Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/n5wah1dIbiNG_D4Slef_kgVJqyU.roa
File: n5wah1dIbiNG_D4Slef_kgVJqyU.roa (raw, json)
Hash identifier: 3NjBVs1OpxJhvNj8h0cq/c2pLcav4D18rWTvsEbm66g=
Subject key identifier: 9F:9C:1A:87:57:48:6E:23:46:FC:3E:12:95:E7:FF:92:05:49:AB:25
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 68F8
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/n5wah1dIbiNG_D4Slef_kgVJqyU.roa
Signing time: Sat 07 Jun 2025 00:11:55 +0000
ROA not before: Sat 07 Jun 2025 00:11:55 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 24426
IP address blocks: 43.239.48.0/22 maxlen: 22
43.246.0.0/22 maxlen: 22
43.246.4.0/22 maxlen: 22
43.246.12.0/22 maxlen: 22
43.246.16.0/22 maxlen: 22
43.246.20.0/22 maxlen: 22
43.246.24.0/22 maxlen: 22
43.246.28.0/22 maxlen: 22
43.246.32.0/22 maxlen: 22
43.246.36.0/22 maxlen: 22
43.246.40.0/22 maxlen: 22
43.246.44.0/22 maxlen: 22
43.246.52.0/22 maxlen: 22
43.246.56.0/22 maxlen: 22
43.246.60.0/22 maxlen: 22
43.246.64.0/22 maxlen: 22
43.246.68.0/22 maxlen: 22
43.246.72.0/22 maxlen: 22
43.246.76.0/22 maxlen: 22
43.246.80.0/22 maxlen: 22
43.246.84.0/22 maxlen: 22
43.246.88.0/22 maxlen: 22
43.246.92.0/22 maxlen: 22
43.246.96.0/22 maxlen: 22
103.35.48.0/22 maxlen: 22
103.236.0.0/22 maxlen: 22
103.236.4.0/22 maxlen: 22
103.236.8.0/22 maxlen: 22
103.236.12.0/22 maxlen: 22
103.236.16.0/22 maxlen: 22
103.236.20.0/22 maxlen: 22
103.236.28.0/22 maxlen: 22
103.236.32.0/22 maxlen: 22
103.236.36.0/22 maxlen: 22
103.236.40.0/22 maxlen: 22
103.236.44.0/22 maxlen: 22
103.236.48.0/22 maxlen: 22
103.236.52.0/22 maxlen: 22
103.236.56.0/22 maxlen: 22
103.236.60.0/22 maxlen: 22
103.236.64.0/22 maxlen: 22
103.236.68.0/22 maxlen: 22
103.236.72.0/22 maxlen: 22
103.236.76.0/22 maxlen: 22
103.236.80.0/22 maxlen: 22
103.236.84.0/22 maxlen: 22
103.236.88.0/22 maxlen: 22
103.236.92.0/22 maxlen: 22
103.236.96.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 26872 (0x68f8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Jun 7 00:11:55 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=9F9C1A8757486E2346FC3E1295E7FF920549AB25
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:ac:03:35:6a:15:e1:13:87:be:91:0a:10:bf:
8f:38:a0:0d:02:35:3f:d6:e3:a8:1a:c2:a4:01:f8:
42:3f:6b:65:41:97:e3:e1:65:e7:fa:f6:c3:85:46:
85:78:3f:69:d0:f1:0c:bf:37:22:28:d5:a3:32:2b:
4f:1c:75:2c:bc:3b:7c:6f:3f:94:a3:b5:3d:14:ee:
31:e0:8b:b8:76:81:49:01:b0:54:b9:17:a6:e1:68:
92:35:b1:2d:ec:79:62:d9:b5:2e:47:57:39:87:b0:
88:85:ca:6b:51:9b:b0:68:e2:1c:7f:3b:c4:0c:ae:
09:1a:68:bb:0c:4f:84:f3:a9:ee:0c:a3:14:8a:e5:
d4:96:4a:03:ec:c3:d3:6f:c2:d1:c7:15:32:5e:c7:
ff:64:ee:53:48:22:57:3c:30:88:12:e7:7f:0d:81:
2d:ae:e8:98:8d:cc:85:4b:ee:2e:fc:c2:45:ea:a5:
35:ad:4f:ca:7f:7b:00:a0:c8:a4:fa:44:2a:39:93:
29:90:61:7d:ee:09:82:46:c9:ba:ab:07:13:5a:71:
06:9a:d8:01:9e:c3:f1:7f:86:e6:b5:a3:9c:05:ff:
47:46:23:98:4f:15:ae:5b:d0:b3:a9:c0:ed:03:1e:
19:34:79:67:1e:fb:e1:72:f4:38:92:bf:85:4a:5a:
0b:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:9C:1A:87:57:48:6E:23:46:FC:3E:12:95:E7:FF:92:05:49:AB:25
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/n5wah1dIbiNG_D4Slef_kgVJqyU.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.48.0/22
43.246.0.0/21
43.246.12.0-43.246.47.255
43.246.52.0-43.246.99.255
103.35.48.0/22
103.236.0.0-103.236.23.255
103.236.28.0-103.236.99.255
Signature Algorithm: sha256WithRSAEncryption
19:ef:7a:10:a9:0e:aa:6e:bc:3d:bf:48:0a:d5:25:56:12:3f:
37:b4:d3:74:03:c0:27:d7:1f:c1:be:e9:29:f9:36:eb:4c:8f:
78:c2:1d:9b:17:24:bb:46:e0:32:14:02:16:3a:17:16:62:2e:
6d:78:95:71:48:14:71:3d:35:40:f8:ba:4c:55:1e:5f:d6:ec:
c7:2e:b6:9a:05:99:ea:e0:d1:34:b4:8d:a6:6d:e3:a2:46:00:
17:46:1c:36:4c:2f:c7:49:f1:4e:5c:b1:eb:cd:1c:90:c4:7d:
7e:0a:66:89:56:ab:c1:99:b0:19:dc:10:1b:ce:00:8b:89:2c:
eb:18:3e:0d:b5:92:36:28:90:10:69:dd:2d:bd:5d:51:4a:49:
1c:9a:a2:40:c9:2e:a4:26:e8:c0:b9:99:53:a4:aa:e6:a0:8f:
bb:de:2b:76:d1:2b:df:20:74:cd:8d:10:4d:0c:0f:56:08:99:
e4:8d:73:33:60:90:be:12:81:91:14:fd:ad:80:08:c5:0c:31:
81:6a:61:66:6e:3b:b6:28:6c:cf:48:24:62:db:a7:0e:1b:71:
4f:3f:f1:16:0c:95:9d:7d:05:ce:9f:24:14:ae:48:2a:d2:69:
3f:61:8c:af:e2:74:19:69:4b:07:82:07:27:fa:3e:cf:fe:08:
6b:3f:19:e0
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgICaPgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNTA2MDcw
MDExNTVaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDlGOUMxQTg3NTc0ODZF
MjM0NkZDM0UxMjk1RTdGRjkyMDU0OUFCMjUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCwrAM1ahXhE4e+kQoQv484oA0CNT/W46gawqQB+EI/a2VBl+Ph
Zef69sOFRoV4P2nQ8Qy/NyIo1aMyK08cdSy8O3xvP5SjtT0U7jHgi7h2gUkBsFS5
F6bhaJI1sS3seWLZtS5HVzmHsIiFymtRm7Bo4hx/O8QMrgkaaLsMT4Tzqe4MoxSK
5dSWSgPsw9NvwtHHFTJex/9k7lNIIlc8MIgS538NgS2u6JiNzIVL7i78wkXqpTWt
T8p/ewCgyKT6RCo5kymQYX3uCYJGybqrBxNacQaa2AGew/F/hua1o5wF/0dGI5hP
Fa5b0LOpwO0DHhk0eWce++Fy9DiSv4VKWgu7AgMBAAGjggI0MIICMDAdBgNVHQ4E
FgQUn5wah1dIbiNG/D4Slef/kgVJqyUwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L241d2FoMWRJYmlOR19E
NFNsZWZfa2dWSnF5VS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwYgYIKwYBBQUHAQcBAf8EUzBRME8EAgABMEkD
BAIr7zADBAMr9gAwDAMEAiv2DAMEBCv2IDAMAwQCK/Y0AwQCK/ZgAwQCZyMwMAsD
AwJn7AMEA2fsEDAMAwQCZ+wcAwQCZ+xgMA0GCSqGSIb3DQEBCwUAA4IBAQAZ73oQ
qQ6qbrw9v0gK1SVWEj83tNN0A8An1x/Bvukp+TbrTI94wh2bFyS7RuAyFAIWOhcW
Yi5teJVxSBRxPTVA+LpMVR5f1uzHLraaBZnq4NE0tI2mbeOiRgAXRhw2TC/HSfFO
XLHrzRyQxH1+CmaJVqvBmbAZ3BAbzgCLiSzrGD4NtZI2KJAQad0tvV1RSkkcmqJA
yS6kJujAuZlTpKrmoI+73it20SvfIHTNjRBNDA9WCJnkjXMzYJC+EoGRFP2tgAjF
DDGBamFmbju2KGzPSCRi26cOG3FPP/EWDJWdfQXOnyQUrkgq0mk/YYyv4nQZaUsH
ggcn+j7P/ghrPxng
-----END CERTIFICATE-----
Generated at Sun Jun 22 03:56:28 2025 by rpki-client