Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/lp-JBvlq6DwGe4GyF6oSeOSGItE.roa
File: lp-JBvlq6DwGe4GyF6oSeOSGItE.roa (raw, json)
Hash identifier: HpDxwc03V+rVynEAfsUU6B3jVupAghJhc4sEJ4Ixv9w=
Subject key identifier: 96:9F:89:06:F9:6A:E8:3C:06:7B:81:B2:17:AA:12:78:E4:86:22:D1
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 6270
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/lp-JBvlq6DwGe4GyF6oSeOSGItE.roa
Signing time: Tue 20 May 2025 14:10:41 +0000
ROA not before: Tue 20 May 2025 14:10:41 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 24426
IP address blocks: 43.239.48.0/22 maxlen: 22
43.246.0.0/22 maxlen: 22
43.246.4.0/22 maxlen: 22
43.246.12.0/22 maxlen: 22
43.246.16.0/22 maxlen: 22
43.246.20.0/22 maxlen: 22
43.246.24.0/22 maxlen: 22
43.246.28.0/22 maxlen: 22
43.246.32.0/22 maxlen: 22
43.246.36.0/22 maxlen: 22
43.246.40.0/22 maxlen: 22
43.246.44.0/22 maxlen: 22
43.246.52.0/22 maxlen: 22
43.246.56.0/22 maxlen: 22
43.246.60.0/22 maxlen: 22
43.246.64.0/22 maxlen: 22
43.246.68.0/22 maxlen: 22
43.246.72.0/22 maxlen: 22
43.246.76.0/22 maxlen: 22
43.246.80.0/22 maxlen: 22
43.246.84.0/22 maxlen: 22
43.246.88.0/22 maxlen: 22
43.246.92.0/22 maxlen: 22
43.246.96.0/22 maxlen: 22
103.35.48.0/22 maxlen: 22
103.236.0.0/22 maxlen: 22
103.236.4.0/22 maxlen: 22
103.236.8.0/22 maxlen: 22
103.236.12.0/22 maxlen: 22
103.236.16.0/22 maxlen: 22
103.236.20.0/22 maxlen: 22
103.236.28.0/22 maxlen: 22
103.236.32.0/22 maxlen: 22
103.236.36.0/22 maxlen: 22
103.236.40.0/22 maxlen: 22
103.236.44.0/22 maxlen: 22
103.236.48.0/22 maxlen: 22
103.236.52.0/22 maxlen: 22
103.236.56.0/22 maxlen: 22
103.236.60.0/22 maxlen: 22
103.236.64.0/22 maxlen: 22
103.236.68.0/22 maxlen: 22
103.236.72.0/22 maxlen: 22
103.236.76.0/22 maxlen: 22
103.236.80.0/22 maxlen: 22
103.236.84.0/22 maxlen: 22
103.236.88.0/22 maxlen: 22
103.236.92.0/22 maxlen: 22
103.236.96.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 25200 (0x6270)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 20 14:10:41 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=969F8906F96AE83C067B81B217AA1278E48622D1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:cb:9f:5d:96:1d:91:98:9c:46:58:44:d3:3b:
ba:c5:40:a5:98:89:5a:1e:04:92:ad:92:ed:9a:a2:
5f:17:b7:e1:54:93:93:8e:58:a9:98:4c:d6:72:4b:
ef:fc:3e:ff:f3:97:81:71:a0:23:d8:dd:bf:44:e9:
e0:d1:d0:35:96:62:83:d2:0d:4b:6b:c4:f2:b2:46:
22:72:e3:80:60:07:68:3c:62:92:0d:6b:96:c0:88:
da:03:89:e2:b9:58:6c:98:f4:a0:56:2c:2b:12:52:
ab:ff:d1:71:be:36:c2:8a:9d:f5:b9:06:0e:3c:c2:
39:1b:7b:21:df:53:df:47:37:00:c2:43:81:dc:51:
68:e5:1e:4e:da:53:03:c1:8b:7b:f1:43:aa:7f:87:
7b:23:b9:21:f7:6d:7d:64:cf:32:2c:b9:82:77:f7:
3a:d2:dd:b2:09:b6:b4:3a:96:5e:fe:70:7d:ff:60:
6b:63:83:93:fa:cd:87:f2:5a:c2:e4:a9:cc:86:f7:
dc:8e:82:ef:8f:e2:c3:6c:72:1f:9c:7b:5f:4c:3a:
0e:7d:d6:90:30:8d:e3:26:0b:a4:e2:e0:64:49:a1:
01:15:d0:ce:b0:07:b0:bd:85:d5:22:55:8d:c1:0e:
14:d1:b6:50:08:2b:ff:b9:49:ed:c6:d6:b3:35:fb:
1e:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:9F:89:06:F9:6A:E8:3C:06:7B:81:B2:17:AA:12:78:E4:86:22:D1
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/lp-JBvlq6DwGe4GyF6oSeOSGItE.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.48.0/22
43.246.0.0/21
43.246.12.0-43.246.47.255
43.246.52.0-43.246.99.255
103.35.48.0/22
103.236.0.0-103.236.23.255
103.236.28.0-103.236.99.255
Signature Algorithm: sha256WithRSAEncryption
93:05:bf:bd:ab:1e:d7:fa:b6:56:ba:d4:ef:ea:b0:57:9d:e0:
c8:16:90:9a:ff:70:86:7d:80:1d:f9:c2:8c:88:08:39:b0:59:
20:a7:9a:e2:83:90:ca:78:58:5f:64:32:c7:b9:2a:6c:e1:24:
3f:5a:4f:33:f1:66:33:75:8b:2f:80:80:b3:b9:1f:a9:bc:0d:
6e:ff:20:97:2d:46:35:4f:20:b9:c3:a6:0d:bf:13:49:a6:84:
3c:bd:c7:ef:81:a3:fd:03:57:58:bd:9c:5d:26:61:04:d7:ce:
e9:38:b9:cf:a5:e0:68:6b:44:4a:8b:4f:41:9e:a8:27:36:8c:
3f:ea:e3:bb:81:a1:9f:ad:fa:92:15:3e:6a:53:39:1d:1e:82:
b3:0a:72:3c:88:48:25:f4:66:4d:09:ee:13:5d:78:67:27:ad:
6b:7f:12:a4:ae:52:4c:dc:42:75:62:d0:93:74:67:51:b6:c4:
a6:44:85:d3:e7:75:3d:bc:07:64:c8:34:27:8c:3e:66:07:9e:
ad:4b:cb:0b:e0:fc:ae:3a:d4:8b:05:af:7b:0f:80:bf:75:32:
78:d8:d8:25:d7:50:21:c9:49:14:ae:9e:1e:5a:68:58:cc:29:
98:48:a9:aa:28:17:d7:ae:6f:ee:f2:84:b4:8c:90:10:47:84:
c9:88:8b:dc
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgICYnAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNTA1MjAx
NDEwNDFaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDk2OUY4OTA2Rjk2QUU4
M0MwNjdCODFCMjE3QUExMjc4RTQ4NjIyRDEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC+y59dlh2RmJxGWETTO7rFQKWYiVoeBJKtku2aol8Xt+FUk5OO
WKmYTNZyS+/8Pv/zl4FxoCPY3b9E6eDR0DWWYoPSDUtrxPKyRiJy44BgB2g8YpIN
a5bAiNoDieK5WGyY9KBWLCsSUqv/0XG+NsKKnfW5Bg48wjkbeyHfU99HNwDCQ4Hc
UWjlHk7aUwPBi3vxQ6p/h3sjuSH3bX1kzzIsuYJ39zrS3bIJtrQ6ll7+cH3/YGtj
g5P6zYfyWsLkqcyG99yOgu+P4sNsch+ce19MOg591pAwjeMmC6Ti4GRJoQEV0M6w
B7C9hdUiVY3BDhTRtlAIK/+5Se3G1rM1+x5RAgMBAAGjggI0MIICMDAdBgNVHQ4E
FgQUlp+JBvlq6DwGe4GyF6oSeOSGItEwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2xwLUpCdmxxNkR3R2U0
R3lGNm9TZU9TR0l0RS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwYgYIKwYBBQUHAQcBAf8EUzBRME8EAgABMEkD
BAIr7zADBAMr9gAwDAMEAiv2DAMEBCv2IDAMAwQCK/Y0AwQCK/ZgAwQCZyMwMAsD
AwJn7AMEA2fsEDAMAwQCZ+wcAwQCZ+xgMA0GCSqGSIb3DQEBCwUAA4IBAQCTBb+9
qx7X+rZWutTv6rBXneDIFpCa/3CGfYAd+cKMiAg5sFkgp5rig5DKeFhfZDLHuSps
4SQ/Wk8z8WYzdYsvgICzuR+pvA1u/yCXLUY1TyC5w6YNvxNJpoQ8vcfvgaP9A1dY
vZxdJmEE187pOLnPpeBoa0RKi09BnqgnNow/6uO7gaGfrfqSFT5qUzkdHoKzCnI8
iEgl9GZNCe4TXXhnJ61rfxKkrlJM3EJ1YtCTdGdRtsSmRIXT53U9vAdkyDQnjD5m
B56tS8sL4PyuOtSLBa97D4C/dTJ42Ngl11AhyUkUrp4eWmhYzCmYSKmqKBfXrm/u
8oS0jJAQR4TJiIvc
-----END CERTIFICATE-----
Generated at Sun Jun 22 07:39:05 2025 by rpki-client