Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/uvr2muxJtXOCy8p9PFVEISnyPjc.roa
File: uvr2muxJtXOCy8p9PFVEISnyPjc.roa (raw, json)
Hash identifier: owdvWWP9eoL1WvV3Dr2A8ZL7eli9cGuopwIpuA+9wuY=
Subject key identifier: BA:FA:F6:9A:EC:49:B5:73:82:CB:CA:7D:3C:55:44:21:29:F2:3E:37
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 60B2
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/uvr2muxJtXOCy8p9PFVEISnyPjc.roa
Signing time: Thu 15 May 2025 22:40:31 +0000
ROA not before: Thu 15 May 2025 22:40:31 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 24426
IP address blocks: 43.239.48.0/22 maxlen: 22
43.246.0.0/22 maxlen: 22
43.246.4.0/22 maxlen: 22
43.246.12.0/22 maxlen: 22
43.246.16.0/22 maxlen: 22
43.246.20.0/22 maxlen: 22
43.246.24.0/22 maxlen: 22
43.246.28.0/22 maxlen: 22
43.246.32.0/22 maxlen: 22
43.246.36.0/22 maxlen: 22
43.246.40.0/22 maxlen: 22
43.246.44.0/22 maxlen: 22
43.246.52.0/22 maxlen: 22
43.246.56.0/22 maxlen: 22
43.246.60.0/22 maxlen: 22
43.246.64.0/22 maxlen: 22
43.246.68.0/22 maxlen: 22
43.246.72.0/22 maxlen: 22
43.246.76.0/22 maxlen: 22
43.246.80.0/22 maxlen: 22
43.246.84.0/22 maxlen: 22
43.246.88.0/22 maxlen: 22
43.246.92.0/22 maxlen: 22
43.246.96.0/22 maxlen: 22
103.35.48.0/22 maxlen: 22
103.236.0.0/22 maxlen: 22
103.236.4.0/22 maxlen: 22
103.236.8.0/22 maxlen: 22
103.236.12.0/22 maxlen: 22
103.236.16.0/22 maxlen: 22
103.236.20.0/22 maxlen: 22
103.236.28.0/22 maxlen: 22
103.236.32.0/22 maxlen: 22
103.236.36.0/22 maxlen: 22
103.236.40.0/22 maxlen: 22
103.236.44.0/22 maxlen: 22
103.236.48.0/22 maxlen: 22
103.236.52.0/22 maxlen: 22
103.236.56.0/22 maxlen: 22
103.236.60.0/22 maxlen: 22
103.236.64.0/22 maxlen: 22
103.236.68.0/22 maxlen: 22
103.236.72.0/22 maxlen: 22
103.236.76.0/22 maxlen: 22
103.236.80.0/22 maxlen: 22
103.236.84.0/22 maxlen: 22
103.236.88.0/22 maxlen: 22
103.236.92.0/22 maxlen: 22
103.236.96.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 24754 (0x60b2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 15 22:40:31 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=BAFAF69AEC49B57382CBCA7D3C55442129F23E37
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:b2:76:6a:01:e2:b5:04:33:70:ab:13:27:c3:
41:a9:2e:bd:5c:24:c0:bc:2e:09:dc:a5:0c:01:43:
53:26:84:1d:91:c8:80:86:97:1b:80:0b:50:14:61:
08:22:61:78:46:c9:1c:dd:ca:fe:55:cb:30:68:ad:
85:af:17:1d:9d:bb:9d:e0:ef:ab:8a:7e:a1:d5:70:
9e:27:4b:e1:0f:87:ff:67:7d:ba:06:68:6d:26:f4:
15:b0:39:0a:e4:34:14:42:94:de:09:97:79:1e:83:
0d:b4:27:42:bd:46:4a:dd:51:90:ab:9d:da:ff:ef:
8a:d2:88:f4:da:d2:d1:e9:94:fa:fa:a8:98:72:29:
4a:e4:aa:04:36:8f:ec:ae:0f:8a:8b:bb:04:1c:14:
f0:70:6c:1d:54:85:70:e0:b4:a5:6c:02:67:e4:9f:
e8:1d:dd:e1:09:15:b1:86:ec:0d:61:d5:da:13:8a:
14:38:cf:90:73:13:3b:1d:4f:09:f1:d6:5f:f3:1a:
6d:be:30:84:02:41:46:4a:d9:6c:18:a7:41:31:4a:
19:63:f8:73:b7:f0:9f:89:04:48:83:a2:b1:fa:90:
b4:23:f4:b8:81:33:47:af:e3:b4:a4:5a:be:3b:27:
df:ea:f2:4d:81:39:d9:ef:80:c2:8c:89:0d:47:24:
46:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:FA:F6:9A:EC:49:B5:73:82:CB:CA:7D:3C:55:44:21:29:F2:3E:37
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/uvr2muxJtXOCy8p9PFVEISnyPjc.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.48.0/22
43.246.0.0/21
43.246.12.0-43.246.47.255
43.246.52.0-43.246.99.255
103.35.48.0/22
103.236.0.0-103.236.23.255
103.236.28.0-103.236.99.255
Signature Algorithm: sha256WithRSAEncryption
24:bb:ce:9a:32:a8:04:09:3b:11:0c:aa:38:67:3a:f8:f0:26:
47:4d:c6:a8:9a:38:c6:23:7e:ad:4b:1e:af:a0:9b:5d:82:4b:
45:31:f9:17:86:0e:8a:d7:dc:c5:7d:85:f0:1f:0e:79:bd:d1:
0a:af:b8:77:f1:2b:49:3f:4a:a9:57:71:5f:95:48:8b:17:08:
fc:35:95:46:8f:0c:61:2d:fe:3a:f8:30:bf:67:1b:da:13:a9:
05:19:a1:05:a8:d0:2a:03:b9:98:c3:3b:40:ed:ac:ed:a2:7b:
c1:c7:2f:72:a1:f1:3f:7d:83:2e:af:02:8e:fd:b5:da:be:ed:
fc:2b:fa:3e:53:06:46:4e:1e:dc:10:62:20:a6:be:b0:f2:21:
51:2d:de:3c:99:e6:27:55:f8:98:c3:0d:81:86:41:ef:8f:15:
42:81:1f:b9:0d:4e:56:3b:c5:dc:38:a7:3f:57:ed:2a:87:7f:
17:ad:01:4c:22:87:23:fe:9c:f4:9d:37:a3:23:99:ef:88:9a:
51:19:c9:da:45:f9:0f:b3:8a:c2:94:fa:18:62:38:58:e6:66:
fb:bf:dd:1f:1e:57:73:2f:bf:5e:6b:89:8b:ed:92:a7:ff:2d:
48:a9:27:1a:ad:55:a4:cf:01:dc:aa:34:75:87:a1:7b:16:13:
fb:f7:62:7c
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgICYLIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNTA1MTUy
MjQwMzFaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKEJBRkFGNjlBRUM0OUI1
NzM4MkNCQ0E3RDNDNTU0NDIxMjlGMjNFMzcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCzsnZqAeK1BDNwqxMnw0GpLr1cJMC8LgncpQwBQ1MmhB2RyICG
lxuAC1AUYQgiYXhGyRzdyv5VyzBorYWvFx2du53g76uKfqHVcJ4nS+EPh/9nfboG
aG0m9BWwOQrkNBRClN4Jl3kegw20J0K9RkrdUZCrndr/74rSiPTa0tHplPr6qJhy
KUrkqgQ2j+yuD4qLuwQcFPBwbB1UhXDgtKVsAmfkn+gd3eEJFbGG7A1h1doTihQ4
z5BzEzsdTwnx1l/zGm2+MIQCQUZK2WwYp0ExShlj+HO38J+JBEiDorH6kLQj9LiB
M0ev47SkWr47J9/q8k2BOdnvgMKMiQ1HJEbFAgMBAAGjggI0MIICMDAdBgNVHQ4E
FgQUuvr2muxJtXOCy8p9PFVEISnyPjcwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3V2cjJtdXhKdFhPQ3k4
cDlQRlZFSVNueVBqYy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwYgYIKwYBBQUHAQcBAf8EUzBRME8EAgABMEkD
BAIr7zADBAMr9gAwDAMEAiv2DAMEBCv2IDAMAwQCK/Y0AwQCK/ZgAwQCZyMwMAsD
AwJn7AMEA2fsEDAMAwQCZ+wcAwQCZ+xgMA0GCSqGSIb3DQEBCwUAA4IBAQAku86a
MqgECTsRDKo4Zzr48CZHTcaomjjGI36tSx6voJtdgktFMfkXhg6K19zFfYXwHw55
vdEKr7h38StJP0qpV3FflUiLFwj8NZVGjwxhLf46+DC/ZxvaE6kFGaEFqNAqA7mY
wztA7aztonvBxy9yofE/fYMurwKO/bXavu38K/o+UwZGTh7cEGIgpr6w8iFRLd48
meYnVfiYww2BhkHvjxVCgR+5DU5WO8XcOKc/V+0qh38XrQFMIocj/pz0nTejI5nv
iJpRGcnaRfkPs4rClPoYYjhY5mb7v90fHldzL79ea4mL7ZKn/y1IqScarVWkzwHc
qjR1h6F7FhP792J8
-----END CERTIFICATE-----
Generated at Sat May 17 23:15:50 2025 by rpki-client