Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/sG6oKPAKEE0A1Jo0b61wi4_B86M.roa
File: sG6oKPAKEE0A1Jo0b61wi4_B86M.roa (raw, json)
Hash identifier: Jsl/kc6tJD+AFSrxUdCPXVGhr3k8p5kNJRIrmsLDoY8=
Subject key identifier: B0:6E:A8:28:F0:0A:10:4D:00:D4:9A:34:6F:AD:70:8B:8F:C1:F3:A3
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 6050
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/sG6oKPAKEE0A1Jo0b61wi4_B86M.roa
Signing time: Wed 14 May 2025 22:10:20 +0000
ROA not before: Wed 14 May 2025 22:10:20 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 24426
IP address blocks: 43.239.48.0/22 maxlen: 22
43.246.0.0/22 maxlen: 22
43.246.4.0/22 maxlen: 22
43.246.12.0/22 maxlen: 22
43.246.16.0/22 maxlen: 22
43.246.20.0/22 maxlen: 22
43.246.24.0/22 maxlen: 22
43.246.28.0/22 maxlen: 22
43.246.32.0/22 maxlen: 22
43.246.36.0/22 maxlen: 22
43.246.40.0/22 maxlen: 22
43.246.44.0/22 maxlen: 22
43.246.52.0/22 maxlen: 22
43.246.56.0/22 maxlen: 22
43.246.60.0/22 maxlen: 22
43.246.64.0/22 maxlen: 22
43.246.68.0/22 maxlen: 22
43.246.72.0/22 maxlen: 22
43.246.76.0/22 maxlen: 22
43.246.80.0/22 maxlen: 22
43.246.84.0/22 maxlen: 22
43.246.88.0/22 maxlen: 22
43.246.92.0/22 maxlen: 22
43.246.96.0/22 maxlen: 22
103.35.48.0/22 maxlen: 22
103.236.0.0/22 maxlen: 22
103.236.4.0/22 maxlen: 22
103.236.8.0/22 maxlen: 22
103.236.12.0/22 maxlen: 22
103.236.16.0/22 maxlen: 22
103.236.20.0/22 maxlen: 22
103.236.28.0/22 maxlen: 22
103.236.32.0/22 maxlen: 22
103.236.36.0/22 maxlen: 22
103.236.40.0/22 maxlen: 22
103.236.44.0/22 maxlen: 22
103.236.48.0/22 maxlen: 22
103.236.52.0/22 maxlen: 22
103.236.56.0/22 maxlen: 22
103.236.60.0/22 maxlen: 22
103.236.64.0/22 maxlen: 22
103.236.68.0/22 maxlen: 22
103.236.72.0/22 maxlen: 22
103.236.76.0/22 maxlen: 22
103.236.80.0/22 maxlen: 22
103.236.84.0/22 maxlen: 22
103.236.88.0/22 maxlen: 22
103.236.92.0/22 maxlen: 22
103.236.96.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 24656 (0x6050)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 14 22:10:20 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=B06EA828F00A104D00D49A346FAD708B8FC1F3A3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:0f:22:32:de:bc:e4:26:a4:cf:36:bc:66:be:
48:8d:7f:94:23:03:34:0f:eb:bb:d1:79:0c:d1:15:
e5:13:c4:c4:b4:03:8a:be:14:71:c5:77:f7:6c:4b:
55:72:75:ae:b6:24:e9:57:b3:53:3b:0e:22:58:2b:
72:c4:92:99:6b:29:12:1c:25:7e:b0:51:4e:96:43:
59:64:5b:83:88:69:e6:ed:9f:b4:28:45:c6:dc:ae:
53:3a:d3:4a:83:f4:84:21:1f:25:be:3a:77:e0:4a:
b8:bb:43:45:cc:f6:50:2b:f7:45:43:35:a9:96:3d:
5e:54:64:66:99:7d:77:f9:7d:85:43:d4:51:4b:c8:
7b:98:7f:55:0d:fc:af:ec:8c:77:44:0c:72:ed:04:
7d:26:af:33:79:a8:1a:48:c7:49:f3:5c:63:26:28:
76:bf:9e:ea:2c:9d:ad:67:4c:eb:0d:43:af:5d:fb:
dd:7e:1d:6d:4a:5f:b7:09:39:96:df:4b:fc:ef:ec:
0a:85:60:28:f3:20:30:53:75:64:6c:a0:83:48:97:
78:31:7d:fd:7f:5c:6a:44:c5:5d:84:c0:d9:26:eb:
54:c6:99:77:19:eb:51:38:95:56:cb:21:33:7e:68:
07:27:80:75:14:e4:57:fc:ce:d8:e1:02:91:5f:27:
98:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:6E:A8:28:F0:0A:10:4D:00:D4:9A:34:6F:AD:70:8B:8F:C1:F3:A3
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/sG6oKPAKEE0A1Jo0b61wi4_B86M.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.48.0/22
43.246.0.0/21
43.246.12.0-43.246.47.255
43.246.52.0-43.246.99.255
103.35.48.0/22
103.236.0.0-103.236.23.255
103.236.28.0-103.236.99.255
Signature Algorithm: sha256WithRSAEncryption
39:a6:a3:33:81:42:3a:24:de:c4:19:54:3b:78:b2:b8:77:7b:
02:29:e0:7d:60:b8:ac:82:ed:48:8a:e7:77:24:b4:e1:ac:73:
89:79:36:d9:41:a9:7c:19:95:af:f6:ca:e0:07:69:30:f9:70:
5a:54:1e:05:d3:71:e3:84:9a:1b:65:17:fa:62:c9:33:61:b8:
94:b1:aa:7d:cc:78:63:86:47:06:53:af:fe:9e:e5:9c:b5:79:
64:ec:ad:f8:92:bf:30:a8:1a:c8:c8:35:e8:c7:28:a0:e2:67:
b9:45:19:bc:fd:05:bd:74:09:cc:44:3d:05:42:21:22:a5:ec:
67:00:e5:9f:b9:43:4e:c5:22:12:02:06:80:6d:d8:4b:f7:d6:
fc:b9:73:7f:e9:1c:79:1a:e9:61:eb:87:20:31:89:d6:df:9d:
de:8c:37:53:50:fc:ff:c8:7d:31:8e:83:fb:cb:44:88:55:de:
3c:c0:80:fe:3b:af:5d:19:52:25:92:74:c2:18:06:85:d7:ff:
72:d5:63:5e:26:2c:28:c5:c2:c3:38:bb:3c:41:20:ec:14:20:
85:fc:dd:b5:a5:84:1c:2c:aa:47:65:b0:35:bd:29:95:2f:99:
98:e7:3f:5d:36:bb:ed:bf:2f:7b:92:81:63:61:36:74:9e:ab:
2c:0f:d8:bd
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgICYFAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNTA1MTQy
MjEwMjBaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKEIwNkVBODI4RjAwQTEw
NEQwMEQ0OUEzNDZGQUQ3MDhCOEZDMUYzQTMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDPDyIy3rzkJqTPNrxmvkiNf5QjAzQP67vReQzRFeUTxMS0A4q+
FHHFd/dsS1Vyda62JOlXs1M7DiJYK3LEkplrKRIcJX6wUU6WQ1lkW4OIaebtn7Qo
RcbcrlM600qD9IQhHyW+OnfgSri7Q0XM9lAr90VDNamWPV5UZGaZfXf5fYVD1FFL
yHuYf1UN/K/sjHdEDHLtBH0mrzN5qBpIx0nzXGMmKHa/nuosna1nTOsNQ69d+91+
HW1KX7cJOZbfS/zv7AqFYCjzIDBTdWRsoINIl3gxff1/XGpExV2EwNkm61TGmXcZ
61E4lVbLITN+aAcngHUU5Ff8ztjhApFfJ5jlAgMBAAGjggI0MIICMDAdBgNVHQ4E
FgQUsG6oKPAKEE0A1Jo0b61wi4/B86MwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3NHNm9LUEFLRUUwQTFK
bzBiNjF3aTRfQjg2TS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwYgYIKwYBBQUHAQcBAf8EUzBRME8EAgABMEkD
BAIr7zADBAMr9gAwDAMEAiv2DAMEBCv2IDAMAwQCK/Y0AwQCK/ZgAwQCZyMwMAsD
AwJn7AMEA2fsEDAMAwQCZ+wcAwQCZ+xgMA0GCSqGSIb3DQEBCwUAA4IBAQA5pqMz
gUI6JN7EGVQ7eLK4d3sCKeB9YLisgu1Iiud3JLThrHOJeTbZQal8GZWv9srgB2kw
+XBaVB4F03HjhJobZRf6YskzYbiUsap9zHhjhkcGU6/+nuWctXlk7K34kr8wqBrI
yDXoxyig4me5RRm8/QW9dAnMRD0FQiEipexnAOWfuUNOxSISAgaAbdhL99b8uXN/
6Rx5Gulh64cgMYnW353ejDdTUPz/yH0xjoP7y0SIVd48wID+O69dGVIlknTCGAaF
1/9y1WNeJiwoxcLDOLs8QSDsFCCF/N21pYQcLKpHZbA1vSmVL5mY5z9dNrvtvy97
koFjYTZ0nqssD9i9
-----END CERTIFICATE-----
Generated at Sat May 17 23:52:41 2025 by rpki-client