Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/MyBtLtTKGqmTwB5xXI07MQa_Xj0.roa
File: MyBtLtTKGqmTwB5xXI07MQa_Xj0.roa (raw, json)
Hash identifier: CjmoeFJseYhxzLN0HF0XIO39bpWuRHjFxMiB8Ur7RNk=
Subject key identifier: 33:20:6D:2E:D4:CA:1A:A9:93:C0:1E:71:5C:8D:3B:31:06:BF:5E:3D
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 604C
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/MyBtLtTKGqmTwB5xXI07MQa_Xj0.roa
Signing time: Wed 14 May 2025 21:13:51 +0000
ROA not before: Wed 14 May 2025 21:13:51 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 24426
IP address blocks: 43.239.48.0/22 maxlen: 22
43.246.0.0/22 maxlen: 22
43.246.4.0/22 maxlen: 22
43.246.12.0/22 maxlen: 22
43.246.16.0/22 maxlen: 22
43.246.20.0/22 maxlen: 22
43.246.24.0/22 maxlen: 22
43.246.28.0/22 maxlen: 22
43.246.32.0/22 maxlen: 22
43.246.36.0/22 maxlen: 22
43.246.40.0/22 maxlen: 22
43.246.44.0/22 maxlen: 22
43.246.52.0/22 maxlen: 22
43.246.56.0/22 maxlen: 22
43.246.60.0/22 maxlen: 22
43.246.64.0/22 maxlen: 22
43.246.68.0/22 maxlen: 22
43.246.72.0/22 maxlen: 22
43.246.76.0/22 maxlen: 22
43.246.80.0/22 maxlen: 22
43.246.84.0/22 maxlen: 22
43.246.88.0/22 maxlen: 22
43.246.92.0/22 maxlen: 22
43.246.96.0/22 maxlen: 22
103.35.48.0/22 maxlen: 22
103.236.0.0/22 maxlen: 22
103.236.4.0/22 maxlen: 22
103.236.8.0/22 maxlen: 22
103.236.12.0/22 maxlen: 22
103.236.16.0/22 maxlen: 22
103.236.20.0/22 maxlen: 22
103.236.28.0/22 maxlen: 22
103.236.32.0/22 maxlen: 22
103.236.36.0/22 maxlen: 22
103.236.40.0/22 maxlen: 22
103.236.44.0/22 maxlen: 22
103.236.48.0/22 maxlen: 22
103.236.52.0/22 maxlen: 22
103.236.56.0/22 maxlen: 22
103.236.60.0/22 maxlen: 22
103.236.64.0/22 maxlen: 22
103.236.68.0/22 maxlen: 22
103.236.72.0/22 maxlen: 22
103.236.76.0/22 maxlen: 22
103.236.80.0/22 maxlen: 22
103.236.84.0/22 maxlen: 22
103.236.88.0/22 maxlen: 22
103.236.92.0/22 maxlen: 22
103.236.96.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 24652 (0x604c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 14 21:13:51 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=33206D2ED4CA1AA993C01E715C8D3B3106BF5E3D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:95:96:51:9f:7b:9a:04:ca:c0:c4:f0:64:72:
e9:b0:ca:bb:b7:4d:f5:35:5b:53:e4:57:4b:0a:1a:
55:8d:24:7a:37:26:0a:4e:bc:45:7d:27:b2:27:59:
a4:c2:27:8d:19:16:f6:ea:6b:e6:82:63:d8:60:a9:
f6:ba:fc:a1:99:70:bc:bd:63:c3:c8:b1:a8:d8:63:
b1:07:ae:24:e3:5c:57:06:18:06:13:d6:e5:d6:7e:
bb:8d:ed:db:e9:d9:8e:b0:63:dd:80:1f:94:85:46:
41:83:59:cf:b4:1b:b8:0a:9a:fe:25:fd:ce:af:24:
63:bd:b7:6b:ed:ef:72:5a:ee:a6:cc:90:76:a9:b9:
b5:05:77:fb:b6:8e:34:c3:96:f5:8d:1e:73:f3:fd:
30:3a:2f:ed:a0:fa:95:d7:d6:7c:bb:25:25:5a:5a:
62:33:ee:16:ab:73:35:21:1f:c5:c4:ab:72:6e:1c:
63:b0:99:14:c1:cd:ae:4e:cc:bc:c7:ef:18:74:40:
63:4c:ff:de:b5:e7:36:94:69:32:01:8e:29:4e:f7:
b3:a5:c6:44:59:6d:a5:02:04:09:1a:3b:49:26:40:
7a:a8:83:0b:1a:0a:d3:e9:84:3c:31:8a:c9:be:fd:
ee:d4:bf:03:72:2f:55:e0:5e:81:af:28:b2:17:1c:
aa:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:20:6D:2E:D4:CA:1A:A9:93:C0:1E:71:5C:8D:3B:31:06:BF:5E:3D
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/MyBtLtTKGqmTwB5xXI07MQa_Xj0.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.48.0/22
43.246.0.0/21
43.246.12.0-43.246.47.255
43.246.52.0-43.246.99.255
103.35.48.0/22
103.236.0.0-103.236.23.255
103.236.28.0-103.236.99.255
Signature Algorithm: sha256WithRSAEncryption
ac:f0:eb:ee:67:dd:2c:d3:82:de:8c:cc:55:44:82:0f:ac:06:
91:bf:f7:03:85:1a:0e:a0:8b:7b:d0:7f:0d:89:bb:21:1a:d4:
9e:c1:78:ab:1a:25:fe:2a:74:72:be:e4:f8:05:f6:ca:d5:67:
f8:0e:77:27:a8:e3:99:9c:ac:91:09:d8:5e:4c:38:3d:ca:37:
e1:b9:ac:71:9c:67:bd:bf:e3:c1:4f:b1:62:8e:7d:fb:96:52:
c9:f0:c4:7a:dc:b2:da:4d:9e:9f:81:11:c9:34:ff:fa:45:a6:
66:92:b4:56:27:b1:4d:dc:9f:31:b4:55:93:47:d2:c1:cc:2c:
d1:9a:68:48:b0:e5:7f:3e:95:45:eb:64:76:28:9e:63:59:77:
13:e4:a3:a6:42:30:9b:95:a8:cc:70:38:fe:e1:bf:7b:79:6e:
c2:b6:92:d8:40:a4:68:e8:d0:a8:4e:53:63:ac:38:17:3f:bb:
7d:be:75:39:2a:f5:20:35:3b:3a:f8:59:7b:52:e8:a6:9f:0f:
36:29:ba:5d:fb:44:22:ef:c3:a1:f1:23:32:39:6a:e0:0e:83:
df:e1:d0:9a:de:46:98:1a:bf:d5:19:c2:62:bb:71:73:12:b3:
20:86:85:c3:6c:88:65:ff:fb:17:06:7c:70:ce:0d:86:1c:67:
ba:c2:93:bf
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgICYEwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNTA1MTQy
MTEzNTFaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDMzMjA2RDJFRDRDQTFB
QTk5M0MwMUU3MTVDOEQzQjMxMDZCRjVFM0QwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC7lZZRn3uaBMrAxPBkcumwyru3TfU1W1PkV0sKGlWNJHo3JgpO
vEV9J7InWaTCJ40ZFvbqa+aCY9hgqfa6/KGZcLy9Y8PIsajYY7EHriTjXFcGGAYT
1uXWfruN7dvp2Y6wY92AH5SFRkGDWc+0G7gKmv4l/c6vJGO9t2vt73Ja7qbMkHap
ubUFd/u2jjTDlvWNHnPz/TA6L+2g+pXX1ny7JSVaWmIz7harczUhH8XEq3JuHGOw
mRTBza5OzLzH7xh0QGNM/9615zaUaTIBjilO97OlxkRZbaUCBAkaO0kmQHqogwsa
CtPphDwxism+/e7UvwNyL1XgXoGvKLIXHKrfAgMBAAGjggI0MIICMDAdBgNVHQ4E
FgQUMyBtLtTKGqmTwB5xXI07MQa/Xj0wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L015QnRMdFRLR3FtVHdC
NXhYSTA3TVFhX1hqMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwYgYIKwYBBQUHAQcBAf8EUzBRME8EAgABMEkD
BAIr7zADBAMr9gAwDAMEAiv2DAMEBCv2IDAMAwQCK/Y0AwQCK/ZgAwQCZyMwMAsD
AwJn7AMEA2fsEDAMAwQCZ+wcAwQCZ+xgMA0GCSqGSIb3DQEBCwUAA4IBAQCs8Ovu
Z90s04LejMxVRIIPrAaRv/cDhRoOoIt70H8NibshGtSewXirGiX+KnRyvuT4BfbK
1Wf4DncnqOOZnKyRCdheTDg9yjfhuaxxnGe9v+PBT7Fijn37llLJ8MR63LLaTZ6f
gRHJNP/6RaZmkrRWJ7FN3J8xtFWTR9LBzCzRmmhIsOV/PpVF62R2KJ5jWXcT5KOm
QjCblajMcDj+4b97eW7CtpLYQKRo6NCoTlNjrDgXP7t9vnU5KvUgNTs6+Fl7Uuim
nw82Kbpd+0Qi78Oh8SMyOWrgDoPf4dCa3kaYGr/VGcJiu3FzErMghoXDbIhl//sX
Bnxwzg2GHGe6wpO/
-----END CERTIFICATE-----
Generated at Sat May 17 23:46:34 2025 by rpki-client