Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/4Z75LpwsNPb-tpscNBqgxyUB-ws.roa
File: 4Z75LpwsNPb-tpscNBqgxyUB-ws.roa (raw, json)
Hash identifier: SsmWjtjzPzknuazqpMrQLMALt4u1PNwSxV8GGfJu9mQ=
Subject key identifier: E1:9E:F9:2E:9C:2C:34:F6:FE:B6:9B:1C:34:1A:A0:C7:25:01:FB:0B
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 612C
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/4Z75LpwsNPb-tpscNBqgxyUB-ws.roa
Signing time: Sat 17 May 2025 05:10:42 +0000
ROA not before: Sat 17 May 2025 05:10:42 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 24426
IP address blocks: 43.239.48.0/22 maxlen: 22
43.246.0.0/22 maxlen: 22
43.246.4.0/22 maxlen: 22
43.246.12.0/22 maxlen: 22
43.246.16.0/22 maxlen: 22
43.246.20.0/22 maxlen: 22
43.246.24.0/22 maxlen: 22
43.246.28.0/22 maxlen: 22
43.246.32.0/22 maxlen: 22
43.246.36.0/22 maxlen: 22
43.246.40.0/22 maxlen: 22
43.246.44.0/22 maxlen: 22
43.246.52.0/22 maxlen: 22
43.246.56.0/22 maxlen: 22
43.246.60.0/22 maxlen: 22
43.246.64.0/22 maxlen: 22
43.246.68.0/22 maxlen: 22
43.246.72.0/22 maxlen: 22
43.246.76.0/22 maxlen: 22
43.246.80.0/22 maxlen: 22
43.246.84.0/22 maxlen: 22
43.246.88.0/22 maxlen: 22
43.246.92.0/22 maxlen: 22
43.246.96.0/22 maxlen: 22
103.35.48.0/22 maxlen: 22
103.236.0.0/22 maxlen: 22
103.236.4.0/22 maxlen: 22
103.236.8.0/22 maxlen: 22
103.236.12.0/22 maxlen: 22
103.236.16.0/22 maxlen: 22
103.236.20.0/22 maxlen: 22
103.236.28.0/22 maxlen: 22
103.236.32.0/22 maxlen: 22
103.236.36.0/22 maxlen: 22
103.236.40.0/22 maxlen: 22
103.236.44.0/22 maxlen: 22
103.236.48.0/22 maxlen: 22
103.236.52.0/22 maxlen: 22
103.236.56.0/22 maxlen: 22
103.236.60.0/22 maxlen: 22
103.236.64.0/22 maxlen: 22
103.236.68.0/22 maxlen: 22
103.236.72.0/22 maxlen: 22
103.236.76.0/22 maxlen: 22
103.236.80.0/22 maxlen: 22
103.236.84.0/22 maxlen: 22
103.236.88.0/22 maxlen: 22
103.236.92.0/22 maxlen: 22
103.236.96.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 24876 (0x612c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 17 05:10:42 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=E19EF92E9C2C34F6FEB69B1C341AA0C72501FB0B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:ed:31:3d:9e:4d:e8:46:8b:00:95:20:a3:a0:
81:ca:c2:b8:40:63:a1:1b:76:fc:f0:04:b8:79:4e:
75:5b:eb:39:af:22:72:28:c5:42:63:bf:1c:96:a4:
ce:ec:0a:0d:d1:4e:bc:96:1c:d4:58:4f:a3:6a:f7:
55:af:10:a8:a0:02:24:09:ea:d6:17:88:e9:73:f8:
b8:0c:89:8e:f1:46:9c:16:15:05:23:50:60:0f:a4:
29:66:5d:70:78:ab:6d:a5:c2:86:2c:3b:3a:fa:73:
67:f6:22:16:2f:a5:c4:3e:f0:1b:61:76:2b:88:46:
9e:45:ac:ec:33:fb:6d:af:37:8b:1c:a2:2e:dc:a3:
a8:b1:b4:fd:d0:19:ae:48:d8:1c:d3:45:ba:70:24:
30:23:75:a8:cf:55:87:66:7b:4a:7f:93:47:90:5b:
46:dc:8d:15:ad:d2:68:9c:42:ce:ae:48:69:73:26:
ee:e6:55:47:99:52:dc:55:03:5b:0f:b8:70:7f:83:
23:a5:85:ba:42:08:88:40:b9:cc:5f:63:70:a0:10:
f3:bf:5e:37:db:10:65:2f:93:55:94:b9:84:24:9c:
e1:e1:01:35:2c:fb:c3:ee:1c:ab:8c:e4:07:0e:7f:
96:0c:08:c4:ec:20:d0:a1:72:0f:68:7f:17:9f:cf:
69:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:9E:F9:2E:9C:2C:34:F6:FE:B6:9B:1C:34:1A:A0:C7:25:01:FB:0B
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/4Z75LpwsNPb-tpscNBqgxyUB-ws.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.48.0/22
43.246.0.0/21
43.246.12.0-43.246.47.255
43.246.52.0-43.246.99.255
103.35.48.0/22
103.236.0.0-103.236.23.255
103.236.28.0-103.236.99.255
Signature Algorithm: sha256WithRSAEncryption
04:d6:bf:9e:54:14:05:8a:aa:65:27:f7:7e:d6:6c:c3:85:ed:
fd:99:61:f2:b5:84:88:84:53:eb:59:bf:75:92:c9:80:8e:5a:
50:dd:b8:3c:0b:80:77:89:1a:48:fc:24:01:2d:b0:eb:94:25:
e2:40:77:e8:4c:36:99:20:96:6d:1a:09:ed:78:44:65:2f:1c:
98:8d:44:ec:20:e9:85:91:b3:a1:f0:35:13:f7:03:42:f1:ad:
cc:49:4d:3f:7f:59:c2:f2:cd:60:8b:32:f1:e1:8a:7c:14:75:
bd:eb:66:56:b2:de:74:ba:aa:5b:7d:2c:c9:b3:0f:c3:02:15:
1f:a3:23:9f:9d:48:27:5f:66:63:9f:f6:92:9b:f8:b8:4f:4e:
14:76:e4:6b:07:b6:fc:c2:70:7c:e0:e1:a9:63:b6:c5:8d:61:
1e:91:93:5e:26:d6:8b:f3:f2:5d:1c:91:de:b6:5c:9d:1a:2e:
92:4b:3f:a7:02:72:60:ac:2d:e8:90:8b:4b:27:0c:f3:24:42:
05:2f:23:7f:96:ae:50:e0:9c:e3:6f:3c:77:12:90:60:54:4e:
64:a2:19:0f:e5:98:08:47:e7:a6:ad:b1:a2:4f:31:cd:8b:89:
78:c4:9a:92:bc:db:dd:f2:70:61:e1:8c:e5:41:5a:41:bb:48:
e4:c5:e2:f4
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgICYSwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNTA1MTcw
NTEwNDJaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKEUxOUVGOTJFOUMyQzM0
RjZGRUI2OUIxQzM0MUFBMEM3MjUwMUZCMEIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDx7TE9nk3oRosAlSCjoIHKwrhAY6EbdvzwBLh5TnVb6zmvInIo
xUJjvxyWpM7sCg3RTryWHNRYT6Nq91WvEKigAiQJ6tYXiOlz+LgMiY7xRpwWFQUj
UGAPpClmXXB4q22lwoYsOzr6c2f2IhYvpcQ+8BthdiuIRp5FrOwz+22vN4scoi7c
o6ixtP3QGa5I2BzTRbpwJDAjdajPVYdme0p/k0eQW0bcjRWt0micQs6uSGlzJu7m
VUeZUtxVA1sPuHB/gyOlhbpCCIhAucxfY3CgEPO/XjfbEGUvk1WUuYQknOHhATUs
+8PuHKuM5AcOf5YMCMTsINChcg9ofxefz2lPAgMBAAGjggI0MIICMDAdBgNVHQ4E
FgQU4Z75LpwsNPb+tpscNBqgxyUB+wswHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzRaNzVMcHdzTlBiLXRw
c2NOQnFneHlVQi13cy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwYgYIKwYBBQUHAQcBAf8EUzBRME8EAgABMEkD
BAIr7zADBAMr9gAwDAMEAiv2DAMEBCv2IDAMAwQCK/Y0AwQCK/ZgAwQCZyMwMAsD
AwJn7AMEA2fsEDAMAwQCZ+wcAwQCZ+xgMA0GCSqGSIb3DQEBCwUAA4IBAQAE1r+e
VBQFiqplJ/d+1mzDhe39mWHytYSIhFPrWb91ksmAjlpQ3bg8C4B3iRpI/CQBLbDr
lCXiQHfoTDaZIJZtGgnteERlLxyYjUTsIOmFkbOh8DUT9wNC8a3MSU0/f1nC8s1g
izLx4Yp8FHW962ZWst50uqpbfSzJsw/DAhUfoyOfnUgnX2Zjn/aSm/i4T04UduRr
B7b8wnB84OGpY7bFjWEekZNeJtaL8/JdHJHetlydGi6SSz+nAnJgrC3okItLJwzz
JEIFLyN/lq5Q4Jzjbzx3EpBgVE5kohkP5ZgIR+emrbGiTzHNi4l4xJqSvNvd8nBh
4YzlQVpBu0jkxeL0
-----END CERTIFICATE-----
Generated at Sun May 18 07:30:10 2025 by rpki-client