Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/Y80FbgHcixGMW_WrW41HdMD1N9M.roa
File: Y80FbgHcixGMW_WrW41HdMD1N9M.roa (raw, json)
Hash identifier: MQBH43rwo0GeKJQJyMh0xnZLaizyo/0BuRm7XdszFrs=
Subject key identifier: 63:CD:05:6E:01:DC:8B:11:8C:5B:F5:AB:5B:8D:47:74:C0:F5:37:D3
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 6006
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/Y80FbgHcixGMW_WrW41HdMD1N9M.roa
Signing time: Wed 14 May 2025 03:40:20 +0000
ROA not before: Wed 14 May 2025 03:40:20 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 24426
IP address blocks: 43.239.48.0/22 maxlen: 22
43.246.0.0/22 maxlen: 22
43.246.4.0/22 maxlen: 22
43.246.12.0/22 maxlen: 22
43.246.16.0/22 maxlen: 22
43.246.20.0/22 maxlen: 22
43.246.24.0/22 maxlen: 22
43.246.28.0/22 maxlen: 22
43.246.32.0/22 maxlen: 22
43.246.36.0/22 maxlen: 22
43.246.40.0/22 maxlen: 22
43.246.44.0/22 maxlen: 22
43.246.52.0/22 maxlen: 22
43.246.56.0/22 maxlen: 22
43.246.60.0/22 maxlen: 22
43.246.64.0/22 maxlen: 22
43.246.68.0/22 maxlen: 22
43.246.72.0/22 maxlen: 22
43.246.76.0/22 maxlen: 22
43.246.80.0/22 maxlen: 22
43.246.84.0/22 maxlen: 22
43.246.88.0/22 maxlen: 22
43.246.92.0/22 maxlen: 22
43.246.96.0/22 maxlen: 22
103.35.48.0/22 maxlen: 22
103.236.0.0/22 maxlen: 22
103.236.4.0/22 maxlen: 22
103.236.8.0/22 maxlen: 22
103.236.12.0/22 maxlen: 22
103.236.16.0/22 maxlen: 22
103.236.20.0/22 maxlen: 22
103.236.28.0/22 maxlen: 22
103.236.32.0/22 maxlen: 22
103.236.36.0/22 maxlen: 22
103.236.40.0/22 maxlen: 22
103.236.44.0/22 maxlen: 22
103.236.48.0/22 maxlen: 22
103.236.52.0/22 maxlen: 22
103.236.56.0/22 maxlen: 22
103.236.60.0/22 maxlen: 22
103.236.64.0/22 maxlen: 22
103.236.68.0/22 maxlen: 22
103.236.72.0/22 maxlen: 22
103.236.76.0/22 maxlen: 22
103.236.80.0/22 maxlen: 22
103.236.84.0/22 maxlen: 22
103.236.88.0/22 maxlen: 22
103.236.92.0/22 maxlen: 22
103.236.96.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 24582 (0x6006)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 14 03:40:20 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=63CD056E01DC8B118C5BF5AB5B8D4774C0F537D3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:23:4b:aa:3d:59:03:3d:8a:a3:23:ae:5f:18:
f4:96:81:bf:fa:ea:04:b3:00:7d:23:b9:22:93:ea:
e5:ab:c0:72:2a:2c:5b:b5:e5:fd:8b:35:60:25:03:
67:6d:09:5c:01:51:86:d8:e2:f3:00:26:26:fa:c3:
74:cc:2a:dd:44:79:91:cb:16:59:84:cc:57:fc:79:
b7:90:5f:22:18:d7:cf:58:c1:d9:d6:47:91:d0:07:
0b:79:a2:bf:1b:dc:0b:55:19:5a:a8:fc:fc:5c:7e:
ec:3b:79:e2:58:13:d3:de:c3:b6:68:df:bb:15:01:
71:4c:e3:f9:2e:f1:5d:62:b8:1b:d2:e3:8d:8c:60:
05:a7:d2:da:84:d4:49:ea:1c:31:ac:2c:67:91:db:
54:6d:fa:bc:bb:16:18:1a:55:0b:b6:fe:db:4e:72:
4a:ed:63:63:f8:8d:14:3b:25:6e:7c:e4:d7:78:aa:
a6:24:4a:82:3c:1a:ce:20:ce:74:ce:e3:82:cb:db:
c3:46:72:ae:a5:f1:b2:2c:db:28:e7:4a:86:14:0a:
9f:8c:bf:d0:6c:74:99:95:e6:c8:82:82:bc:35:32:
98:3d:67:ec:dc:76:ca:d4:c5:61:c2:f8:1d:24:03:
5e:4f:d7:7a:c0:8e:6f:f2:ed:53:96:c9:8a:92:5c:
f9:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:CD:05:6E:01:DC:8B:11:8C:5B:F5:AB:5B:8D:47:74:C0:F5:37:D3
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/Y80FbgHcixGMW_WrW41HdMD1N9M.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.48.0/22
43.246.0.0/21
43.246.12.0-43.246.47.255
43.246.52.0-43.246.99.255
103.35.48.0/22
103.236.0.0-103.236.23.255
103.236.28.0-103.236.99.255
Signature Algorithm: sha256WithRSAEncryption
b0:e0:01:81:38:e8:4c:2d:29:ea:6d:8e:77:e9:3d:a1:1c:0a:
31:f0:ed:b1:00:ca:87:12:12:e4:f2:a4:ed:01:c4:ec:e0:c5:
62:40:17:0a:29:cd:98:1b:b1:e7:e7:1c:6a:98:37:62:65:0b:
97:e4:b5:f3:02:22:10:35:7c:fe:3c:59:2b:1f:fe:e8:97:ee:
b0:f5:a4:2b:4e:71:35:be:49:05:20:04:d4:cf:b3:a9:63:d3:
f9:4d:37:b1:bc:a1:e4:a3:d8:4d:81:ab:4e:58:f4:20:fc:0a:
ae:2f:d1:96:1e:86:d9:9a:c0:e2:a8:58:5d:55:be:43:9e:a2:
bd:0b:e4:56:8d:0f:30:cc:3e:a0:e2:fa:35:80:0e:07:55:3c:
15:c9:78:d9:49:e1:de:9d:ed:ee:bc:fa:3b:0c:77:ea:f7:b0:
02:3e:3c:ea:aa:ab:c9:ce:1d:cd:49:6b:d2:5a:81:38:3c:bf:
d3:2e:e8:bf:44:87:39:99:5c:8d:fc:29:ce:c5:10:c4:52:8b:
4a:c5:5c:07:bb:bf:67:47:df:ed:1e:4d:5e:3c:13:78:62:20:
5d:28:b3:32:5a:b8:e8:f8:62:38:94:5d:4f:a5:3b:84:45:d4:
23:6f:4f:d2:8b:95:a1:44:8a:96:26:db:82:9b:29:f4:1d:a6:
cd:1c:d2:86
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgICYAYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNTA1MTQw
MzQwMjBaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDYzQ0QwNTZFMDFEQzhC
MTE4QzVCRjVBQjVCOEQ0Nzc0QzBGNTM3RDMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDMI0uqPVkDPYqjI65fGPSWgb/66gSzAH0juSKT6uWrwHIqLFu1
5f2LNWAlA2dtCVwBUYbY4vMAJib6w3TMKt1EeZHLFlmEzFf8ebeQXyIY189YwdnW
R5HQBwt5or8b3AtVGVqo/Pxcfuw7eeJYE9Pew7Zo37sVAXFM4/ku8V1iuBvS442M
YAWn0tqE1EnqHDGsLGeR21Rt+ry7FhgaVQu2/ttOckrtY2P4jRQ7JW585Nd4qqYk
SoI8Gs4gznTO44LL28NGcq6l8bIs2yjnSoYUCp+Mv9BsdJmV5siCgrw1Mpg9Z+zc
dsrUxWHC+B0kA15P13rAjm/y7VOWyYqSXPlPAgMBAAGjggI0MIICMDAdBgNVHQ4E
FgQUY80FbgHcixGMW/WrW41HdMD1N9MwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1k4MEZiZ0hjaXhHTVdf
V3JXNDFIZE1EMU45TS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwYgYIKwYBBQUHAQcBAf8EUzBRME8EAgABMEkD
BAIr7zADBAMr9gAwDAMEAiv2DAMEBCv2IDAMAwQCK/Y0AwQCK/ZgAwQCZyMwMAsD
AwJn7AMEA2fsEDAMAwQCZ+wcAwQCZ+xgMA0GCSqGSIb3DQEBCwUAA4IBAQCw4AGB
OOhMLSnqbY536T2hHAox8O2xAMqHEhLk8qTtAcTs4MViQBcKKc2YG7Hn5xxqmDdi
ZQuX5LXzAiIQNXz+PFkrH/7ol+6w9aQrTnE1vkkFIATUz7OpY9P5TTexvKHko9hN
gatOWPQg/AquL9GWHobZmsDiqFhdVb5DnqK9C+RWjQ8wzD6g4vo1gA4HVTwVyXjZ
SeHene3uvPo7DHfq97ACPjzqqqvJzh3NSWvSWoE4PL/TLui/RIc5mVyN/CnOxRDE
UotKxVwHu79nR9/tHk1ePBN4YiBdKLMyWrjo+GI4lF1PpTuERdQjb0/Si5WhRIqW
JtuCmyn0HabNHNKG
-----END CERTIFICATE-----
Generated at Sat May 17 21:26:03 2025 by rpki-client