Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/gL_kJkguiQsgvdHmlUxNUnNhaBM.roa
File: gL_kJkguiQsgvdHmlUxNUnNhaBM.roa (raw, json)
Hash identifier: 0VH+oiVqOnqvP6v3bnMH94e+h38lW9p5kTCy/0hrcl0=
Subject key identifier: 80:BF:E4:26:48:2E:89:0B:20:BD:D1:E6:95:4C:4D:52:73:61:68:13
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 6038
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/gL_kJkguiQsgvdHmlUxNUnNhaBM.roa
Signing time: Wed 14 May 2025 16:13:48 +0000
ROA not before: Wed 14 May 2025 16:13:48 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 24426
IP address blocks: 43.239.48.0/22 maxlen: 22
43.246.0.0/22 maxlen: 22
43.246.4.0/22 maxlen: 22
43.246.12.0/22 maxlen: 22
43.246.16.0/22 maxlen: 22
43.246.20.0/22 maxlen: 22
43.246.24.0/22 maxlen: 22
43.246.28.0/22 maxlen: 22
43.246.32.0/22 maxlen: 22
43.246.36.0/22 maxlen: 22
43.246.40.0/22 maxlen: 22
43.246.44.0/22 maxlen: 22
43.246.52.0/22 maxlen: 22
43.246.56.0/22 maxlen: 22
43.246.60.0/22 maxlen: 22
43.246.64.0/22 maxlen: 22
43.246.68.0/22 maxlen: 22
43.246.72.0/22 maxlen: 22
43.246.76.0/22 maxlen: 22
43.246.80.0/22 maxlen: 22
43.246.84.0/22 maxlen: 22
43.246.88.0/22 maxlen: 22
43.246.92.0/22 maxlen: 22
43.246.96.0/22 maxlen: 22
103.35.48.0/22 maxlen: 22
103.236.0.0/22 maxlen: 22
103.236.4.0/22 maxlen: 22
103.236.8.0/22 maxlen: 22
103.236.12.0/22 maxlen: 22
103.236.16.0/22 maxlen: 22
103.236.20.0/22 maxlen: 22
103.236.28.0/22 maxlen: 22
103.236.32.0/22 maxlen: 22
103.236.36.0/22 maxlen: 22
103.236.40.0/22 maxlen: 22
103.236.44.0/22 maxlen: 22
103.236.48.0/22 maxlen: 22
103.236.52.0/22 maxlen: 22
103.236.56.0/22 maxlen: 22
103.236.60.0/22 maxlen: 22
103.236.64.0/22 maxlen: 22
103.236.68.0/22 maxlen: 22
103.236.72.0/22 maxlen: 22
103.236.76.0/22 maxlen: 22
103.236.80.0/22 maxlen: 22
103.236.84.0/22 maxlen: 22
103.236.88.0/22 maxlen: 22
103.236.92.0/22 maxlen: 22
103.236.96.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 24632 (0x6038)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 14 16:13:48 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=80BFE426482E890B20BDD1E6954C4D5273616813
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:d9:17:89:c9:b4:46:30:6c:67:67:55:3a:d5:
cc:53:e7:46:50:23:0f:4e:f6:a1:dc:a4:c0:01:a0:
13:be:f7:2c:82:c5:e3:9d:d7:d1:b3:c0:b1:23:f9:
36:c9:79:d2:89:e0:93:21:ed:62:34:1b:bc:b8:07:
0b:d7:a1:44:35:14:75:23:25:5f:89:9b:b1:71:c1:
04:ea:8a:8a:fa:7e:4d:c3:56:29:82:05:d4:4e:bc:
76:04:2c:dd:45:05:8e:aa:b3:62:db:f9:31:49:fc:
ac:10:f0:15:c5:c5:c1:99:36:e5:52:c6:6e:c7:07:
11:cb:fe:f2:d1:9b:10:2a:0e:7a:49:4f:00:0a:12:
79:0e:49:98:fa:b6:48:8a:4c:db:8d:e3:30:89:1a:
10:b2:84:4f:05:82:0c:f4:13:39:74:67:2a:88:e0:
83:3b:5d:02:0f:e2:ff:56:9d:1b:5b:db:a7:a8:cf:
1f:58:f1:4b:de:f9:e4:b7:7c:4e:9a:74:d2:dc:bd:
03:30:57:f4:b8:b9:04:e0:b9:80:40:bf:ec:4a:52:
78:a0:03:ee:ee:48:67:3c:96:5e:a1:49:fc:ac:8f:
f5:25:5a:f0:c0:c5:ac:aa:22:f7:44:50:41:3e:21:
95:18:f9:9c:98:35:3f:ae:2c:b5:75:29:b7:34:2b:
c1:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:BF:E4:26:48:2E:89:0B:20:BD:D1:E6:95:4C:4D:52:73:61:68:13
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/gL_kJkguiQsgvdHmlUxNUnNhaBM.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.48.0/22
43.246.0.0/21
43.246.12.0-43.246.47.255
43.246.52.0-43.246.99.255
103.35.48.0/22
103.236.0.0-103.236.23.255
103.236.28.0-103.236.99.255
Signature Algorithm: sha256WithRSAEncryption
92:40:0e:e9:65:f7:fc:86:56:23:93:29:3f:80:c8:c1:3d:79:
b3:e9:da:c8:0c:79:8a:fb:e8:77:09:7c:be:cf:9c:1b:62:b8:
3d:8f:71:c8:19:33:72:9c:86:a4:6f:0e:12:5e:71:34:2c:a2:
8a:f1:06:c2:de:5d:1d:12:56:02:ab:c4:f5:10:9e:5c:5c:15:
9d:df:89:9c:1f:24:4c:0c:ab:0e:cc:2a:08:6a:b9:0d:d5:73:
da:df:6d:17:13:04:b0:3f:1e:15:38:44:34:d1:62:7d:ee:32:
d1:d6:ef:d8:d8:5e:ff:a7:f7:95:f0:da:b8:71:ed:43:c0:4d:
d2:6b:8e:7f:22:74:c5:1a:d7:18:b7:f4:8a:f8:c4:c2:40:40:
0f:27:d4:f7:33:c4:06:e0:02:7f:09:d0:d1:9a:58:35:b7:13:
b2:ca:0b:06:1d:56:fe:ca:17:db:46:14:ba:93:7a:9d:42:51:
1b:53:67:68:00:5a:cf:ef:77:ad:4f:b7:6a:43:2c:a2:d5:b4:
9a:8a:74:36:66:57:a1:29:73:2a:2c:88:30:a3:27:43:63:12:
fc:98:09:ea:50:a0:7f:e7:4a:08:d1:a3:49:71:f0:67:36:13:
bd:ed:95:61:4e:51:db:b6:b9:49:39:dd:51:51:7f:f3:79:61:
c3:33:27:3a
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgICYDgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNTA1MTQx
NjEzNDhaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDgwQkZFNDI2NDgyRTg5
MEIyMEJERDFFNjk1NEM0RDUyNzM2MTY4MTMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDn2ReJybRGMGxnZ1U61cxT50ZQIw9O9qHcpMABoBO+9yyCxeOd
19GzwLEj+TbJedKJ4JMh7WI0G7y4BwvXoUQ1FHUjJV+Jm7FxwQTqior6fk3DVimC
BdROvHYELN1FBY6qs2Lb+TFJ/KwQ8BXFxcGZNuVSxm7HBxHL/vLRmxAqDnpJTwAK
EnkOSZj6tkiKTNuN4zCJGhCyhE8Fggz0Ezl0ZyqI4IM7XQIP4v9WnRtb26eozx9Y
8Uve+eS3fE6adNLcvQMwV/S4uQTguYBAv+xKUnigA+7uSGc8ll6hSfysj/UlWvDA
xayqIvdEUEE+IZUY+ZyYNT+uLLV1Kbc0K8EpAgMBAAGjggI0MIICMDAdBgNVHQ4E
FgQUgL/kJkguiQsgvdHmlUxNUnNhaBMwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2dMX2tKa2d1aVFzZ3Zk
SG1sVXhOVW5OaGFCTS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwYgYIKwYBBQUHAQcBAf8EUzBRME8EAgABMEkD
BAIr7zADBAMr9gAwDAMEAiv2DAMEBCv2IDAMAwQCK/Y0AwQCK/ZgAwQCZyMwMAsD
AwJn7AMEA2fsEDAMAwQCZ+wcAwQCZ+xgMA0GCSqGSIb3DQEBCwUAA4IBAQCSQA7p
Zff8hlYjkyk/gMjBPXmz6drIDHmK++h3CXy+z5wbYrg9j3HIGTNynIakbw4SXnE0
LKKK8QbC3l0dElYCq8T1EJ5cXBWd34mcHyRMDKsOzCoIarkN1XPa320XEwSwPx4V
OEQ00WJ97jLR1u/Y2F7/p/eV8Nq4ce1DwE3Sa45/InTFGtcYt/SK+MTCQEAPJ9T3
M8QG4AJ/CdDRmlg1txOyygsGHVb+yhfbRhS6k3qdQlEbU2doAFrP73etT7dqQyyi
1bSainQ2ZlehKXMqLIgwoydDYxL8mAnqUKB/50oI0aNJcfBnNhO97ZVhTlHbtrlJ
Od1RUX/zeWHDMyc6
-----END CERTIFICATE-----
Generated at Sat Jun 21 13:58:23 2025 by rpki-client