Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/jXfbYRDNa3gq52IrxEyPWGMISiw.roa
File: jXfbYRDNa3gq52IrxEyPWGMISiw.roa (raw, json)
Hash identifier: hWe+ASfxKmcOPHhCmdNrQElvG25+HkZX7yw3kIwSaTs=
Subject key identifier: 8D:77:DB:61:10:CD:6B:78:2A:E7:62:2B:C4:4C:8F:58:63:08:4A:2C
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 62BE
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/jXfbYRDNa3gq52IrxEyPWGMISiw.roa
Signing time: Wed 21 May 2025 09:41:41 +0000
ROA not before: Wed 21 May 2025 09:41:41 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 24426
IP address blocks: 43.239.48.0/22 maxlen: 22
43.246.0.0/22 maxlen: 22
43.246.4.0/22 maxlen: 22
43.246.12.0/22 maxlen: 22
43.246.16.0/22 maxlen: 22
43.246.20.0/22 maxlen: 22
43.246.24.0/22 maxlen: 22
43.246.28.0/22 maxlen: 22
43.246.32.0/22 maxlen: 22
43.246.36.0/22 maxlen: 22
43.246.40.0/22 maxlen: 22
43.246.44.0/22 maxlen: 22
43.246.52.0/22 maxlen: 22
43.246.56.0/22 maxlen: 22
43.246.60.0/22 maxlen: 22
43.246.64.0/22 maxlen: 22
43.246.68.0/22 maxlen: 22
43.246.72.0/22 maxlen: 22
43.246.76.0/22 maxlen: 22
43.246.80.0/22 maxlen: 22
43.246.84.0/22 maxlen: 22
43.246.88.0/22 maxlen: 22
43.246.92.0/22 maxlen: 22
43.246.96.0/22 maxlen: 22
103.35.48.0/22 maxlen: 22
103.236.0.0/22 maxlen: 22
103.236.4.0/22 maxlen: 22
103.236.8.0/22 maxlen: 22
103.236.12.0/22 maxlen: 22
103.236.16.0/22 maxlen: 22
103.236.20.0/22 maxlen: 22
103.236.28.0/22 maxlen: 22
103.236.32.0/22 maxlen: 22
103.236.36.0/22 maxlen: 22
103.236.40.0/22 maxlen: 22
103.236.44.0/22 maxlen: 22
103.236.48.0/22 maxlen: 22
103.236.52.0/22 maxlen: 22
103.236.56.0/22 maxlen: 22
103.236.60.0/22 maxlen: 22
103.236.64.0/22 maxlen: 22
103.236.68.0/22 maxlen: 22
103.236.72.0/22 maxlen: 22
103.236.76.0/22 maxlen: 22
103.236.80.0/22 maxlen: 22
103.236.84.0/22 maxlen: 22
103.236.88.0/22 maxlen: 22
103.236.92.0/22 maxlen: 22
103.236.96.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 25278 (0x62be)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 21 09:41:41 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=8D77DB6110CD6B782AE7622BC44C8F5863084A2C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:49:3f:4f:6c:a0:89:cf:bd:56:55:b1:a0:c8:
fa:97:65:1c:ef:8e:f2:e7:6c:e1:87:59:e9:4f:80:
7c:10:4c:33:97:65:fc:a8:60:3b:dd:17:42:f3:82:
84:e3:1e:93:69:23:94:f2:46:ca:15:c7:54:55:9d:
cd:61:9e:7f:8f:b9:7e:3b:69:70:e0:4f:24:af:b8:
c6:e9:98:db:29:07:fa:a4:57:78:10:14:d6:4c:07:
1c:27:a5:50:a1:86:6f:c8:f5:74:72:b2:cb:2c:92:
74:99:e1:9c:6f:16:bc:b5:fe:37:89:3a:be:43:3c:
f3:d6:d1:1b:ba:3b:3b:30:72:77:8e:9e:8a:2b:b9:
80:c0:16:d2:d3:4c:2b:bc:67:46:e3:31:ed:b8:69:
97:52:9c:38:ee:37:4e:7b:36:3c:e0:b6:43:dd:80:
58:71:9d:5d:4e:fe:e2:da:9c:6b:ec:6d:21:0b:82:
f9:e4:eb:4d:ab:22:d6:b5:a9:e7:8e:dd:63:49:77:
1a:2f:16:9c:82:ec:32:95:16:73:96:24:de:e7:de:
d7:90:5b:12:78:bc:1a:65:b5:55:08:0d:f0:f1:63:
88:cd:14:b9:cf:b1:d9:41:9e:df:4e:d5:56:00:1a:
6f:42:73:e2:d7:13:16:70:3b:81:4a:3e:a9:58:7c:
58:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:77:DB:61:10:CD:6B:78:2A:E7:62:2B:C4:4C:8F:58:63:08:4A:2C
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/jXfbYRDNa3gq52IrxEyPWGMISiw.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.48.0/22
43.246.0.0/21
43.246.12.0-43.246.47.255
43.246.52.0-43.246.99.255
103.35.48.0/22
103.236.0.0-103.236.23.255
103.236.28.0-103.236.99.255
Signature Algorithm: sha256WithRSAEncryption
47:05:01:27:d3:8e:1a:0b:85:67:bb:2b:4b:20:ee:a6:ea:eb:
55:04:74:7f:c3:b5:05:e8:de:31:f6:df:16:5a:30:dc:ba:cd:
fc:a9:74:7d:4e:60:4c:4a:ed:0b:57:ab:5d:0d:6e:dd:14:c2:
bb:8c:3d:a7:44:24:82:69:56:2e:06:06:21:7e:30:3f:6c:f5:
ce:92:23:54:96:25:dc:98:bd:5f:54:8f:08:6f:a1:95:2f:13:
87:df:71:1c:6b:97:43:66:cd:b2:7e:c2:bf:2e:20:33:fe:b5:
4b:a5:2c:94:92:fa:12:c3:40:13:de:a6:ff:3e:d7:ac:ae:84:
2b:de:8e:81:84:b0:65:e3:3a:e4:c9:95:f0:f0:67:63:ae:cf:
6e:fa:13:34:42:f3:5a:32:96:b0:49:e3:b6:6d:4a:08:8e:e3:
d8:a3:97:3e:07:86:7b:55:0c:e4:e7:a2:d6:76:3e:fe:5e:e4:
7c:44:de:ba:76:9c:18:0d:7b:80:88:f0:ac:b9:f3:b7:0d:a3:
ba:47:d9:05:8a:29:3f:e6:c7:28:23:94:79:d8:ee:9d:b3:0b:
40:af:40:7a:d5:92:ca:91:e6:b5:52:e5:ee:b6:f6:8d:e1:f2:
d6:64:fa:eb:0e:db:2f:02:9d:04:6b:27:ca:5e:9b:15:09:3e:
3f:6f:3a:84
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgICYr4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNTA1MjEw
OTQxNDFaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDhENzdEQjYxMTBDRDZC
NzgyQUU3NjIyQkM0NEM4RjU4NjMwODRBMkMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCSST9PbKCJz71WVbGgyPqXZRzvjvLnbOGHWelPgHwQTDOXZfyo
YDvdF0LzgoTjHpNpI5TyRsoVx1RVnc1hnn+PuX47aXDgTySvuMbpmNspB/qkV3gQ
FNZMBxwnpVChhm/I9XRyssssknSZ4ZxvFry1/jeJOr5DPPPW0Ru6OzswcneOnoor
uYDAFtLTTCu8Z0bjMe24aZdSnDjuN057NjzgtkPdgFhxnV1O/uLanGvsbSELgvnk
602rIta1qeeO3WNJdxovFpyC7DKVFnOWJN7n3teQWxJ4vBpltVUIDfDxY4jNFLnP
sdlBnt9O1VYAGm9Cc+LXExZwO4FKPqlYfFhPAgMBAAGjggI0MIICMDAdBgNVHQ4E
FgQUjXfbYRDNa3gq52IrxEyPWGMISiwwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2pYZmJZUkROYTNncTUy
SXJ4RXlQV0dNSVNpdy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwYgYIKwYBBQUHAQcBAf8EUzBRME8EAgABMEkD
BAIr7zADBAMr9gAwDAMEAiv2DAMEBCv2IDAMAwQCK/Y0AwQCK/ZgAwQCZyMwMAsD
AwJn7AMEA2fsEDAMAwQCZ+wcAwQCZ+xgMA0GCSqGSIb3DQEBCwUAA4IBAQBHBQEn
044aC4VnuytLIO6m6utVBHR/w7UF6N4x9t8WWjDcus38qXR9TmBMSu0LV6tdDW7d
FMK7jD2nRCSCaVYuBgYhfjA/bPXOkiNUliXcmL1fVI8Ib6GVLxOH33Eca5dDZs2y
fsK/LiAz/rVLpSyUkvoSw0AT3qb/PtesroQr3o6BhLBl4zrkyZXw8Gdjrs9u+hM0
QvNaMpawSeO2bUoIjuPYo5c+B4Z7VQzk56LWdj7+XuR8RN66dpwYDXuAiPCsufO3
DaO6R9kFiik/5scoI5R52O6dswtAr0B61ZLKkea1UuXutvaN4fLWZPrrDtsvAp0E
ayfKXpsVCT4/bzqE
-----END CERTIFICATE-----
Generated at Sun Jun 22 03:58:58 2025 by rpki-client