Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/xGXV_Ae9iJBNexfXJBSZBKi8OgQ.roa
File: xGXV_Ae9iJBNexfXJBSZBKi8OgQ.roa (raw, json)
Hash identifier: uqJv0vCqa1N5ZA3GuBDEf0xunaDZGBdfW6aoc2vPJ0M=
Subject key identifier: C4:65:D5:FC:07:BD:88:90:4D:7B:17:D7:24:14:99:04:A8:BC:3A:04
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 6B92
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/xGXV_Ae9iJBNexfXJBSZBKi8OgQ.roa
Signing time: Fri 13 Jun 2025 22:42:26 +0000
ROA not before: Fri 13 Jun 2025 22:42:26 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 24426
IP address blocks: 43.239.48.0/22 maxlen: 22
43.246.0.0/22 maxlen: 22
43.246.4.0/22 maxlen: 22
43.246.12.0/22 maxlen: 22
43.246.16.0/22 maxlen: 22
43.246.20.0/22 maxlen: 22
43.246.24.0/22 maxlen: 22
43.246.28.0/22 maxlen: 22
43.246.32.0/22 maxlen: 22
43.246.36.0/22 maxlen: 22
43.246.40.0/22 maxlen: 22
43.246.44.0/22 maxlen: 22
43.246.52.0/22 maxlen: 22
43.246.56.0/22 maxlen: 22
43.246.60.0/22 maxlen: 22
43.246.64.0/22 maxlen: 22
43.246.68.0/22 maxlen: 22
43.246.72.0/22 maxlen: 22
43.246.76.0/22 maxlen: 22
43.246.80.0/22 maxlen: 22
43.246.84.0/22 maxlen: 22
43.246.88.0/22 maxlen: 22
43.246.92.0/22 maxlen: 22
43.246.96.0/22 maxlen: 22
103.35.48.0/22 maxlen: 22
103.236.0.0/22 maxlen: 22
103.236.4.0/22 maxlen: 22
103.236.8.0/22 maxlen: 22
103.236.12.0/22 maxlen: 22
103.236.16.0/22 maxlen: 22
103.236.20.0/22 maxlen: 22
103.236.28.0/22 maxlen: 22
103.236.32.0/22 maxlen: 22
103.236.36.0/22 maxlen: 22
103.236.40.0/22 maxlen: 22
103.236.44.0/22 maxlen: 22
103.236.48.0/22 maxlen: 22
103.236.52.0/22 maxlen: 22
103.236.56.0/22 maxlen: 22
103.236.60.0/22 maxlen: 22
103.236.64.0/22 maxlen: 22
103.236.68.0/22 maxlen: 22
103.236.72.0/22 maxlen: 22
103.236.76.0/22 maxlen: 22
103.236.80.0/22 maxlen: 22
103.236.84.0/22 maxlen: 22
103.236.88.0/22 maxlen: 22
103.236.92.0/22 maxlen: 22
103.236.96.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 27538 (0x6b92)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Jun 13 22:42:26 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=C465D5FC07BD88904D7B17D724149904A8BC3A04
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:87:0f:94:d7:e0:e9:41:ad:22:d4:05:4f:5d:
84:14:0c:cf:7a:18:bd:ba:4e:ff:dc:2a:19:d3:af:
9f:1c:3c:2d:79:a3:51:55:70:d1:00:b9:38:19:35:
d0:ce:96:f5:a1:4d:2f:68:f6:5b:66:14:a9:97:0b:
c5:57:45:9b:61:f3:de:cf:71:2f:0f:10:c7:94:b5:
30:4b:a5:58:29:65:eb:d4:5e:45:56:e6:01:28:b2:
55:a8:88:9f:a9:55:d8:c3:21:ee:f7:2e:db:ed:d1:
3e:8b:3c:8c:1b:1b:28:d8:26:fb:80:f9:a6:28:48:
a9:2b:41:6f:14:01:7a:6b:73:2b:f2:0b:02:d5:96:
47:66:4c:d7:72:c0:37:0a:c7:b4:30:9a:2c:ca:5c:
98:04:bf:14:6d:e4:4f:e4:93:9c:2f:03:af:ab:e0:
74:b5:24:03:84:82:f3:b3:d0:86:98:c5:aa:e5:d6:
85:87:b0:0c:0a:79:24:6b:37:9e:92:8d:e5:9c:67:
4f:aa:b4:46:62:3a:b6:0a:60:1a:81:c1:1b:47:d6:
db:52:cb:be:5f:b6:78:49:5f:e2:1a:3c:d0:0d:44:
e5:36:3b:74:bf:3c:df:da:f3:68:cd:65:0c:e5:f9:
f1:c5:f2:1e:10:11:65:5e:aa:5f:21:92:c2:aa:14:
2f:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:65:D5:FC:07:BD:88:90:4D:7B:17:D7:24:14:99:04:A8:BC:3A:04
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/xGXV_Ae9iJBNexfXJBSZBKi8OgQ.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.48.0/22
43.246.0.0/21
43.246.12.0-43.246.47.255
43.246.52.0-43.246.99.255
103.35.48.0/22
103.236.0.0-103.236.23.255
103.236.28.0-103.236.99.255
Signature Algorithm: sha256WithRSAEncryption
6e:0b:e0:7d:20:8b:dc:2e:0e:8b:e2:9c:43:41:83:61:2a:27:
b2:7f:86:db:ff:e0:8a:e3:f5:e7:90:a5:8f:09:d4:18:3b:92:
3b:91:4c:da:57:a5:cb:86:a6:ee:47:a1:a1:ff:d7:90:9a:e6:
ac:5c:c0:95:12:1b:fa:cb:63:7a:c3:2e:fe:8c:59:27:b4:6d:
79:eb:22:3e:dd:47:5d:90:2f:c5:19:69:e4:07:5d:0b:74:f5:
63:9d:9a:06:fb:cd:fd:d5:e7:a5:32:1e:76:83:aa:85:1e:7f:
a5:7c:c5:27:ef:20:63:c0:17:43:be:89:ae:e4:1d:59:77:1e:
3e:fb:1b:a4:d9:32:30:be:d2:f3:f8:ba:4b:56:62:04:14:b1:
d5:c9:58:4f:82:48:ea:44:b5:62:84:5c:77:81:dc:ba:e2:d2:
5f:14:ec:4d:2e:de:22:e8:a9:fb:f3:16:bd:b8:70:a3:50:10:
bf:ec:78:51:49:4c:69:25:79:f4:7b:8a:0b:87:5c:cc:47:d2:
08:e2:cd:f8:2e:b2:dc:75:ba:5c:c3:f3:2f:41:36:a5:a7:dd:
98:c0:ab:e8:07:c6:20:85:e8:22:08:04:f3:49:75:56:e0:23:
4d:af:e8:ce:0c:18:3f:af:16:53:9d:f3:f6:da:7b:d3:01:0c:
39:cb:33:6e
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgICa5IwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNTA2MTMy
MjQyMjZaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKEM0NjVENUZDMDdCRDg4
OTA0RDdCMTdENzI0MTQ5OTA0QThCQzNBMDQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCqhw+U1+DpQa0i1AVPXYQUDM96GL26Tv/cKhnTr58cPC15o1FV
cNEAuTgZNdDOlvWhTS9o9ltmFKmXC8VXRZth897PcS8PEMeUtTBLpVgpZevUXkVW
5gEoslWoiJ+pVdjDIe73Ltvt0T6LPIwbGyjYJvuA+aYoSKkrQW8UAXprcyvyCwLV
lkdmTNdywDcKx7QwmizKXJgEvxRt5E/kk5wvA6+r4HS1JAOEgvOz0IaYxarl1oWH
sAwKeSRrN56SjeWcZ0+qtEZiOrYKYBqBwRtH1ttSy75ftnhJX+IaPNANROU2O3S/
PN/a82jNZQzl+fHF8h4QEWVeql8hksKqFC/dAgMBAAGjggI0MIICMDAdBgNVHQ4E
FgQUxGXV/Ae9iJBNexfXJBSZBKi8OgQwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3hHWFZfQWU5aUpCTmV4
ZlhKQlNaQktpOE9nUS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwYgYIKwYBBQUHAQcBAf8EUzBRME8EAgABMEkD
BAIr7zADBAMr9gAwDAMEAiv2DAMEBCv2IDAMAwQCK/Y0AwQCK/ZgAwQCZyMwMAsD
AwJn7AMEA2fsEDAMAwQCZ+wcAwQCZ+xgMA0GCSqGSIb3DQEBCwUAA4IBAQBuC+B9
IIvcLg6L4pxDQYNhKieyf4bb/+CK4/XnkKWPCdQYO5I7kUzaV6XLhqbuR6Gh/9eQ
muasXMCVEhv6y2N6wy7+jFkntG156yI+3UddkC/FGWnkB10LdPVjnZoG+8391eel
Mh52g6qFHn+lfMUn7yBjwBdDvomu5B1Zdx4++xuk2TIwvtLz+LpLVmIEFLHVyVhP
gkjqRLVihFx3gdy64tJfFOxNLt4i6Kn78xa9uHCjUBC/7HhRSUxpJXn0e4oLh1zM
R9II4s34LrLcdbpcw/MvQTalp92YwKvoB8YghegiCATzSXVW4CNNr+jODBg/rxZT
nfP22nvTAQw5yzNu
-----END CERTIFICATE-----
Generated at Sat Jun 21 06:45:48 2025 by rpki-client