgDVc_QPhRY.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.48.0/22
43.246.0.0/21
43.246.12.0-43.246.47.255
43.246.52.0-43.246.99.255
103.35.48.0/22
103.236.0.0-103.236.23.255
103.236.28.0-103.236.99.255
Signature Algorithm: sha256WithRSAEncryption
5c:cb:b9:1f:d7:58:32:ad:c4:47:f4:33:7e:f6:e5:27:91:35:
c8:9f:24:fe:f8:03:c4:d6:bc:77:37:df:69:00:f1:f6:13:aa:
11:a5:11:44:75:d9:ef:02:60:59:07:88:42:58:dc:7e:f7:b6:
84:1c:ee:fc:27:8d:06:17:1d:04:dd:2d:4c:3d:89:14:b1:57:
01:d9:fc:00:37:e4:b9:1f:29:0c:62:ab:ce:48:9c:f9:8d:47:
a0:51:5b:a9:1b:82:a6:88:19:79:42:88:2f:9a:15:85:ca:4b:
52:a3:13:bf:13:9a:84:2c:90:4d:73:72:c2:87:89:d9:99:51:
b3:91:6d:87:0b:8b:ad:59:b5:10:19:df:4f:0f:d3:d7:94:63:
04:6f:ad:b6:f5:c6:7e:d8:1e:aa:49:95:85:3e:f1:54:09:e7:
ce:25:dd:31:d0:0f:41:ea:18:e0:d7:84:67:c9:a5:81:34:1c:
52:f7:8e:04:77:28:56:a2:2d:24:96:2f:00:03:6c:64:73:63:
cc:5d:f2:8a:bd:8b:e8:86:1c:eb:1a:df:c8:31:55:df:49:a6:
ca:7b:22:fb:df:d4:4e:8b:f1:91:de:fd:b0:48:be:b7:6a:fc:
1f:49:c9:c4:7c:57:f7:b7:85:2c:2b:7c:77:2e:6f:02:04:94:
2f:a1:ac:f9
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgICaHwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNTA2MDUx
NzExNTNaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDgzNTQxNDBDRDhGOUJE
RDc3MDZFRTU2NzJBMDBENTczRjQwRjg1MTYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDCV+yX2AnnqlHwtkmJ7mY3kc+fr4Y1oNTNj+X614ChdbxSxfwM
Kl+W7LNDlkCh+y3GntnSOj0/gO/PhajHKjXTEmqJXhXK93IyX6nmoJoVmcVGRMPu
bZmxiKfmN/IYHANTJ69iMPMXiFoVEB9R2jDNXL+qGmbqIVxKzK1Fi2BlCrf5eeQQ
KUTxDF1VawkgndYqRIHeAyQmVGzX8A00PFBkmQa5uXzhewQ1ezagcYpbsUlROJp/
0LpXaijvjhNZb+sWv/BpmiXenNcX4IxnfJmP/eoLj+275f/GJeHYBHszi4BwFtdZ
4vqGVazuxYKsKejqVHmNSz1bPztxKYFPDur9AgMBAAGjggI0MIICMDAdBgNVHQ4E
FgQUg1QUDNj5vddwbuVnKgDVc/QPhRYwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2cxUVVETmo1dmRkd2J1
Vm5LZ0RWY19RUGhSWS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwYgYIKwYBBQUHAQcBAf8EUzBRME8EAgABMEkD
BAIr7zADBAMr9gAwDAMEAiv2DAMEBCv2IDAMAwQCK/Y0AwQCK/ZgAwQCZyMwMAsD
AwJn7AMEA2fsEDAMAwQCZ+wcAwQCZ+xgMA0GCSqGSIb3DQEBCwUAA4IBAQBcy7kf
11gyrcRH9DN+9uUnkTXInyT++APE1rx3N99pAPH2E6oRpRFEddnvAmBZB4hCWNx+
97aEHO78J40GFx0E3S1MPYkUsVcB2fwAN+S5HykMYqvOSJz5jUegUVupG4KmiBl5
QogvmhWFyktSoxO/E5qELJBNc3LCh4nZmVGzkW2HC4utWbUQGd9PD9PXlGMEb622
9cZ+2B6qSZWFPvFUCefOJd0x0A9B6hjg14RnyaWBNBxS944EdyhWoi0kli8AA2xk
c2PMXfKKvYvohhzrGt/IMVXfSabKeyL739ROi/GR3v2wSL63avwfScnEfFf3t4Us
K3x3Lm8CBJQvoaz5
-----END CERTIFICATE-----
Generated at Fri Jun 20 23:09:31 2025 by rpki-client