Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/pJkIsaavlmFwNrmJK4zHxgXxc24.roa
File: pJkIsaavlmFwNrmJK4zHxgXxc24.roa (raw, json)
Hash identifier: djjGrhSsEnydnFezYmRrxdLN/qElEsx6HbrqejHzn/8=
Subject key identifier: A4:99:08:B1:A6:AF:96:61:70:36:B9:89:2B:8C:C7:C6:05:F1:73:6E
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 6B8A
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/pJkIsaavlmFwNrmJK4zHxgXxc24.roa
Signing time: Fri 13 Jun 2025 20:42:22 +0000
ROA not before: Fri 13 Jun 2025 20:42:22 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 24426
IP address blocks: 43.239.48.0/22 maxlen: 22
43.246.0.0/22 maxlen: 22
43.246.4.0/22 maxlen: 22
43.246.12.0/22 maxlen: 22
43.246.16.0/22 maxlen: 22
43.246.20.0/22 maxlen: 22
43.246.24.0/22 maxlen: 22
43.246.28.0/22 maxlen: 22
43.246.32.0/22 maxlen: 22
43.246.36.0/22 maxlen: 22
43.246.40.0/22 maxlen: 22
43.246.44.0/22 maxlen: 22
43.246.52.0/22 maxlen: 22
43.246.56.0/22 maxlen: 22
43.246.60.0/22 maxlen: 22
43.246.64.0/22 maxlen: 22
43.246.68.0/22 maxlen: 22
43.246.72.0/22 maxlen: 22
43.246.76.0/22 maxlen: 22
43.246.80.0/22 maxlen: 22
43.246.84.0/22 maxlen: 22
43.246.88.0/22 maxlen: 22
43.246.92.0/22 maxlen: 22
43.246.96.0/22 maxlen: 22
103.35.48.0/22 maxlen: 22
103.236.0.0/22 maxlen: 22
103.236.4.0/22 maxlen: 22
103.236.8.0/22 maxlen: 22
103.236.12.0/22 maxlen: 22
103.236.16.0/22 maxlen: 22
103.236.20.0/22 maxlen: 22
103.236.28.0/22 maxlen: 22
103.236.32.0/22 maxlen: 22
103.236.36.0/22 maxlen: 22
103.236.40.0/22 maxlen: 22
103.236.44.0/22 maxlen: 22
103.236.48.0/22 maxlen: 22
103.236.52.0/22 maxlen: 22
103.236.56.0/22 maxlen: 22
103.236.60.0/22 maxlen: 22
103.236.64.0/22 maxlen: 22
103.236.68.0/22 maxlen: 22
103.236.72.0/22 maxlen: 22
103.236.76.0/22 maxlen: 22
103.236.80.0/22 maxlen: 22
103.236.84.0/22 maxlen: 22
103.236.88.0/22 maxlen: 22
103.236.92.0/22 maxlen: 22
103.236.96.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 27530 (0x6b8a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Jun 13 20:42:22 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=A49908B1A6AF96617036B9892B8CC7C605F1736E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:44:ff:ea:ca:ab:a5:03:29:14:40:28:30:98:
64:5f:c0:4f:9e:e2:ca:50:24:ab:bd:dc:93:59:5a:
64:71:0a:41:f0:d3:7a:a4:cf:ca:f1:62:19:ce:40:
71:b0:96:32:ed:93:be:ec:48:1e:1a:27:80:09:cd:
87:8f:15:18:7e:58:bc:c3:9c:1e:d1:9d:7b:e6:76:
50:24:4b:f2:13:38:8d:3a:12:43:92:f8:ad:f6:a0:
6f:06:45:a2:d4:87:bd:d7:ef:dc:f1:3e:b4:18:fe:
2d:21:c8:10:d9:f7:61:97:0e:5a:f0:a3:ac:08:58:
b0:18:fa:de:05:97:51:14:aa:10:2a:b4:24:4c:65:
4c:bc:74:97:79:cc:58:40:dd:51:b7:1b:33:aa:9c:
3d:ca:11:a0:9a:ea:6c:5f:d3:be:f5:4b:23:4b:de:
ab:d9:ec:33:31:fe:f3:d1:fb:90:4e:b2:12:8c:f3:
4f:4f:3c:f7:51:da:1c:c9:b9:9d:70:47:82:cd:b6:
30:58:d3:19:ab:76:53:b2:13:4e:40:56:f6:c3:ca:
3f:51:b6:aa:60:b9:67:43:9e:be:89:c6:1d:2b:ae:
d0:b1:66:5e:41:ef:ba:58:cb:42:14:07:cc:07:13:
e3:6d:57:60:46:a1:1c:f5:14:60:b6:c8:2d:5c:14:
78:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:99:08:B1:A6:AF:96:61:70:36:B9:89:2B:8C:C7:C6:05:F1:73:6E
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/pJkIsaavlmFwNrmJK4zHxgXxc24.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.48.0/22
43.246.0.0/21
43.246.12.0-43.246.47.255
43.246.52.0-43.246.99.255
103.35.48.0/22
103.236.0.0-103.236.23.255
103.236.28.0-103.236.99.255
Signature Algorithm: sha256WithRSAEncryption
a8:27:93:22:c5:18:dc:a7:46:84:00:0b:77:86:1d:3e:de:b2:
08:68:18:37:be:93:53:e1:c5:26:12:fc:eb:cc:c9:f8:32:d4:
c9:d1:88:0a:ac:df:9e:c3:14:83:bb:44:2d:0b:2f:92:eb:2c:
53:d7:75:80:f6:f4:70:98:57:2d:ff:cf:6f:99:22:81:ef:fd:
8b:2a:04:09:6e:9f:75:f4:1f:de:2f:0b:1e:fe:9b:cb:dd:00:
b1:f1:b4:0a:6d:9e:b8:ef:ef:78:84:53:d4:1d:53:a6:c8:7d:
a6:09:d6:79:13:27:17:bd:8f:30:46:a4:f4:fe:62:4c:ef:eb:
0e:cb:65:c3:f7:31:c9:a8:ad:98:db:18:97:2b:88:a9:10:53:
0c:0e:e2:0e:f6:d6:cb:56:f1:82:79:b3:01:91:e9:6d:6e:d2:
94:fa:c8:02:75:24:f7:53:7a:3d:1e:82:72:22:17:71:76:e2:
97:54:f5:95:7e:fa:e4:93:da:ed:c2:79:20:65:df:3f:51:52:
15:8f:94:67:44:24:01:fc:8a:5c:a9:1c:91:11:bf:a8:4a:b7:
92:75:3b:60:b3:eb:7a:5d:3c:e6:ec:2c:fd:fe:0e:70:61:03:
e8:58:bc:d8:69:2e:8f:76:ba:1d:84:0b:fd:30:ec:51:ad:c0:
d8:58:84:86
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgICa4owDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNTA2MTMy
MDQyMjJaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKEE0OTkwOEIxQTZBRjk2
NjE3MDM2Qjk4OTJCOENDN0M2MDVGMTczNkUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCxRP/qyqulAykUQCgwmGRfwE+e4spQJKu93JNZWmRxCkHw03qk
z8rxYhnOQHGwljLtk77sSB4aJ4AJzYePFRh+WLzDnB7RnXvmdlAkS/ITOI06EkOS
+K32oG8GRaLUh73X79zxPrQY/i0hyBDZ92GXDlrwo6wIWLAY+t4Fl1EUqhAqtCRM
ZUy8dJd5zFhA3VG3GzOqnD3KEaCa6mxf0771SyNL3qvZ7DMx/vPR+5BOshKM809P
PPdR2hzJuZ1wR4LNtjBY0xmrdlOyE05AVvbDyj9RtqpguWdDnr6Jxh0rrtCxZl5B
77pYy0IUB8wHE+NtV2BGoRz1FGC2yC1cFHgJAgMBAAGjggI0MIICMDAdBgNVHQ4E
FgQUpJkIsaavlmFwNrmJK4zHxgXxc24wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3BKa0lzYWF2bG1Gd05y
bUpLNHpIeGdYeGMyNC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwYgYIKwYBBQUHAQcBAf8EUzBRME8EAgABMEkD
BAIr7zADBAMr9gAwDAMEAiv2DAMEBCv2IDAMAwQCK/Y0AwQCK/ZgAwQCZyMwMAsD
AwJn7AMEA2fsEDAMAwQCZ+wcAwQCZ+xgMA0GCSqGSIb3DQEBCwUAA4IBAQCoJ5Mi
xRjcp0aEAAt3hh0+3rIIaBg3vpNT4cUmEvzrzMn4MtTJ0YgKrN+ewxSDu0QtCy+S
6yxT13WA9vRwmFct/89vmSKB7/2LKgQJbp919B/eLwse/pvL3QCx8bQKbZ647+94
hFPUHVOmyH2mCdZ5EycXvY8wRqT0/mJM7+sOy2XD9zHJqK2Y2xiXK4ipEFMMDuIO
9tbLVvGCebMBkeltbtKU+sgCdST3U3o9HoJyIhdxduKXVPWVfvrkk9rtwnkgZd8/
UVIVj5RnRCQB/IpcqRyREb+oSreSdTtgs+t6XTzm7Cz9/g5wYQPoWLzYaS6Pdrod
hAv9MOxRrcDYWISG
-----END CERTIFICATE-----
Generated at Sun Jun 15 09:26:37 2025 by rpki-client