Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/tfroXhB-WygtQ9wO8c5_mM_5d7U.roa
File: tfroXhB-WygtQ9wO8c5_mM_5d7U.roa (raw, json)
Hash identifier: Xy5CCU4BMQJYGF6DQF3nWO7AstCih4yTCFVkoR/yW24=
Subject key identifier: B5:FA:E8:5E:10:7E:5B:28:2D:43:DC:0E:F1:CE:7F:98:CF:F9:77:B5
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 5FC6
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/tfroXhB-WygtQ9wO8c5_mM_5d7U.roa
Signing time: Tue 13 May 2025 11:40:22 +0000
ROA not before: Tue 13 May 2025 11:40:22 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 24426
IP address blocks: 43.239.48.0/22 maxlen: 22
43.246.0.0/22 maxlen: 22
43.246.4.0/22 maxlen: 22
43.246.12.0/22 maxlen: 22
43.246.16.0/22 maxlen: 22
43.246.20.0/22 maxlen: 22
43.246.24.0/22 maxlen: 22
43.246.28.0/22 maxlen: 22
43.246.32.0/22 maxlen: 22
43.246.36.0/22 maxlen: 22
43.246.40.0/22 maxlen: 22
43.246.44.0/22 maxlen: 22
43.246.52.0/22 maxlen: 22
43.246.56.0/22 maxlen: 22
43.246.60.0/22 maxlen: 22
43.246.64.0/22 maxlen: 22
43.246.68.0/22 maxlen: 22
43.246.72.0/22 maxlen: 22
43.246.76.0/22 maxlen: 22
43.246.80.0/22 maxlen: 22
43.246.84.0/22 maxlen: 22
43.246.88.0/22 maxlen: 22
43.246.92.0/22 maxlen: 22
43.246.96.0/22 maxlen: 22
103.35.48.0/22 maxlen: 22
103.236.0.0/22 maxlen: 22
103.236.4.0/22 maxlen: 22
103.236.8.0/22 maxlen: 22
103.236.12.0/22 maxlen: 22
103.236.16.0/22 maxlen: 22
103.236.20.0/22 maxlen: 22
103.236.28.0/22 maxlen: 22
103.236.32.0/22 maxlen: 22
103.236.36.0/22 maxlen: 22
103.236.40.0/22 maxlen: 22
103.236.44.0/22 maxlen: 22
103.236.48.0/22 maxlen: 22
103.236.52.0/22 maxlen: 22
103.236.56.0/22 maxlen: 22
103.236.60.0/22 maxlen: 22
103.236.64.0/22 maxlen: 22
103.236.68.0/22 maxlen: 22
103.236.72.0/22 maxlen: 22
103.236.76.0/22 maxlen: 22
103.236.80.0/22 maxlen: 22
103.236.84.0/22 maxlen: 22
103.236.88.0/22 maxlen: 22
103.236.92.0/22 maxlen: 22
103.236.96.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 24518 (0x5fc6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 13 11:40:22 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=B5FAE85E107E5B282D43DC0EF1CE7F98CFF977B5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:23:97:04:6d:10:f4:9d:c3:7f:e3:2b:49:7a:
98:ab:f3:e2:99:5d:e7:2d:b5:c8:c3:37:cf:23:2d:
9e:14:96:0b:bc:be:39:5d:fe:d4:2a:6d:39:14:31:
fd:44:35:50:02:5f:c4:39:8e:80:1c:df:62:21:6f:
2d:f9:6d:bd:c4:68:e9:fa:30:ab:00:0d:7b:dd:39:
a4:2a:18:dc:97:6d:c4:17:01:a6:3e:52:30:4c:19:
57:80:e1:34:a9:b5:23:2d:0f:4e:36:a8:4f:36:9e:
09:f0:01:34:62:c4:85:8e:64:9b:f4:7a:40:54:aa:
7d:16:c6:3c:28:4c:32:af:df:e4:f6:11:d6:45:4a:
a6:29:69:0a:4f:b2:cd:b0:4e:45:97:72:85:39:f3:
5f:b2:96:cb:90:79:ad:3a:c3:57:bf:20:21:1e:b3:
1e:c7:6c:76:25:04:82:c9:b6:a9:f3:e3:54:9d:0f:
d5:a9:fe:3b:43:33:40:b8:5b:1c:d7:ef:b6:ca:f7:
f4:43:df:2f:8c:cb:11:43:d2:84:a8:fd:24:73:a9:
82:61:7c:67:ff:fb:bb:a8:3a:6f:b8:54:49:e3:18:
18:aa:f0:4a:f9:c3:00:24:df:cb:ca:7c:08:c4:0f:
ff:95:ee:c2:51:da:e4:3b:c5:ff:6c:36:df:67:b3:
48:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:FA:E8:5E:10:7E:5B:28:2D:43:DC:0E:F1:CE:7F:98:CF:F9:77:B5
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/tfroXhB-WygtQ9wO8c5_mM_5d7U.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.48.0/22
43.246.0.0/21
43.246.12.0-43.246.47.255
43.246.52.0-43.246.99.255
103.35.48.0/22
103.236.0.0-103.236.23.255
103.236.28.0-103.236.99.255
Signature Algorithm: sha256WithRSAEncryption
91:6e:d7:b2:93:69:fd:fc:c6:70:85:c0:42:c5:a3:6b:eb:0f:
d8:5e:4b:f4:bb:d8:eb:53:4c:c6:02:63:b3:8b:d3:1b:ad:d0:
e0:b0:28:af:8b:0b:ad:d3:92:cd:f2:d2:2b:8f:0a:3d:e0:a3:
43:50:7f:6a:24:c5:53:5d:78:e5:ee:44:2e:34:e3:18:e9:40:
82:f3:40:76:b0:fe:60:2d:44:ad:33:21:cc:97:df:44:55:ee:
ff:4c:d3:cd:a4:7e:d3:73:64:77:1a:3c:b6:32:69:23:21:bf:
7f:83:7f:aa:36:f5:64:88:c7:96:04:56:fc:0e:c7:8d:29:8f:
ba:e2:4b:65:79:c2:a4:e4:ff:15:af:27:0b:e7:ff:5e:a4:2c:
89:b1:a3:c2:8c:7e:db:b5:37:46:4d:d1:c2:6a:7d:63:ae:4a:
f4:8d:56:43:89:ed:93:73:bd:ea:7c:73:af:3e:fc:bc:15:7a:
34:f9:b4:ab:9b:b2:ab:d2:e7:9d:2b:70:4f:63:01:b0:8b:86:
b8:8c:33:b6:89:14:5a:51:54:ee:f5:b2:e3:4a:3e:6e:12:95:
b4:99:0e:d8:00:33:56:21:65:3b:d7:e7:a8:8d:aa:7a:67:d1:
6a:90:de:98:b4:d6:c5:55:e9:dd:8b:97:bf:48:d7:22:c6:82:
ce:c4:17:fb
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgICX8YwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNTA1MTMx
MTQwMjJaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKEI1RkFFODVFMTA3RTVC
MjgyRDQzREMwRUYxQ0U3Rjk4Q0ZGOTc3QjUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC4I5cEbRD0ncN/4ytJepir8+KZXecttcjDN88jLZ4Ulgu8vjld
/tQqbTkUMf1ENVACX8Q5joAc32Ihby35bb3EaOn6MKsADXvdOaQqGNyXbcQXAaY+
UjBMGVeA4TSptSMtD042qE82ngnwATRixIWOZJv0ekBUqn0WxjwoTDKv3+T2EdZF
SqYpaQpPss2wTkWXcoU581+ylsuQea06w1e/ICEesx7HbHYlBILJtqnz41SdD9Wp
/jtDM0C4WxzX77bK9/RD3y+MyxFD0oSo/SRzqYJhfGf/+7uoOm+4VEnjGBiq8Er5
wwAk38vKfAjED/+V7sJR2uQ7xf9sNt9ns0jzAgMBAAGjggI0MIICMDAdBgNVHQ4E
FgQUtfroXhB+WygtQ9wO8c5/mM/5d7UwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3Rmcm9YaEItV3lndFE5
d084YzVfbU1fNWQ3VS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwYgYIKwYBBQUHAQcBAf8EUzBRME8EAgABMEkD
BAIr7zADBAMr9gAwDAMEAiv2DAMEBCv2IDAMAwQCK/Y0AwQCK/ZgAwQCZyMwMAsD
AwJn7AMEA2fsEDAMAwQCZ+wcAwQCZ+xgMA0GCSqGSIb3DQEBCwUAA4IBAQCRbtey
k2n9/MZwhcBCxaNr6w/YXkv0u9jrU0zGAmOzi9MbrdDgsCiviwut05LN8tIrjwo9
4KNDUH9qJMVTXXjl7kQuNOMY6UCC80B2sP5gLUStMyHMl99EVe7/TNPNpH7Tc2R3
Gjy2MmkjIb9/g3+qNvVkiMeWBFb8DseNKY+64ktlecKk5P8VrycL5/9epCyJsaPC
jH7btTdGTdHCan1jrkr0jVZDie2Tc73qfHOvPvy8FXo0+bSrm7Kr0uedK3BPYwGw
i4a4jDO2iRRaUVTu9bLjSj5uEpW0mQ7YADNWIWU71+eojap6Z9FqkN6YtNbFVend
i5e/SNcixoLOxBf7
-----END CERTIFICATE-----
Generated at Sun May 18 04:50:48 2025 by rpki-client