Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/n0E_zhv96QLkVw8gfEPl8FwrzFs.roa
File: n0E_zhv96QLkVw8gfEPl8FwrzFs.roa (raw, json)
Hash identifier: KSitlKsMV3DV96Twt/TSy6PgnM9IEivFlfO4YLmfE44=
Subject key identifier: 9F:41:3F:CE:1B:FD:E9:02:E4:57:0F:20:7C:43:E5:F0:5C:2B:CC:5B
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 6846
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/n0E_zhv96QLkVw8gfEPl8FwrzFs.roa
Signing time: Thu 05 Jun 2025 03:43:23 +0000
ROA not before: Thu 05 Jun 2025 03:43:23 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 24426
IP address blocks: 43.239.48.0/22 maxlen: 22
43.246.0.0/22 maxlen: 22
43.246.4.0/22 maxlen: 22
43.246.12.0/22 maxlen: 22
43.246.16.0/22 maxlen: 22
43.246.20.0/22 maxlen: 22
43.246.24.0/22 maxlen: 22
43.246.28.0/22 maxlen: 22
43.246.32.0/22 maxlen: 22
43.246.36.0/22 maxlen: 22
43.246.40.0/22 maxlen: 22
43.246.44.0/22 maxlen: 22
43.246.52.0/22 maxlen: 22
43.246.56.0/22 maxlen: 22
43.246.60.0/22 maxlen: 22
43.246.64.0/22 maxlen: 22
43.246.68.0/22 maxlen: 22
43.246.72.0/22 maxlen: 22
43.246.76.0/22 maxlen: 22
43.246.80.0/22 maxlen: 22
43.246.84.0/22 maxlen: 22
43.246.88.0/22 maxlen: 22
43.246.92.0/22 maxlen: 22
43.246.96.0/22 maxlen: 22
103.35.48.0/22 maxlen: 22
103.236.0.0/22 maxlen: 22
103.236.4.0/22 maxlen: 22
103.236.8.0/22 maxlen: 22
103.236.12.0/22 maxlen: 22
103.236.16.0/22 maxlen: 22
103.236.20.0/22 maxlen: 22
103.236.28.0/22 maxlen: 22
103.236.32.0/22 maxlen: 22
103.236.36.0/22 maxlen: 22
103.236.40.0/22 maxlen: 22
103.236.44.0/22 maxlen: 22
103.236.48.0/22 maxlen: 22
103.236.52.0/22 maxlen: 22
103.236.56.0/22 maxlen: 22
103.236.60.0/22 maxlen: 22
103.236.64.0/22 maxlen: 22
103.236.68.0/22 maxlen: 22
103.236.72.0/22 maxlen: 22
103.236.76.0/22 maxlen: 22
103.236.80.0/22 maxlen: 22
103.236.84.0/22 maxlen: 22
103.236.88.0/22 maxlen: 22
103.236.92.0/22 maxlen: 22
103.236.96.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 26694 (0x6846)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Jun 5 03:43:23 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=9F413FCE1BFDE902E4570F207C43E5F05C2BCC5B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:a3:c8:ec:da:68:d0:73:dc:e6:84:6d:6f:05:
b3:cd:a3:19:5d:8b:68:17:7c:16:18:1d:84:17:85:
f8:41:a5:51:8e:36:4c:44:cd:b2:7b:a8:dd:6d:3d:
f4:c7:7b:7c:4c:76:cc:9d:da:bd:a6:68:ef:20:1b:
27:c2:12:7c:d8:30:5a:d5:af:1f:64:27:7a:11:40:
b2:2d:3e:b3:40:f9:a3:6e:30:f0:33:e8:6c:9a:ba:
99:cf:e2:94:54:d7:b8:e3:e6:7a:74:7f:52:32:0b:
dd:f8:8d:44:0f:59:89:35:e7:62:8d:d1:ba:b4:50:
d5:73:4a:a1:51:81:d9:00:78:4d:25:6f:e6:72:bd:
47:3d:0b:b3:90:3b:9e:be:45:68:2e:88:3c:01:9b:
d8:6f:7e:5a:f2:05:17:14:52:a5:38:8f:a7:e0:c2:
50:ee:d5:d8:44:c4:95:00:34:43:2c:9e:88:3a:f2:
f0:bb:31:9e:49:40:93:df:de:37:6a:5d:c4:c0:97:
de:a9:9f:23:c0:cf:65:70:80:2e:5b:4a:55:12:41:
50:3c:71:94:2f:50:d6:b6:a3:24:ac:7f:7f:b1:d1:
ff:91:60:b8:5a:14:90:5d:b2:e6:f5:4e:6b:d7:df:
fd:16:b7:61:45:e2:ba:30:9a:41:5d:41:c7:98:51:
9e:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:41:3F:CE:1B:FD:E9:02:E4:57:0F:20:7C:43:E5:F0:5C:2B:CC:5B
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/n0E_zhv96QLkVw8gfEPl8FwrzFs.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.48.0/22
43.246.0.0/21
43.246.12.0-43.246.47.255
43.246.52.0-43.246.99.255
103.35.48.0/22
103.236.0.0-103.236.23.255
103.236.28.0-103.236.99.255
Signature Algorithm: sha256WithRSAEncryption
95:a7:f8:5e:95:6e:82:17:e4:ed:f5:a5:86:94:a1:df:fe:e4:
2c:8e:5d:1b:7d:de:7d:9e:01:79:77:74:dd:fc:d7:7f:2a:06:
34:a4:fb:31:ea:3e:ea:74:fc:32:e9:af:a8:90:e6:af:7f:36:
76:3c:66:db:9d:a8:d4:76:aa:c0:1d:95:bf:25:a8:5c:bf:82:
c6:97:14:9d:16:be:22:bc:23:39:64:ee:e4:5f:ea:9f:1c:f0:
b5:73:70:7c:7f:1f:89:f2:b8:a9:85:0c:78:66:8e:19:f0:a5:
e4:83:64:91:50:4f:0a:81:78:ce:a5:ed:da:9d:ab:f0:f4:cc:
d7:a4:ef:16:94:17:f2:0e:8a:ae:51:7b:fb:96:3e:59:60:c2:
c5:68:db:98:f3:aa:46:54:66:83:07:37:7e:25:86:d7:64:84:
1d:a3:96:c5:fd:d8:d1:38:dc:af:dd:a9:7e:93:06:c0:52:49:
a3:0e:0c:f0:8f:55:d5:5b:45:93:af:c5:3d:c5:27:7c:f8:38:
d9:60:2e:bc:f0:40:37:b1:34:9f:5b:8e:fe:65:77:c4:8b:7a:
5d:66:75:2e:40:52:6c:d3:bf:d1:48:24:41:69:88:92:fa:09:
9d:06:85:91:92:d6:09:3e:ad:3f:6b:43:0f:f8:4a:58:64:29:
71:9f:da:f8
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgICaEYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNTA2MDUw
MzQzMjNaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDlGNDEzRkNFMUJGREU5
MDJFNDU3MEYyMDdDNDNFNUYwNUMyQkNDNUIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDMo8js2mjQc9zmhG1vBbPNoxldi2gXfBYYHYQXhfhBpVGONkxE
zbJ7qN1tPfTHe3xMdsyd2r2maO8gGyfCEnzYMFrVrx9kJ3oRQLItPrNA+aNuMPAz
6GyaupnP4pRU17jj5np0f1IyC934jUQPWYk152KN0bq0UNVzSqFRgdkAeE0lb+Zy
vUc9C7OQO56+RWguiDwBm9hvflryBRcUUqU4j6fgwlDu1dhExJUANEMsnog68vC7
MZ5JQJPf3jdqXcTAl96pnyPAz2VwgC5bSlUSQVA8cZQvUNa2oySsf3+x0f+RYLha
FJBdsub1TmvX3/0Wt2FF4rowmkFdQceYUZ6XAgMBAAGjggI0MIICMDAdBgNVHQ4E
FgQUn0E/zhv96QLkVw8gfEPl8FwrzFswHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L24wRV96aHY5NlFMa1Z3
OGdmRVBsOEZ3cnpGcy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwYgYIKwYBBQUHAQcBAf8EUzBRME8EAgABMEkD
BAIr7zADBAMr9gAwDAMEAiv2DAMEBCv2IDAMAwQCK/Y0AwQCK/ZgAwQCZyMwMAsD
AwJn7AMEA2fsEDAMAwQCZ+wcAwQCZ+xgMA0GCSqGSIb3DQEBCwUAA4IBAQCVp/he
lW6CF+Tt9aWGlKHf/uQsjl0bfd59ngF5d3Td/Nd/KgY0pPsx6j7qdPwy6a+okOav
fzZ2PGbbnajUdqrAHZW/Jahcv4LGlxSdFr4ivCM5ZO7kX+qfHPC1c3B8fx+J8rip
hQx4Zo4Z8KXkg2SRUE8KgXjOpe3anavw9MzXpO8WlBfyDoquUXv7lj5ZYMLFaNuY
86pGVGaDBzd+JYbXZIQdo5bF/djRONyv3al+kwbAUkmjDgzwj1XVW0WTr8U9xSd8
+DjZYC688EA3sTSfW47+ZXfEi3pdZnUuQFJs07/RSCRBaYiS+gmdBoWRktYJPq0/
a0MP+EpYZClxn9r4
-----END CERTIFICATE-----
Generated at Sat Jun 21 13:38:21 2025 by rpki-client