Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/CdgcVQnI7aHJ1z3zTP3Ij19aF1I.roa
File: CdgcVQnI7aHJ1z3zTP3Ij19aF1I.roa (raw, json)
Hash identifier: KMWUNXnPVFo8tX3sZB2qSHwOm5y+gCYaZV+R/bqhNVc=
Subject key identifier: 09:D8:1C:55:09:C8:ED:A1:C9:D7:3D:F3:4C:FD:C8:8F:5F:5A:17:52
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 6086
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/CdgcVQnI7aHJ1z3zTP3Ij19aF1I.roa
Signing time: Thu 15 May 2025 11:43:47 +0000
ROA not before: Thu 15 May 2025 11:43:47 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 24426
IP address blocks: 43.239.48.0/22 maxlen: 22
43.246.0.0/22 maxlen: 22
43.246.4.0/22 maxlen: 22
43.246.12.0/22 maxlen: 22
43.246.16.0/22 maxlen: 22
43.246.20.0/22 maxlen: 22
43.246.24.0/22 maxlen: 22
43.246.28.0/22 maxlen: 22
43.246.32.0/22 maxlen: 22
43.246.36.0/22 maxlen: 22
43.246.40.0/22 maxlen: 22
43.246.44.0/22 maxlen: 22
43.246.52.0/22 maxlen: 22
43.246.56.0/22 maxlen: 22
43.246.60.0/22 maxlen: 22
43.246.64.0/22 maxlen: 22
43.246.68.0/22 maxlen: 22
43.246.72.0/22 maxlen: 22
43.246.76.0/22 maxlen: 22
43.246.80.0/22 maxlen: 22
43.246.84.0/22 maxlen: 22
43.246.88.0/22 maxlen: 22
43.246.92.0/22 maxlen: 22
43.246.96.0/22 maxlen: 22
103.35.48.0/22 maxlen: 22
103.236.0.0/22 maxlen: 22
103.236.4.0/22 maxlen: 22
103.236.8.0/22 maxlen: 22
103.236.12.0/22 maxlen: 22
103.236.16.0/22 maxlen: 22
103.236.20.0/22 maxlen: 22
103.236.28.0/22 maxlen: 22
103.236.32.0/22 maxlen: 22
103.236.36.0/22 maxlen: 22
103.236.40.0/22 maxlen: 22
103.236.44.0/22 maxlen: 22
103.236.48.0/22 maxlen: 22
103.236.52.0/22 maxlen: 22
103.236.56.0/22 maxlen: 22
103.236.60.0/22 maxlen: 22
103.236.64.0/22 maxlen: 22
103.236.68.0/22 maxlen: 22
103.236.72.0/22 maxlen: 22
103.236.76.0/22 maxlen: 22
103.236.80.0/22 maxlen: 22
103.236.84.0/22 maxlen: 22
103.236.88.0/22 maxlen: 22
103.236.92.0/22 maxlen: 22
103.236.96.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 24710 (0x6086)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 15 11:43:47 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=09D81C5509C8EDA1C9D73DF34CFDC88F5F5A1752
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:6d:47:ca:03:1a:1e:79:42:45:57:dd:0c:e2:
b8:c7:96:59:77:ee:d3:48:70:8d:06:fd:ed:01:51:
13:12:af:6f:ef:9c:53:6c:63:3d:d4:f3:ea:54:66:
f7:09:99:d3:b6:ca:7a:aa:18:55:84:e6:ce:a2:ac:
86:97:e0:03:21:c9:be:15:62:36:b3:3b:29:3c:1b:
f3:73:52:c9:ae:aa:b5:a3:26:0f:1c:fd:a4:16:4c:
6c:93:b6:57:14:39:9c:e2:75:2c:28:72:7b:b8:a0:
b6:e2:50:80:76:fa:f0:74:10:43:c8:d0:01:ff:c5:
db:26:2d:70:e6:03:9b:7c:cf:bc:d6:40:d4:90:b3:
21:ee:2f:f8:64:58:0b:8a:14:21:c4:a4:fc:19:84:
35:a7:71:8c:bf:3d:ab:aa:d4:e9:49:14:60:7d:51:
ef:3c:56:f2:4b:75:3c:41:9a:bd:47:c5:db:88:08:
45:20:f0:18:4e:62:2f:1a:9c:9c:ca:8b:53:ed:d8:
d8:aa:ea:5c:7f:e0:38:07:b0:57:23:2f:10:fc:29:
97:77:05:e5:59:61:3e:3d:12:c4:c6:b6:61:fb:c1:
f9:b5:51:44:cb:f4:c4:c2:89:3e:dd:f6:85:8e:ee:
58:0d:60:6e:2f:e3:55:fe:79:70:a9:66:41:c8:2d:
5e:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:D8:1C:55:09:C8:ED:A1:C9:D7:3D:F3:4C:FD:C8:8F:5F:5A:17:52
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/CdgcVQnI7aHJ1z3zTP3Ij19aF1I.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.48.0/22
43.246.0.0/21
43.246.12.0-43.246.47.255
43.246.52.0-43.246.99.255
103.35.48.0/22
103.236.0.0-103.236.23.255
103.236.28.0-103.236.99.255
Signature Algorithm: sha256WithRSAEncryption
2a:5e:95:a4:9a:43:86:4f:ba:0e:29:43:14:e3:bb:5c:94:67:
74:bc:a1:a7:8f:f0:c1:11:fa:64:c1:ae:00:6d:30:84:29:b8:
37:4c:3c:85:50:66:fa:c0:65:0e:9c:06:f0:7a:55:63:de:16:
ed:b3:66:8d:cb:6b:d5:ea:75:6f:e1:b2:d5:08:5a:7b:dc:ca:
45:8c:c4:54:52:f6:70:1b:2d:46:21:07:a0:56:f9:f5:ac:5e:
f6:d0:ac:a2:85:e0:bf:4b:60:df:88:93:22:93:27:a0:e2:76:
b3:63:6a:2f:79:c8:e1:6f:c3:c3:41:ed:ad:2f:ad:a3:e8:16:
f9:42:c0:7b:af:18:1a:6a:42:12:bb:43:85:e4:82:10:e2:74:
80:17:a4:16:68:8c:b7:72:ba:53:d5:fe:ef:37:53:12:a5:1b:
0f:a5:8d:17:cf:e6:36:3a:0a:a6:4a:50:b7:f9:db:02:fa:d2:
28:b4:58:e8:a4:3d:ac:24:03:4e:27:b0:c4:94:10:57:e8:9e:
63:c3:65:f1:2d:4a:59:6e:f1:61:ae:e0:21:19:d8:3c:39:84:
eb:f5:a9:b1:e1:89:18:4a:34:50:5a:2a:3c:ce:ac:8c:fa:41:
3a:73:e4:db:fb:c6:aa:ce:9c:5e:19:c6:f4:bf:49:1f:1c:1b:
d6:0b:12:f0
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgICYIYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNTA1MTUx
MTQzNDdaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDA5RDgxQzU1MDlDOEVE
QTFDOUQ3M0RGMzRDRkRDODhGNUY1QTE3NTIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCkbUfKAxoeeUJFV90M4rjHlll37tNIcI0G/e0BURMSr2/vnFNs
Yz3U8+pUZvcJmdO2ynqqGFWE5s6irIaX4AMhyb4VYjazOyk8G/NzUsmuqrWjJg8c
/aQWTGyTtlcUOZzidSwocnu4oLbiUIB2+vB0EEPI0AH/xdsmLXDmA5t8z7zWQNSQ
syHuL/hkWAuKFCHEpPwZhDWncYy/Pauq1OlJFGB9Ue88VvJLdTxBmr1HxduICEUg
8BhOYi8anJzKi1Pt2Niq6lx/4DgHsFcjLxD8KZd3BeVZYT49EsTGtmH7wfm1UUTL
9MTCiT7d9oWO7lgNYG4v41X+eXCpZkHILV4dAgMBAAGjggI0MIICMDAdBgNVHQ4E
FgQUCdgcVQnI7aHJ1z3zTP3Ij19aF1IwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0NkZ2NWUW5JN2FISjF6
M3pUUDNJajE5YUYxSS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwYgYIKwYBBQUHAQcBAf8EUzBRME8EAgABMEkD
BAIr7zADBAMr9gAwDAMEAiv2DAMEBCv2IDAMAwQCK/Y0AwQCK/ZgAwQCZyMwMAsD
AwJn7AMEA2fsEDAMAwQCZ+wcAwQCZ+xgMA0GCSqGSIb3DQEBCwUAA4IBAQAqXpWk
mkOGT7oOKUMU47tclGd0vKGnj/DBEfpkwa4AbTCEKbg3TDyFUGb6wGUOnAbwelVj
3hbts2aNy2vV6nVv4bLVCFp73MpFjMRUUvZwGy1GIQegVvn1rF720KyiheC/S2Df
iJMikyeg4nazY2ovecjhb8PDQe2tL62j6Bb5QsB7rxgaakISu0OF5IIQ4nSAF6QW
aIy3crpT1f7vN1MSpRsPpY0Xz+Y2OgqmSlC3+dsC+tIotFjopD2sJANOJ7DElBBX
6J5jw2XxLUpZbvFhruAhGdg8OYTr9amx4YkYSjRQWio8zqyM+kE6c+Tb+8aqzpxe
Gcb0v0kfHBvWCxLw
-----END CERTIFICATE-----
Generated at Sat May 17 19:41:22 2025 by rpki-client