Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/KBKJJE4HArJKkNroAieAhoCzuO0.roa
File: KBKJJE4HArJKkNroAieAhoCzuO0.roa (raw, json)
Hash identifier: Dl102O0GZ7G03+XAaTTHxRvy8ResDpnZrPMYJknvnXk=
Subject key identifier: 28:12:89:24:4E:07:02:B2:4A:90:DA:E8:02:27:80:86:80:B3:B8:ED
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 605A
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/KBKJJE4HArJKkNroAieAhoCzuO0.roa
Signing time: Thu 15 May 2025 00:40:53 +0000
ROA not before: Thu 15 May 2025 00:40:53 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 24426
IP address blocks: 43.239.48.0/22 maxlen: 22
43.246.0.0/22 maxlen: 22
43.246.4.0/22 maxlen: 22
43.246.12.0/22 maxlen: 22
43.246.16.0/22 maxlen: 22
43.246.20.0/22 maxlen: 22
43.246.24.0/22 maxlen: 22
43.246.28.0/22 maxlen: 22
43.246.32.0/22 maxlen: 22
43.246.36.0/22 maxlen: 22
43.246.40.0/22 maxlen: 22
43.246.44.0/22 maxlen: 22
43.246.52.0/22 maxlen: 22
43.246.56.0/22 maxlen: 22
43.246.60.0/22 maxlen: 22
43.246.64.0/22 maxlen: 22
43.246.68.0/22 maxlen: 22
43.246.72.0/22 maxlen: 22
43.246.76.0/22 maxlen: 22
43.246.80.0/22 maxlen: 22
43.246.84.0/22 maxlen: 22
43.246.88.0/22 maxlen: 22
43.246.92.0/22 maxlen: 22
43.246.96.0/22 maxlen: 22
103.35.48.0/22 maxlen: 22
103.236.0.0/22 maxlen: 22
103.236.4.0/22 maxlen: 22
103.236.8.0/22 maxlen: 22
103.236.12.0/22 maxlen: 22
103.236.16.0/22 maxlen: 22
103.236.20.0/22 maxlen: 22
103.236.28.0/22 maxlen: 22
103.236.32.0/22 maxlen: 22
103.236.36.0/22 maxlen: 22
103.236.40.0/22 maxlen: 22
103.236.44.0/22 maxlen: 22
103.236.48.0/22 maxlen: 22
103.236.52.0/22 maxlen: 22
103.236.56.0/22 maxlen: 22
103.236.60.0/22 maxlen: 22
103.236.64.0/22 maxlen: 22
103.236.68.0/22 maxlen: 22
103.236.72.0/22 maxlen: 22
103.236.76.0/22 maxlen: 22
103.236.80.0/22 maxlen: 22
103.236.84.0/22 maxlen: 22
103.236.88.0/22 maxlen: 22
103.236.92.0/22 maxlen: 22
103.236.96.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 24666 (0x605a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 15 00:40:53 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=281289244E0702B24A90DAE80227808680B3B8ED
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:28:ef:a2:f5:dc:cf:e7:d2:2c:d7:cf:b9:bf:
ac:23:80:25:80:ee:d2:d6:33:e4:40:5c:ee:9a:11:
42:7c:0c:8d:de:46:20:da:6a:4e:ca:a5:ea:08:0c:
ed:e4:0a:fa:69:45:20:9f:5d:aa:98:20:36:f6:65:
d8:fc:30:68:42:e5:4a:03:fa:e7:b6:ee:96:79:e8:
3a:f1:96:59:39:aa:cb:d3:30:39:db:5d:ce:d2:a7:
d1:03:4d:83:b6:7e:f8:b1:79:3c:c3:ea:87:7f:43:
b4:47:ae:34:a2:6b:84:44:b0:69:6c:7d:7d:9c:9a:
eb:9e:bf:ff:d8:1d:af:be:ac:6d:f0:fa:f6:1b:ee:
29:ed:31:49:00:99:50:2a:08:55:c4:c0:53:a7:b2:
9c:a9:53:ea:42:8d:f6:7e:18:c8:83:92:52:e8:b1:
fc:70:bf:ec:99:99:15:fe:bf:b3:c2:ba:ca:9a:ec:
c8:6b:d5:5a:f4:69:73:a0:ba:af:98:59:11:2d:a7:
8f:00:a0:18:8b:04:04:6f:c7:4b:a8:09:f6:2b:8c:
37:9c:6d:1a:2f:65:d0:40:a3:d0:3e:80:b5:31:12:
6e:8f:66:fa:66:60:30:0b:d9:93:e1:07:6d:3b:14:
cd:20:e1:38:43:ee:74:06:1e:7c:2b:87:16:fc:28:
7f:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:12:89:24:4E:07:02:B2:4A:90:DA:E8:02:27:80:86:80:B3:B8:ED
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/KBKJJE4HArJKkNroAieAhoCzuO0.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.48.0/22
43.246.0.0/21
43.246.12.0-43.246.47.255
43.246.52.0-43.246.99.255
103.35.48.0/22
103.236.0.0-103.236.23.255
103.236.28.0-103.236.99.255
Signature Algorithm: sha256WithRSAEncryption
ae:4b:a6:9e:55:f8:fb:72:74:b5:9c:61:a5:2c:fd:88:07:ca:
a2:ca:8e:f7:55:d2:29:82:88:ae:43:0c:bf:8a:e1:01:cb:7f:
c3:e5:b4:53:9a:5d:8b:d3:26:1a:b3:53:c0:ed:c1:44:96:38:
93:cf:bc:3d:2a:ed:13:63:5f:97:7f:b0:b6:b8:6b:35:47:77:
b9:be:19:07:90:29:83:c3:b6:65:93:76:2f:d5:2e:a2:64:4d:
3b:9e:94:8a:b8:cc:e6:97:4b:27:40:3c:f7:43:0c:4c:1b:31:
92:e5:b5:b6:3d:39:68:6b:09:d5:71:38:9b:45:09:31:9c:5e:
29:26:d4:6c:68:0d:6f:31:31:7d:3c:de:72:77:5a:11:94:32:
f8:11:97:f0:98:b0:c9:2f:59:97:9f:46:6d:44:80:e0:f2:ac:
e6:9c:c6:87:07:15:92:1d:44:43:10:2f:a8:c1:9b:0f:9c:64:
37:3a:b8:13:1a:13:6c:22:cf:a3:0c:26:62:ce:32:99:9b:24:
2a:92:8c:cd:f1:99:c4:f4:e2:d5:96:c3:f2:9c:44:3c:e2:6b:
49:e4:90:d3:2d:7d:99:bc:6a:52:76:5a:2f:b8:b1:6b:f6:8f:
8e:86:5a:ce:c9:71:08:9a:3f:cf:48:bd:7e:ce:0a:37:02:f2:
bf:d0:44:ce
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgICYFowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNTA1MTUw
MDQwNTNaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDI4MTI4OTI0NEUwNzAy
QjI0QTkwREFFODAyMjc4MDg2ODBCM0I4RUQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDUKO+i9dzP59Is18+5v6wjgCWA7tLWM+RAXO6aEUJ8DI3eRiDa
ak7KpeoIDO3kCvppRSCfXaqYIDb2Zdj8MGhC5UoD+ue27pZ56Drxllk5qsvTMDnb
Xc7Sp9EDTYO2fvixeTzD6od/Q7RHrjSia4REsGlsfX2cmuuev//YHa++rG3w+vYb
7intMUkAmVAqCFXEwFOnspypU+pCjfZ+GMiDklLosfxwv+yZmRX+v7PCusqa7Mhr
1Vr0aXOguq+YWREtp48AoBiLBARvx0uoCfYrjDecbRovZdBAo9A+gLUxEm6PZvpm
YDAL2ZPhB207FM0g4ThD7nQGHnwrhxb8KH/3AgMBAAGjggI0MIICMDAdBgNVHQ4E
FgQUKBKJJE4HArJKkNroAieAhoCzuO0wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0tCS0pKRTRIQXJKS2tO
cm9BaWVBaG9DenVPMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwYgYIKwYBBQUHAQcBAf8EUzBRME8EAgABMEkD
BAIr7zADBAMr9gAwDAMEAiv2DAMEBCv2IDAMAwQCK/Y0AwQCK/ZgAwQCZyMwMAsD
AwJn7AMEA2fsEDAMAwQCZ+wcAwQCZ+xgMA0GCSqGSIb3DQEBCwUAA4IBAQCuS6ae
Vfj7cnS1nGGlLP2IB8qiyo73VdIpgoiuQwy/iuEBy3/D5bRTml2L0yYas1PA7cFE
ljiTz7w9Ku0TY1+Xf7C2uGs1R3e5vhkHkCmDw7Zlk3Yv1S6iZE07npSKuMzml0sn
QDz3QwxMGzGS5bW2PTloawnVcTibRQkxnF4pJtRsaA1vMTF9PN5yd1oRlDL4EZfw
mLDJL1mXn0ZtRIDg8qzmnMaHBxWSHURDEC+owZsPnGQ3OrgTGhNsIs+jDCZizjKZ
myQqkozN8ZnE9OLVlsPynEQ84mtJ5JDTLX2ZvGpSdlovuLFr9o+OhlrOyXEImj/P
SL1+zgo3AvK/0ETO
-----END CERTIFICATE-----
Generated at Sat May 17 22:42:19 2025 by rpki-client