Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/UcAd0RGVgGzgxorOrhfyPUnJoFQ.roa
File: UcAd0RGVgGzgxorOrhfyPUnJoFQ.roa (raw, json)
Hash identifier: Eg2v7oLkAdj2ZEiX7nYlLVg0+rLm3hDHRg8+KKyYXVw=
Subject key identifier: 51:C0:1D:D1:11:95:80:6C:E0:C6:8A:CE:AE:17:F2:3D:49:C9:A0:54
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 5F62
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/UcAd0RGVgGzgxorOrhfyPUnJoFQ.roa
Signing time: Mon 12 May 2025 10:41:08 +0000
ROA not before: Mon 12 May 2025 10:41:08 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 24426
IP address blocks: 43.239.48.0/22 maxlen: 22
43.246.0.0/22 maxlen: 22
43.246.4.0/22 maxlen: 22
43.246.12.0/22 maxlen: 22
43.246.16.0/22 maxlen: 22
43.246.20.0/22 maxlen: 22
43.246.24.0/22 maxlen: 22
43.246.28.0/22 maxlen: 22
43.246.32.0/22 maxlen: 22
43.246.36.0/22 maxlen: 22
43.246.40.0/22 maxlen: 22
43.246.44.0/22 maxlen: 22
43.246.52.0/22 maxlen: 22
43.246.56.0/22 maxlen: 22
43.246.60.0/22 maxlen: 22
43.246.64.0/22 maxlen: 22
43.246.68.0/22 maxlen: 22
43.246.72.0/22 maxlen: 22
43.246.76.0/22 maxlen: 22
43.246.80.0/22 maxlen: 22
43.246.84.0/22 maxlen: 22
43.246.88.0/22 maxlen: 22
43.246.92.0/22 maxlen: 22
43.246.96.0/22 maxlen: 22
103.35.48.0/22 maxlen: 22
103.236.0.0/22 maxlen: 22
103.236.4.0/22 maxlen: 22
103.236.8.0/22 maxlen: 22
103.236.12.0/22 maxlen: 22
103.236.16.0/22 maxlen: 22
103.236.20.0/22 maxlen: 22
103.236.28.0/22 maxlen: 22
103.236.32.0/22 maxlen: 22
103.236.36.0/22 maxlen: 22
103.236.40.0/22 maxlen: 22
103.236.44.0/22 maxlen: 22
103.236.48.0/22 maxlen: 22
103.236.52.0/22 maxlen: 22
103.236.56.0/22 maxlen: 22
103.236.60.0/22 maxlen: 22
103.236.64.0/22 maxlen: 22
103.236.68.0/22 maxlen: 22
103.236.72.0/22 maxlen: 22
103.236.76.0/22 maxlen: 22
103.236.80.0/22 maxlen: 22
103.236.84.0/22 maxlen: 22
103.236.88.0/22 maxlen: 22
103.236.92.0/22 maxlen: 22
103.236.96.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 24418 (0x5f62)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 12 10:41:08 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=51C01DD11195806CE0C68ACEAE17F23D49C9A054
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:39:60:8d:81:57:23:7c:78:0c:41:b2:52:eb:
30:85:7b:6a:f3:c6:9d:ab:ea:2d:85:e5:0f:30:7b:
ad:b8:f4:a7:8a:7c:55:ce:69:5c:a4:ec:6a:e6:5f:
cb:93:66:f2:60:30:86:c1:d8:60:68:2e:10:64:9f:
4d:89:58:83:86:38:78:bf:60:11:95:61:1e:dc:8f:
d4:02:48:dc:10:25:25:b3:09:53:c8:51:6f:92:6d:
33:b3:43:34:bc:aa:56:68:f3:57:40:ff:56:45:68:
43:85:26:7f:9b:73:69:ac:6c:92:95:4a:b7:4e:7e:
68:27:b3:62:8e:25:ba:3d:80:23:21:a0:8e:d2:99:
b6:ad:78:69:82:c7:ef:b3:36:d9:09:73:2b:c0:a8:
5c:1b:45:da:5f:9b:88:96:02:d1:d1:f6:fc:6a:ab:
85:88:18:e7:64:e9:12:69:c9:14:c7:58:d3:92:60:
96:e9:1f:81:ea:89:e4:20:d7:cb:65:d1:0e:96:f4:
2b:82:f9:5b:bd:1f:15:e3:11:49:f0:61:34:fe:e3:
07:5d:38:81:23:79:39:c1:dd:bd:f5:63:fc:4d:61:
1c:d6:8f:6e:09:97:7b:67:d3:d7:54:c8:f9:08:ec:
c5:20:bb:a4:6d:8c:f9:e3:0f:8d:a9:f9:3b:e7:51:
cc:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:C0:1D:D1:11:95:80:6C:E0:C6:8A:CE:AE:17:F2:3D:49:C9:A0:54
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/UcAd0RGVgGzgxorOrhfyPUnJoFQ.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.48.0/22
43.246.0.0/21
43.246.12.0-43.246.47.255
43.246.52.0-43.246.99.255
103.35.48.0/22
103.236.0.0-103.236.23.255
103.236.28.0-103.236.99.255
Signature Algorithm: sha256WithRSAEncryption
8f:d3:c6:ee:c0:1f:0a:67:14:f7:5d:65:05:d8:29:7e:b3:3b:
b5:4c:8b:f8:ca:3a:64:36:18:f9:ff:40:e9:48:81:ed:6e:98:
ae:96:19:8a:3f:fd:3e:f0:6d:cd:bc:3d:74:dd:04:c5:0c:16:
41:21:e1:a3:00:21:17:04:68:0c:21:c0:51:4d:cf:dd:03:b9:
fe:88:fc:db:46:34:7b:ea:a8:40:83:3b:3d:17:99:c6:d4:2a:
e4:b3:db:3e:ae:72:cf:1f:4a:ab:21:71:0e:bd:db:fa:c9:6e:
9b:bf:25:92:60:8a:66:d2:fa:c8:a5:54:bf:ea:79:f8:2c:e5:
f7:a1:7d:7a:b6:78:3e:80:2b:78:45:93:82:d7:5e:6b:9d:71:
16:1c:8b:7e:cf:61:98:f9:b7:54:55:e8:fb:69:72:f5:8d:be:
53:1a:88:30:68:76:ad:31:cc:4c:81:ec:5a:c6:82:36:92:63:
f0:b3:1d:6f:fe:46:5e:70:49:8d:7a:e7:ee:1e:6d:ae:92:1f:
51:1a:8e:9c:73:ff:f7:d6:b2:c9:60:c7:d7:e3:da:18:46:74:
b1:e0:a9:f5:1b:78:10:c0:bc:07:58:ad:9a:4f:17:d9:20:fc:
7b:26:54:4d:2d:d4:3b:f6:38:be:b8:b8:72:f5:08:bc:6f:60:
54:75:bb:be
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgICX2IwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNTA1MTIx
MDQxMDhaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDUxQzAxREQxMTE5NTgw
NkNFMEM2OEFDRUFFMTdGMjNENDlDOUEwNTQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDHOWCNgVcjfHgMQbJS6zCFe2rzxp2r6i2F5Q8we6249KeKfFXO
aVyk7GrmX8uTZvJgMIbB2GBoLhBkn02JWIOGOHi/YBGVYR7cj9QCSNwQJSWzCVPI
UW+SbTOzQzS8qlZo81dA/1ZFaEOFJn+bc2msbJKVSrdOfmgns2KOJbo9gCMhoI7S
mbateGmCx++zNtkJcyvAqFwbRdpfm4iWAtHR9vxqq4WIGOdk6RJpyRTHWNOSYJbp
H4HqieQg18tl0Q6W9CuC+Vu9HxXjEUnwYTT+4wddOIEjeTnB3b31Y/xNYRzWj24J
l3tn09dUyPkI7MUgu6RtjPnjD42p+TvnUczNAgMBAAGjggI0MIICMDAdBgNVHQ4E
FgQUUcAd0RGVgGzgxorOrhfyPUnJoFQwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1VjQWQwUkdWZ0d6Z3hv
ck9yaGZ5UFVuSm9GUS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwYgYIKwYBBQUHAQcBAf8EUzBRME8EAgABMEkD
BAIr7zADBAMr9gAwDAMEAiv2DAMEBCv2IDAMAwQCK/Y0AwQCK/ZgAwQCZyMwMAsD
AwJn7AMEA2fsEDAMAwQCZ+wcAwQCZ+xgMA0GCSqGSIb3DQEBCwUAA4IBAQCP08bu
wB8KZxT3XWUF2Cl+szu1TIv4yjpkNhj5/0DpSIHtbpiulhmKP/0+8G3NvD103QTF
DBZBIeGjACEXBGgMIcBRTc/dA7n+iPzbRjR76qhAgzs9F5nG1Crks9s+rnLPH0qr
IXEOvdv6yW6bvyWSYIpm0vrIpVS/6nn4LOX3oX16tng+gCt4RZOC115rnXEWHIt+
z2GY+bdUVej7aXL1jb5TGogwaHatMcxMgexaxoI2kmPwsx1v/kZecEmNeufuHm2u
kh9RGo6cc//31rLJYMfX49oYRnSx4Kn1G3gQwLwHWK2aTxfZIPx7JlRNLdQ79ji+
uLhy9Qi8b2BUdbu+
-----END CERTIFICATE-----
Generated at Sat May 17 23:52:48 2025 by rpki-client