Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/_-6WhjouS4yHmlNsamMcyDm-bnM.roa
File: _-6WhjouS4yHmlNsamMcyDm-bnM.roa (raw, json)
Hash identifier: DQlaHBoEbEFesYzymMg3w0KCUrJaXZNn1FEnjxwt/UE=
Subject key identifier: FF:EE:96:86:3A:2E:4B:8C:87:9A:53:6C:6A:63:1C:C8:39:BE:6E:73
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 60F2
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/_-6WhjouS4yHmlNsamMcyDm-bnM.roa
Signing time: Fri 16 May 2025 14:40:41 +0000
ROA not before: Fri 16 May 2025 14:40:41 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 24426
IP address blocks: 43.239.48.0/22 maxlen: 22
43.246.0.0/22 maxlen: 22
43.246.4.0/22 maxlen: 22
43.246.12.0/22 maxlen: 22
43.246.16.0/22 maxlen: 22
43.246.20.0/22 maxlen: 22
43.246.24.0/22 maxlen: 22
43.246.28.0/22 maxlen: 22
43.246.32.0/22 maxlen: 22
43.246.36.0/22 maxlen: 22
43.246.40.0/22 maxlen: 22
43.246.44.0/22 maxlen: 22
43.246.52.0/22 maxlen: 22
43.246.56.0/22 maxlen: 22
43.246.60.0/22 maxlen: 22
43.246.64.0/22 maxlen: 22
43.246.68.0/22 maxlen: 22
43.246.72.0/22 maxlen: 22
43.246.76.0/22 maxlen: 22
43.246.80.0/22 maxlen: 22
43.246.84.0/22 maxlen: 22
43.246.88.0/22 maxlen: 22
43.246.92.0/22 maxlen: 22
43.246.96.0/22 maxlen: 22
103.35.48.0/22 maxlen: 22
103.236.0.0/22 maxlen: 22
103.236.4.0/22 maxlen: 22
103.236.8.0/22 maxlen: 22
103.236.12.0/22 maxlen: 22
103.236.16.0/22 maxlen: 22
103.236.20.0/22 maxlen: 22
103.236.28.0/22 maxlen: 22
103.236.32.0/22 maxlen: 22
103.236.36.0/22 maxlen: 22
103.236.40.0/22 maxlen: 22
103.236.44.0/22 maxlen: 22
103.236.48.0/22 maxlen: 22
103.236.52.0/22 maxlen: 22
103.236.56.0/22 maxlen: 22
103.236.60.0/22 maxlen: 22
103.236.64.0/22 maxlen: 22
103.236.68.0/22 maxlen: 22
103.236.72.0/22 maxlen: 22
103.236.76.0/22 maxlen: 22
103.236.80.0/22 maxlen: 22
103.236.84.0/22 maxlen: 22
103.236.88.0/22 maxlen: 22
103.236.92.0/22 maxlen: 22
103.236.96.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 24818 (0x60f2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 16 14:40:41 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=FFEE96863A2E4B8C879A536C6A631CC839BE6E73
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:5b:bb:8b:c5:88:8c:15:7b:dd:9f:3d:72:1d:
01:e1:71:b9:cb:f6:55:31:11:68:22:ec:7c:2a:d8:
5c:62:53:2a:90:1a:ca:37:b5:61:ae:bc:d9:51:35:
04:ea:04:26:8c:7d:b8:c8:60:e7:74:b7:c7:98:11:
ad:f7:37:4a:f4:d7:7c:e3:6a:be:9a:e1:2e:b1:66:
fd:34:98:77:67:a1:37:a3:30:48:51:7a:03:3c:f8:
53:b8:a6:9a:a9:86:27:f1:18:9a:52:a0:97:48:bf:
5a:e4:cb:8c:82:3f:2d:09:78:fa:55:61:82:06:f8:
1c:ee:bb:d5:44:5a:c4:00:10:2e:74:ec:d8:c9:7b:
70:c4:a4:49:a6:3f:5e:39:cd:28:14:b3:ef:59:2e:
af:26:f1:6c:21:8e:7c:d6:00:02:c9:3b:ef:be:9b:
e2:96:72:c0:f3:e6:0b:3a:84:09:c1:52:1e:a0:2d:
3b:96:99:06:66:c7:1a:31:ea:b3:f5:17:61:be:4e:
e6:d4:2e:d2:61:24:26:03:98:72:8b:f7:90:0a:cb:
7c:62:fe:bb:d2:da:94:f1:05:9a:b6:c6:41:c3:8f:
d4:a7:41:a7:9c:6f:94:2c:c1:63:f6:21:87:56:44:
80:78:03:17:07:17:d9:f5:46:18:c2:ac:2b:56:ff:
94:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:EE:96:86:3A:2E:4B:8C:87:9A:53:6C:6A:63:1C:C8:39:BE:6E:73
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/_-6WhjouS4yHmlNsamMcyDm-bnM.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.48.0/22
43.246.0.0/21
43.246.12.0-43.246.47.255
43.246.52.0-43.246.99.255
103.35.48.0/22
103.236.0.0-103.236.23.255
103.236.28.0-103.236.99.255
Signature Algorithm: sha256WithRSAEncryption
2e:2b:f7:1b:2c:a4:34:69:82:e0:80:37:28:99:b2:03:4b:bc:
7c:e6:0c:21:af:06:18:93:c0:a6:bf:b4:e3:2f:93:03:57:f7:
79:07:a6:c0:c6:70:52:95:7b:c2:dd:22:e6:9d:2f:19:b0:30:
77:33:fa:e4:10:8e:d3:f6:75:d9:54:c9:34:72:e1:10:4a:5d:
03:47:09:ba:4f:a2:41:19:34:c4:93:0d:8b:48:76:4c:23:d3:
12:7c:9f:82:ba:ab:92:08:fa:fe:88:24:2c:18:34:f6:b0:0d:
ff:0d:d9:00:1b:cd:21:bd:6f:dc:4d:79:53:87:a3:fe:ed:e7:
d2:c7:63:d9:9d:fe:e2:5c:5f:fc:93:2c:e8:67:ba:64:9f:74:
d0:9d:41:9f:ec:f4:f9:e6:e0:53:8f:b1:a8:ea:02:a0:9e:54:
c3:96:39:fe:57:7b:d2:33:93:68:4b:8e:c7:f7:d7:21:d2:c1:
c7:fc:16:f0:9e:94:ba:83:d7:9d:2d:f7:2f:d9:db:39:c0:16:
d3:e6:d5:6a:15:d0:5e:52:81:b2:f9:14:5b:0b:78:a1:50:6d:
72:26:83:f7:7a:10:60:ec:31:a9:d7:bb:bc:a4:41:89:f4:f2:
46:b1:d3:74:36:8b:41:6e:6e:1f:68:37:ad:36:97:1d:c1:ce:
ed:85:cf:38
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgICYPIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNTA1MTYx
NDQwNDFaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKEZGRUU5Njg2M0EyRTRC
OEM4NzlBNTM2QzZBNjMxQ0M4MzlCRTZFNzMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDeW7uLxYiMFXvdnz1yHQHhcbnL9lUxEWgi7Hwq2FxiUyqQGso3
tWGuvNlRNQTqBCaMfbjIYOd0t8eYEa33N0r013zjar6a4S6xZv00mHdnoTejMEhR
egM8+FO4ppqphifxGJpSoJdIv1rky4yCPy0JePpVYYIG+Bzuu9VEWsQAEC507NjJ
e3DEpEmmP145zSgUs+9ZLq8m8WwhjnzWAALJO+++m+KWcsDz5gs6hAnBUh6gLTuW
mQZmxxox6rP1F2G+TubULtJhJCYDmHKL95AKy3xi/rvS2pTxBZq2xkHDj9SnQaec
b5QswWP2IYdWRIB4AxcHF9n1RhjCrCtW/5SBAgMBAAGjggI0MIICMDAdBgNVHQ4E
FgQU/+6WhjouS4yHmlNsamMcyDm+bnMwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L18tNldoam91UzR5SG1s
TnNhbU1jeURtLWJuTS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwYgYIKwYBBQUHAQcBAf8EUzBRME8EAgABMEkD
BAIr7zADBAMr9gAwDAMEAiv2DAMEBCv2IDAMAwQCK/Y0AwQCK/ZgAwQCZyMwMAsD
AwJn7AMEA2fsEDAMAwQCZ+wcAwQCZ+xgMA0GCSqGSIb3DQEBCwUAA4IBAQAuK/cb
LKQ0aYLggDcombIDS7x85gwhrwYYk8Cmv7TjL5MDV/d5B6bAxnBSlXvC3SLmnS8Z
sDB3M/rkEI7T9nXZVMk0cuEQSl0DRwm6T6JBGTTEkw2LSHZMI9MSfJ+CuquSCPr+
iCQsGDT2sA3/DdkAG80hvW/cTXlTh6P+7efSx2PZnf7iXF/8kyzoZ7pkn3TQnUGf
7PT55uBTj7Go6gKgnlTDljn+V3vSM5NoS47H99ch0sHH/BbwnpS6g9edLfcv2ds5
wBbT5tVqFdBeUoGy+RRbC3ihUG1yJoP3ehBg7DGp17u8pEGJ9PJGsdN0NotBbm4f
aDetNpcdwc7thc84
-----END CERTIFICATE-----
Generated at Sun May 18 09:11:39 2025 by rpki-client