Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/Sw4RTGytaOpr-Q5QMEpgNHx85k4.roa
File: Sw4RTGytaOpr-Q5QMEpgNHx85k4.roa (raw, json)
Hash identifier: jiIvIfIcjDwTPiV6RUBUn9An0+uxHEkOz1RWBkfwoJk=
Subject key identifier: 4B:0E:11:4C:6C:AD:68:EA:6B:F9:0E:50:30:4A:60:34:7C:7C:E6:4E
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 5F6A
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/Sw4RTGytaOpr-Q5QMEpgNHx85k4.roa
Signing time: Mon 12 May 2025 12:40:21 +0000
ROA not before: Mon 12 May 2025 12:40:21 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 24426
IP address blocks: 43.239.48.0/22 maxlen: 22
43.246.0.0/22 maxlen: 22
43.246.4.0/22 maxlen: 22
43.246.12.0/22 maxlen: 22
43.246.16.0/22 maxlen: 22
43.246.20.0/22 maxlen: 22
43.246.24.0/22 maxlen: 22
43.246.28.0/22 maxlen: 22
43.246.32.0/22 maxlen: 22
43.246.36.0/22 maxlen: 22
43.246.40.0/22 maxlen: 22
43.246.44.0/22 maxlen: 22
43.246.52.0/22 maxlen: 22
43.246.56.0/22 maxlen: 22
43.246.60.0/22 maxlen: 22
43.246.64.0/22 maxlen: 22
43.246.68.0/22 maxlen: 22
43.246.72.0/22 maxlen: 22
43.246.76.0/22 maxlen: 22
43.246.80.0/22 maxlen: 22
43.246.84.0/22 maxlen: 22
43.246.88.0/22 maxlen: 22
43.246.92.0/22 maxlen: 22
43.246.96.0/22 maxlen: 22
103.35.48.0/22 maxlen: 22
103.236.0.0/22 maxlen: 22
103.236.4.0/22 maxlen: 22
103.236.8.0/22 maxlen: 22
103.236.12.0/22 maxlen: 22
103.236.16.0/22 maxlen: 22
103.236.20.0/22 maxlen: 22
103.236.28.0/22 maxlen: 22
103.236.32.0/22 maxlen: 22
103.236.36.0/22 maxlen: 22
103.236.40.0/22 maxlen: 22
103.236.44.0/22 maxlen: 22
103.236.48.0/22 maxlen: 22
103.236.52.0/22 maxlen: 22
103.236.56.0/22 maxlen: 22
103.236.60.0/22 maxlen: 22
103.236.64.0/22 maxlen: 22
103.236.68.0/22 maxlen: 22
103.236.72.0/22 maxlen: 22
103.236.76.0/22 maxlen: 22
103.236.80.0/22 maxlen: 22
103.236.84.0/22 maxlen: 22
103.236.88.0/22 maxlen: 22
103.236.92.0/22 maxlen: 22
103.236.96.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 24426 (0x5f6a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 12 12:40:21 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=4B0E114C6CAD68EA6BF90E50304A60347C7CE64E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:55:6c:4a:d6:09:2f:c1:fb:c7:5d:87:f9:ba:
b0:62:b5:d0:e7:f4:8a:58:f3:dc:4a:81:b0:9e:0c:
f1:9f:22:c3:34:bc:9a:65:7f:a4:d1:5a:73:3f:42:
ce:ad:62:be:2d:86:15:69:05:08:66:61:4c:80:bf:
56:52:0a:d2:37:28:15:54:ab:0a:05:46:63:3c:ca:
3e:fd:ef:a6:4f:4c:19:4d:44:17:47:4a:b1:ed:19:
56:9f:3c:e8:62:d3:89:34:70:81:0f:aa:f7:d3:40:
ed:5e:58:15:13:1a:68:0b:13:ab:2e:12:d3:ae:a3:
e0:d7:0d:36:87:db:94:79:d7:5e:47:56:74:12:2e:
70:33:64:79:8e:f5:ec:71:56:0d:a0:eb:1f:af:d1:
f1:de:95:dc:62:e4:0a:fb:7e:f2:18:1c:0f:f3:56:
67:42:35:46:1a:74:c1:48:44:26:6f:d3:6b:7a:22:
84:11:be:31:42:57:d1:eb:86:f5:ff:9d:25:06:09:
c8:b8:08:3d:28:c0:f5:8b:01:c5:87:d0:e8:2d:64:
ae:e9:eb:f2:4c:5a:94:8d:5d:fe:60:35:78:ea:59:
c0:76:81:d0:45:fa:e9:b1:bd:db:b3:a1:5a:dd:b9:
9f:a7:b8:77:ad:d7:dc:bd:a9:ec:b4:0d:c1:52:5f:
5a:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:0E:11:4C:6C:AD:68:EA:6B:F9:0E:50:30:4A:60:34:7C:7C:E6:4E
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/Sw4RTGytaOpr-Q5QMEpgNHx85k4.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.48.0/22
43.246.0.0/21
43.246.12.0-43.246.47.255
43.246.52.0-43.246.99.255
103.35.48.0/22
103.236.0.0-103.236.23.255
103.236.28.0-103.236.99.255
Signature Algorithm: sha256WithRSAEncryption
93:a2:ae:d1:31:c3:bf:bc:ac:ec:25:39:e0:ec:6b:d8:c9:fd:
94:d7:d2:62:19:f5:94:eb:b3:13:08:23:98:4e:89:c1:a8:c6:
60:53:06:5c:74:a4:87:ba:b4:50:8c:a8:50:dd:95:fe:ba:1a:
af:11:23:79:41:b3:52:1d:fc:23:ea:77:1c:17:3b:48:84:ff:
22:bc:c0:db:8d:aa:b7:8f:5c:b7:57:68:97:17:2d:ad:f5:96:
d8:4e:1d:af:37:56:bf:e3:0b:05:2d:d5:85:b9:74:4f:ac:bc:
36:2f:b2:e5:be:b9:08:76:7f:a9:62:d9:f6:6b:da:7d:34:a2:
36:f5:23:44:01:33:c5:17:fb:65:dd:4e:05:1f:f0:a9:62:19:
c2:d1:9b:fd:0c:69:6e:85:b3:ba:b5:01:4c:0b:ed:0d:1e:9e:
4f:e3:cc:e9:a6:56:07:8e:d3:1c:62:e2:d2:04:73:7a:57:d4:
02:47:21:f0:36:47:2a:0d:78:f1:4c:fc:c5:6d:ad:9b:ff:90:
eb:df:50:f8:36:a9:47:75:ed:a6:fd:3f:39:1a:c0:19:c8:ef:
db:0a:f0:0a:8b:3a:6c:f8:f0:92:3b:9b:ca:66:c2:47:e3:31:
89:23:a6:31:65:64:94:29:a7:90:12:7d:9f:68:8a:62:72:ab:
8d:9f:7b:e6
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgICX2owDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNTA1MTIx
MjQwMjFaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDRCMEUxMTRDNkNBRDY4
RUE2QkY5MEU1MDMwNEE2MDM0N0M3Q0U2NEUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCqVWxK1gkvwfvHXYf5urBitdDn9IpY89xKgbCeDPGfIsM0vJpl
f6TRWnM/Qs6tYr4thhVpBQhmYUyAv1ZSCtI3KBVUqwoFRmM8yj7976ZPTBlNRBdH
SrHtGVafPOhi04k0cIEPqvfTQO1eWBUTGmgLE6suEtOuo+DXDTaH25R5115HVnQS
LnAzZHmO9exxVg2g6x+v0fHeldxi5Ar7fvIYHA/zVmdCNUYadMFIRCZv02t6IoQR
vjFCV9HrhvX/nSUGCci4CD0owPWLAcWH0OgtZK7p6/JMWpSNXf5gNXjqWcB2gdBF
+umxvduzoVrduZ+nuHet19y9qey0DcFSX1qvAgMBAAGjggI0MIICMDAdBgNVHQ4E
FgQUSw4RTGytaOpr+Q5QMEpgNHx85k4wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1N3NFJUR3l0YU9wci1R
NVFNRXBnTkh4ODVrNC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwYgYIKwYBBQUHAQcBAf8EUzBRME8EAgABMEkD
BAIr7zADBAMr9gAwDAMEAiv2DAMEBCv2IDAMAwQCK/Y0AwQCK/ZgAwQCZyMwMAsD
AwJn7AMEA2fsEDAMAwQCZ+wcAwQCZ+xgMA0GCSqGSIb3DQEBCwUAA4IBAQCToq7R
McO/vKzsJTng7GvYyf2U19JiGfWU67MTCCOYTonBqMZgUwZcdKSHurRQjKhQ3ZX+
uhqvESN5QbNSHfwj6nccFztIhP8ivMDbjaq3j1y3V2iXFy2t9ZbYTh2vN1a/4wsF
LdWFuXRPrLw2L7LlvrkIdn+pYtn2a9p9NKI29SNEATPFF/tl3U4FH/CpYhnC0Zv9
DGluhbO6tQFMC+0NHp5P48zpplYHjtMcYuLSBHN6V9QCRyHwNkcqDXjxTPzFba2b
/5Dr31D4NqlHde2m/T85GsAZyO/bCvAKizps+PCSO5vKZsJH4zGJI6YxZWSUKaeQ
En2faIpicquNn3vm
-----END CERTIFICATE-----
Generated at Sat May 17 19:39:04 2025 by rpki-client