Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/wUh0jmy1t13uEzfmZhVwHmhal8w.roa
File: wUh0jmy1t13uEzfmZhVwHmhal8w.roa (raw, json)
Hash identifier: uZxe2nCWCYN9RyGeIlrrdqRsgXxvkA3yaWKCNfT+ZQc=
Subject key identifier: C1:48:74:8E:6C:B5:B7:5D:EE:13:37:E6:66:15:70:1E:68:5A:97:CC
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 616C
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/wUh0jmy1t13uEzfmZhVwHmhal8w.roa
Signing time: Sat 17 May 2025 21:10:32 +0000
ROA not before: Sat 17 May 2025 21:10:32 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 24426
IP address blocks: 43.239.48.0/22 maxlen: 22
43.246.0.0/22 maxlen: 22
43.246.4.0/22 maxlen: 22
43.246.12.0/22 maxlen: 22
43.246.16.0/22 maxlen: 22
43.246.20.0/22 maxlen: 22
43.246.24.0/22 maxlen: 22
43.246.28.0/22 maxlen: 22
43.246.32.0/22 maxlen: 22
43.246.36.0/22 maxlen: 22
43.246.40.0/22 maxlen: 22
43.246.44.0/22 maxlen: 22
43.246.52.0/22 maxlen: 22
43.246.56.0/22 maxlen: 22
43.246.60.0/22 maxlen: 22
43.246.64.0/22 maxlen: 22
43.246.68.0/22 maxlen: 22
43.246.72.0/22 maxlen: 22
43.246.76.0/22 maxlen: 22
43.246.80.0/22 maxlen: 22
43.246.84.0/22 maxlen: 22
43.246.88.0/22 maxlen: 22
43.246.92.0/22 maxlen: 22
43.246.96.0/22 maxlen: 22
103.35.48.0/22 maxlen: 22
103.236.0.0/22 maxlen: 22
103.236.4.0/22 maxlen: 22
103.236.8.0/22 maxlen: 22
103.236.12.0/22 maxlen: 22
103.236.16.0/22 maxlen: 22
103.236.20.0/22 maxlen: 22
103.236.28.0/22 maxlen: 22
103.236.32.0/22 maxlen: 22
103.236.36.0/22 maxlen: 22
103.236.40.0/22 maxlen: 22
103.236.44.0/22 maxlen: 22
103.236.48.0/22 maxlen: 22
103.236.52.0/22 maxlen: 22
103.236.56.0/22 maxlen: 22
103.236.60.0/22 maxlen: 22
103.236.64.0/22 maxlen: 22
103.236.68.0/22 maxlen: 22
103.236.72.0/22 maxlen: 22
103.236.76.0/22 maxlen: 22
103.236.80.0/22 maxlen: 22
103.236.84.0/22 maxlen: 22
103.236.88.0/22 maxlen: 22
103.236.92.0/22 maxlen: 22
103.236.96.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 24940 (0x616c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 17 21:10:32 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=C148748E6CB5B75DEE1337E66615701E685A97CC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:f4:5c:f9:77:e7:fa:b9:76:f4:e2:79:1d:cf:
d6:43:26:cc:0f:3b:97:37:d5:8c:89:3e:93:0d:97:
fc:42:42:27:48:ed:d3:bf:98:66:83:f1:b2:f5:55:
53:da:88:c1:50:99:4c:47:75:7f:40:20:95:8e:c3:
b0:f8:ba:f1:ab:05:5a:10:66:8a:10:17:ef:9c:ca:
56:ff:ca:ca:1d:00:60:af:ec:4f:34:a1:c4:fa:33:
67:fd:dd:12:6e:1a:43:74:0f:60:07:53:83:84:89:
8e:12:6f:d3:3c:c6:0b:f8:67:ec:76:49:db:69:05:
ac:87:09:da:09:28:8d:8e:f0:95:7e:39:9b:f9:ca:
45:27:c0:8f:8a:be:bc:ba:9a:58:b4:4b:69:35:58:
59:2d:4c:95:ed:dc:86:9d:ef:4b:22:d4:3f:af:43:
9e:51:79:4b:5b:19:27:a1:e7:5b:ae:7f:b1:0a:d5:
f9:be:5c:af:e1:24:3f:e3:b6:52:e2:cb:f5:95:ca:
89:57:15:de:2a:08:68:cd:38:7d:86:6b:1d:80:b4:
88:a5:f8:e6:bd:d4:25:81:b9:b8:5a:f4:e0:c9:b9:
e1:b8:c4:94:d8:04:95:52:ae:13:8f:c3:8e:55:10:
08:31:5b:ee:f5:07:02:91:ff:0d:c1:60:43:d2:5e:
af:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:48:74:8E:6C:B5:B7:5D:EE:13:37:E6:66:15:70:1E:68:5A:97:CC
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/wUh0jmy1t13uEzfmZhVwHmhal8w.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.48.0/22
43.246.0.0/21
43.246.12.0-43.246.47.255
43.246.52.0-43.246.99.255
103.35.48.0/22
103.236.0.0-103.236.23.255
103.236.28.0-103.236.99.255
Signature Algorithm: sha256WithRSAEncryption
4f:b0:36:ad:7d:48:82:44:9c:08:79:7b:ca:5e:d4:60:0c:51:
ca:68:de:5e:ee:44:10:0b:b5:d6:3c:62:9f:5e:98:4e:a1:b4:
b4:93:2a:f8:33:9d:ca:a4:e2:dd:1d:91:b5:e8:16:27:87:ef:
fb:c6:73:1e:97:f8:4e:01:cc:c7:8e:b5:68:c4:92:a2:e2:43:
1a:fa:50:d5:c1:52:0a:df:71:21:34:98:17:e0:cd:6c:bf:e0:
66:7c:86:11:14:2a:d4:4c:1d:7e:75:dd:0d:d6:bd:77:6a:ff:
61:cd:bf:75:c7:bf:13:be:50:d7:77:df:36:ba:02:8e:0d:4d:
77:79:a9:eb:8d:d5:0a:5b:bb:47:27:4c:bb:0a:8f:34:cc:7e:
06:d7:75:a6:c0:4e:a3:62:ec:b2:94:df:c0:58:33:b5:22:96:
a6:99:61:33:f4:57:4d:49:96:eb:83:64:f1:db:99:f1:c0:61:
23:03:1f:b2:15:d0:10:53:57:5f:c0:fa:a3:5a:18:5e:7d:b7:
05:2c:c5:25:da:8b:73:a9:2a:be:45:f7:b7:a0:ae:8d:e9:95:
c5:b0:2d:48:ab:ed:5d:19:a2:fb:75:9f:36:fe:ea:b3:98:03:
22:84:f7:63:c4:b0:7f:48:cc:4e:17:30:6b:bd:48:5c:2c:6b:
55:03:21:17
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgICYWwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNTA1MTcy
MTEwMzJaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKEMxNDg3NDhFNkNCNUI3
NURFRTEzMzdFNjY2MTU3MDFFNjg1QTk3Q0MwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC19Fz5d+f6uXb04nkdz9ZDJswPO5c31YyJPpMNl/xCQidI7dO/
mGaD8bL1VVPaiMFQmUxHdX9AIJWOw7D4uvGrBVoQZooQF++cylb/ysodAGCv7E80
ocT6M2f93RJuGkN0D2AHU4OEiY4Sb9M8xgv4Z+x2SdtpBayHCdoJKI2O8JV+OZv5
ykUnwI+Kvry6mli0S2k1WFktTJXt3Iad70si1D+vQ55ReUtbGSeh51uuf7EK1fm+
XK/hJD/jtlLiy/WVyolXFd4qCGjNOH2Gax2AtIil+Oa91CWBubha9ODJueG4xJTY
BJVSrhOPw45VEAgxW+71BwKR/w3BYEPSXq+DAgMBAAGjggI0MIICMDAdBgNVHQ4E
FgQUwUh0jmy1t13uEzfmZhVwHmhal8wwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3dVaDBqbXkxdDEzdUV6
Zm1aaFZ3SG1oYWw4dy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwYgYIKwYBBQUHAQcBAf8EUzBRME8EAgABMEkD
BAIr7zADBAMr9gAwDAMEAiv2DAMEBCv2IDAMAwQCK/Y0AwQCK/ZgAwQCZyMwMAsD
AwJn7AMEA2fsEDAMAwQCZ+wcAwQCZ+xgMA0GCSqGSIb3DQEBCwUAA4IBAQBPsDat
fUiCRJwIeXvKXtRgDFHKaN5e7kQQC7XWPGKfXphOobS0kyr4M53KpOLdHZG16BYn
h+/7xnMel/hOAczHjrVoxJKi4kMa+lDVwVIK33EhNJgX4M1sv+BmfIYRFCrUTB1+
dd0N1r13av9hzb91x78TvlDXd982ugKODU13eanrjdUKW7tHJ0y7Co80zH4G13Wm
wE6jYuyylN/AWDO1IpammWEz9FdNSZbrg2Tx25nxwGEjAx+yFdAQU1dfwPqjWhhe
fbcFLMUl2otzqSq+Rfe3oK6N6ZXFsC1Iq+1dGaL7dZ82/uqzmAMihPdjxLB/SMxO
FzBrvUhcLGtVAyEX
-----END CERTIFICATE-----
Generated at Sun Jun 22 01:09:56 2025 by rpki-client