Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/xBDtW-ElKDU5A4wKdSdurU0N9TY.roa
File: xBDtW-ElKDU5A4wKdSdurU0N9TY.roa (raw, json)
Hash identifier: ahbh6UAdNc8luKfHiKW3dWwUEocDgE4W7hdLcVZcmbQ=
Subject key identifier: C4:10:ED:5B:E1:25:28:35:39:03:8C:0A:75:27:6E:AD:4D:0D:F5:36
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 5FD4
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/xBDtW-ElKDU5A4wKdSdurU0N9TY.roa
Signing time: Tue 13 May 2025 15:11:27 +0000
ROA not before: Tue 13 May 2025 15:11:27 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 24426
IP address blocks: 43.239.48.0/22 maxlen: 22
43.246.0.0/22 maxlen: 22
43.246.4.0/22 maxlen: 22
43.246.12.0/22 maxlen: 22
43.246.16.0/22 maxlen: 22
43.246.20.0/22 maxlen: 22
43.246.24.0/22 maxlen: 22
43.246.28.0/22 maxlen: 22
43.246.32.0/22 maxlen: 22
43.246.36.0/22 maxlen: 22
43.246.40.0/22 maxlen: 22
43.246.44.0/22 maxlen: 22
43.246.52.0/22 maxlen: 22
43.246.56.0/22 maxlen: 22
43.246.60.0/22 maxlen: 22
43.246.64.0/22 maxlen: 22
43.246.68.0/22 maxlen: 22
43.246.72.0/22 maxlen: 22
43.246.76.0/22 maxlen: 22
43.246.80.0/22 maxlen: 22
43.246.84.0/22 maxlen: 22
43.246.88.0/22 maxlen: 22
43.246.92.0/22 maxlen: 22
43.246.96.0/22 maxlen: 22
103.35.48.0/22 maxlen: 22
103.236.0.0/22 maxlen: 22
103.236.4.0/22 maxlen: 22
103.236.8.0/22 maxlen: 22
103.236.12.0/22 maxlen: 22
103.236.16.0/22 maxlen: 22
103.236.20.0/22 maxlen: 22
103.236.28.0/22 maxlen: 22
103.236.32.0/22 maxlen: 22
103.236.36.0/22 maxlen: 22
103.236.40.0/22 maxlen: 22
103.236.44.0/22 maxlen: 22
103.236.48.0/22 maxlen: 22
103.236.52.0/22 maxlen: 22
103.236.56.0/22 maxlen: 22
103.236.60.0/22 maxlen: 22
103.236.64.0/22 maxlen: 22
103.236.68.0/22 maxlen: 22
103.236.72.0/22 maxlen: 22
103.236.76.0/22 maxlen: 22
103.236.80.0/22 maxlen: 22
103.236.84.0/22 maxlen: 22
103.236.88.0/22 maxlen: 22
103.236.92.0/22 maxlen: 22
103.236.96.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 24532 (0x5fd4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 13 15:11:27 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=C410ED5BE125283539038C0A75276EAD4D0DF536
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:94:bc:a4:c5:74:12:21:82:09:d3:76:41:25:
90:0a:87:e5:4d:96:1d:d0:3a:e7:6e:d2:04:0f:1f:
d2:6b:8f:26:a3:1f:57:83:8b:42:fe:2b:8d:e1:21:
01:e6:36:f9:7b:8b:ac:5c:b6:c0:c9:19:18:40:d1:
d8:c6:bb:a9:04:7d:77:bd:70:71:f7:e0:9a:6d:5f:
6b:16:6f:be:c9:cf:af:74:a6:ed:53:bf:ca:c0:4a:
13:4c:5f:7c:61:eb:e7:fc:0c:df:81:97:d5:49:9e:
a0:4a:08:fb:ec:6a:91:ab:31:a6:5e:36:a7:1e:e9:
bd:e9:53:76:83:c2:df:3a:f0:db:55:16:8f:32:d5:
3f:16:d8:5d:fd:25:55:76:43:81:28:5b:fb:91:4b:
62:91:1b:df:54:12:a8:51:54:50:e9:fd:80:42:21:
c1:06:03:ed:cb:87:2c:98:0d:f1:0f:32:5b:05:32:
f8:51:6a:84:4d:22:73:67:3b:d0:4d:7b:66:39:22:
2e:28:ff:1d:cb:43:59:6f:28:bc:ac:8f:22:60:ea:
30:45:14:64:94:0c:8c:1a:df:e2:a7:d7:d4:15:f1:
3f:68:4c:93:16:31:6e:ff:30:1a:f0:64:04:2c:4d:
1d:fc:9d:4c:61:bd:ec:7b:ab:81:b8:3d:c4:3e:f6:
a2:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:10:ED:5B:E1:25:28:35:39:03:8C:0A:75:27:6E:AD:4D:0D:F5:36
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/xBDtW-ElKDU5A4wKdSdurU0N9TY.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.48.0/22
43.246.0.0/21
43.246.12.0-43.246.47.255
43.246.52.0-43.246.99.255
103.35.48.0/22
103.236.0.0-103.236.23.255
103.236.28.0-103.236.99.255
Signature Algorithm: sha256WithRSAEncryption
55:45:80:95:4f:35:d6:28:ab:46:03:1c:a4:f5:04:7a:30:15:
d0:1a:51:32:a6:f4:61:7e:aa:2d:b6:99:d3:12:58:52:55:d6:
b4:8f:bb:60:a0:33:b6:71:a5:82:92:d0:c6:78:37:01:f0:24:
b6:54:87:44:92:45:ca:f4:48:90:0a:96:5a:27:c7:b9:51:a0:
63:dc:f8:f0:14:cf:ca:1f:fb:0c:68:62:1b:65:14:fd:7e:c6:
af:5d:3c:bc:93:c9:cb:11:20:6a:fa:5e:f2:f0:e4:45:9e:2a:
4b:a6:56:20:2a:24:a5:fc:9b:b4:fa:c6:27:cc:85:12:b4:6f:
23:ef:64:2f:f2:ec:62:a4:08:c2:39:7b:d1:42:25:c4:7d:c6:
ef:2d:2d:4c:34:d0:8a:6d:21:e5:1d:bb:06:ea:cd:25:80:11:
32:a3:0d:ff:c9:77:7d:b9:6c:aa:38:35:7b:f2:70:a7:21:95:
1c:97:16:95:07:0e:c4:de:bc:c7:cc:51:52:90:c3:c8:d0:36:
5d:93:05:f1:3d:a4:6c:f8:45:0e:05:60:70:2c:cd:1c:48:55:
56:82:7e:88:06:53:92:47:57:73:44:59:5b:dd:c2:78:ec:e1:
f5:f1:d1:b4:c4:2c:ce:43:55:87:a4:7e:d2:30:0f:bb:08:2b:
75:6f:7d:ac
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgICX9QwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNTA1MTMx
NTExMjdaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKEM0MTBFRDVCRTEyNTI4
MzUzOTAzOEMwQTc1Mjc2RUFENEQwREY1MzYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDHlLykxXQSIYIJ03ZBJZAKh+VNlh3QOudu0gQPH9JrjyajH1eD
i0L+K43hIQHmNvl7i6xctsDJGRhA0djGu6kEfXe9cHH34JptX2sWb77Jz690pu1T
v8rAShNMX3xh6+f8DN+Bl9VJnqBKCPvsapGrMaZeNqce6b3pU3aDwt868NtVFo8y
1T8W2F39JVV2Q4EoW/uRS2KRG99UEqhRVFDp/YBCIcEGA+3LhyyYDfEPMlsFMvhR
aoRNInNnO9BNe2Y5Ii4o/x3LQ1lvKLysjyJg6jBFFGSUDIwa3+Kn19QV8T9oTJMW
MW7/MBrwZAQsTR38nUxhvex7q4G4PcQ+9qK1AgMBAAGjggI0MIICMDAdBgNVHQ4E
FgQUxBDtW+ElKDU5A4wKdSdurU0N9TYwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3hCRHRXLUVsS0RVNUE0
d0tkU2R1clUwTjlUWS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwYgYIKwYBBQUHAQcBAf8EUzBRME8EAgABMEkD
BAIr7zADBAMr9gAwDAMEAiv2DAMEBCv2IDAMAwQCK/Y0AwQCK/ZgAwQCZyMwMAsD
AwJn7AMEA2fsEDAMAwQCZ+wcAwQCZ+xgMA0GCSqGSIb3DQEBCwUAA4IBAQBVRYCV
TzXWKKtGAxyk9QR6MBXQGlEypvRhfqottpnTElhSVda0j7tgoDO2caWCktDGeDcB
8CS2VIdEkkXK9EiQCpZaJ8e5UaBj3PjwFM/KH/sMaGIbZRT9fsavXTy8k8nLESBq
+l7y8ORFnipLplYgKiSl/Ju0+sYnzIUStG8j72Qv8uxipAjCOXvRQiXEfcbvLS1M
NNCKbSHlHbsG6s0lgBEyow3/yXd9uWyqODV78nCnIZUclxaVBw7E3rzHzFFSkMPI
0DZdkwXxPaRs+EUOBWBwLM0cSFVWgn6IBlOSR1dzRFlb3cJ47OH18dG0xCzOQ1WH
pH7SMA+7CCt1b32s
-----END CERTIFICATE-----
Generated at Sun May 18 13:11:01 2025 by rpki-client