Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/InaQ5spa1gCqXF7kQS1gXntT7Jc.roa
File: InaQ5spa1gCqXF7kQS1gXntT7Jc.roa (raw, json)
Hash identifier: 0d7hMds0HQCvE+EG59rSrZ5SurDY2UtPXOxsJO/wivo=
Subject key identifier: 22:76:90:E6:CA:5A:D6:00:AA:5C:5E:E4:41:2D:60:5E:7B:53:EC:97
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 60E8
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/InaQ5spa1gCqXF7kQS1gXntT7Jc.roa
Signing time: Fri 16 May 2025 12:10:26 +0000
ROA not before: Fri 16 May 2025 12:10:26 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 24426
IP address blocks: 43.239.48.0/22 maxlen: 22
43.246.0.0/22 maxlen: 22
43.246.4.0/22 maxlen: 22
43.246.12.0/22 maxlen: 22
43.246.16.0/22 maxlen: 22
43.246.20.0/22 maxlen: 22
43.246.24.0/22 maxlen: 22
43.246.28.0/22 maxlen: 22
43.246.32.0/22 maxlen: 22
43.246.36.0/22 maxlen: 22
43.246.40.0/22 maxlen: 22
43.246.44.0/22 maxlen: 22
43.246.52.0/22 maxlen: 22
43.246.56.0/22 maxlen: 22
43.246.60.0/22 maxlen: 22
43.246.64.0/22 maxlen: 22
43.246.68.0/22 maxlen: 22
43.246.72.0/22 maxlen: 22
43.246.76.0/22 maxlen: 22
43.246.80.0/22 maxlen: 22
43.246.84.0/22 maxlen: 22
43.246.88.0/22 maxlen: 22
43.246.92.0/22 maxlen: 22
43.246.96.0/22 maxlen: 22
103.35.48.0/22 maxlen: 22
103.236.0.0/22 maxlen: 22
103.236.4.0/22 maxlen: 22
103.236.8.0/22 maxlen: 22
103.236.12.0/22 maxlen: 22
103.236.16.0/22 maxlen: 22
103.236.20.0/22 maxlen: 22
103.236.28.0/22 maxlen: 22
103.236.32.0/22 maxlen: 22
103.236.36.0/22 maxlen: 22
103.236.40.0/22 maxlen: 22
103.236.44.0/22 maxlen: 22
103.236.48.0/22 maxlen: 22
103.236.52.0/22 maxlen: 22
103.236.56.0/22 maxlen: 22
103.236.60.0/22 maxlen: 22
103.236.64.0/22 maxlen: 22
103.236.68.0/22 maxlen: 22
103.236.72.0/22 maxlen: 22
103.236.76.0/22 maxlen: 22
103.236.80.0/22 maxlen: 22
103.236.84.0/22 maxlen: 22
103.236.88.0/22 maxlen: 22
103.236.92.0/22 maxlen: 22
103.236.96.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 24808 (0x60e8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 16 12:10:26 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=227690E6CA5AD600AA5C5EE4412D605E7B53EC97
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:7f:52:c7:13:0d:15:ec:68:35:35:3b:84:90:
75:f3:bb:1d:92:4f:62:18:f6:c4:9f:1a:3c:84:95:
27:98:d4:14:32:92:1a:8b:3c:20:7a:bd:bf:82:ca:
f2:82:f1:61:fb:11:46:8b:6b:03:d4:c3:7f:c0:30:
47:36:87:72:46:be:e7:ea:5f:c4:78:ba:2f:b4:11:
c0:80:11:88:d2:8d:9d:2d:41:61:ac:12:7a:2a:5a:
d4:03:cd:16:79:46:b9:51:e8:e1:e6:5b:96:50:15:
8f:f6:48:2c:92:8a:62:b1:0c:12:d1:c4:39:f8:0b:
ae:22:bc:d9:60:c3:6d:54:cf:ab:ec:6b:1f:d4:4b:
34:f8:0c:5b:85:d5:ac:e0:1c:e1:48:a1:f2:67:b7:
2b:7e:79:36:43:69:2b:39:a1:4f:55:e2:82:d4:99:
c8:1d:a1:0d:bc:57:ca:e8:3a:86:3a:3e:6e:a7:ff:
20:5f:5c:62:92:76:16:dd:5e:53:6a:d4:d6:39:65:
7b:29:a2:93:dd:11:87:3e:d2:40:1c:17:e0:95:1b:
2f:fc:06:5a:fa:cd:e8:56:8f:d8:b1:d4:0e:12:ce:
8c:24:1b:47:a5:da:5d:72:61:1c:a4:ba:19:dc:13:
4f:48:7d:14:c8:f4:9d:6c:92:5c:11:84:ea:bf:4c:
d0:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:76:90:E6:CA:5A:D6:00:AA:5C:5E:E4:41:2D:60:5E:7B:53:EC:97
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/InaQ5spa1gCqXF7kQS1gXntT7Jc.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.48.0/22
43.246.0.0/21
43.246.12.0-43.246.47.255
43.246.52.0-43.246.99.255
103.35.48.0/22
103.236.0.0-103.236.23.255
103.236.28.0-103.236.99.255
Signature Algorithm: sha256WithRSAEncryption
b1:a4:86:12:56:54:1a:91:cd:7d:9a:f7:7d:10:d1:4f:cf:8d:
f8:e7:25:43:3a:76:2e:fe:93:41:9f:7c:d9:8d:59:d5:82:d8:
90:35:25:c0:ac:ec:28:13:f8:70:b3:d0:54:db:e8:ed:7c:86:
4f:60:16:a2:6c:d3:1d:d4:d8:70:cb:83:02:ed:e8:18:93:0a:
e0:d3:cb:bc:ce:7e:c0:8c:7b:a5:64:f5:f8:7c:62:39:45:52:
f3:62:22:9e:44:41:95:01:f9:ce:d1:be:a1:f5:ca:72:fb:5e:
d3:a1:59:61:b7:3b:82:21:63:18:2d:58:54:8b:15:29:99:ba:
87:01:ac:0c:b6:cb:13:e1:4c:e3:a9:68:4e:86:bb:94:39:ac:
d2:3b:da:c6:c0:73:42:07:af:64:5f:25:18:0a:92:d8:52:ec:
34:b6:e7:66:d4:d5:09:7a:79:59:ba:ad:e4:1f:90:2a:a6:91:
cb:b6:b8:2a:b5:d2:b8:3e:30:3a:fe:c4:fe:d9:2c:e6:f0:b4:
30:0d:61:2f:16:45:9e:78:dc:10:c1:43:c6:38:cc:88:5e:5e:
29:83:c2:04:72:61:76:a5:ce:46:50:98:63:8b:9b:d0:23:0e:
b0:21:89:37:b5:c5:27:c4:5a:78:f6:7e:a0:a1:38:eb:6a:ac:
55:69:c2:fb
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgICYOgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNTA1MTYx
MjEwMjZaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDIyNzY5MEU2Q0E1QUQ2
MDBBQTVDNUVFNDQxMkQ2MDVFN0I1M0VDOTcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCsf1LHEw0V7Gg1NTuEkHXzux2ST2IY9sSfGjyElSeY1BQykhqL
PCB6vb+CyvKC8WH7EUaLawPUw3/AMEc2h3JGvufqX8R4ui+0EcCAEYjSjZ0tQWGs
EnoqWtQDzRZ5RrlR6OHmW5ZQFY/2SCySimKxDBLRxDn4C64ivNlgw21Uz6vsax/U
SzT4DFuF1azgHOFIofJntyt+eTZDaSs5oU9V4oLUmcgdoQ28V8roOoY6Pm6n/yBf
XGKSdhbdXlNq1NY5ZXspopPdEYc+0kAcF+CVGy/8Blr6zehWj9ix1A4SzowkG0el
2l1yYRykuhncE09IfRTI9J1sklwRhOq/TNA1AgMBAAGjggI0MIICMDAdBgNVHQ4E
FgQUInaQ5spa1gCqXF7kQS1gXntT7JcwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0luYVE1c3BhMWdDcVhG
N2tRUzFnWG50VDdKYy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwYgYIKwYBBQUHAQcBAf8EUzBRME8EAgABMEkD
BAIr7zADBAMr9gAwDAMEAiv2DAMEBCv2IDAMAwQCK/Y0AwQCK/ZgAwQCZyMwMAsD
AwJn7AMEA2fsEDAMAwQCZ+wcAwQCZ+xgMA0GCSqGSIb3DQEBCwUAA4IBAQCxpIYS
VlQakc19mvd9ENFPz4345yVDOnYu/pNBn3zZjVnVgtiQNSXArOwoE/hws9BU2+jt
fIZPYBaibNMd1Nhwy4MC7egYkwrg08u8zn7AjHulZPX4fGI5RVLzYiKeREGVAfnO
0b6h9cpy+17ToVlhtzuCIWMYLVhUixUpmbqHAawMtssT4UzjqWhOhruUOazSO9rG
wHNCB69kXyUYCpLYUuw0tudm1NUJenlZuq3kH5AqppHLtrgqtdK4PjA6/sT+2Szm
8LQwDWEvFkWeeNwQwUPGOMyIXl4pg8IEcmF2pc5GUJhji5vQIw6wIYk3tcUnxFp4
9n6goTjraqxVacL7
-----END CERTIFICATE-----
Generated at Sat May 17 19:41:19 2025 by rpki-client