Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/9ElaojZkBVy1I_WLx-uuotPMY-Y.roa
File: 9ElaojZkBVy1I_WLx-uuotPMY-Y.roa (raw, json)
Hash identifier: ymxrYAuHyC95vu8HM3N0paVToJXSKhHYyr0kTAc1X3g=
Subject key identifier: F4:49:5A:A2:36:64:05:5C:B5:23:F5:8B:C7:EB:AE:A2:D3:CC:63:E6
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 484D
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/9ElaojZkBVy1I_WLx-uuotPMY-Y.roa
Signing time: Wed 24 Apr 2024 23:53:16 +0000
ROA not before: Wed 24 Apr 2024 23:53:16 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18509 (0x484d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 24 23:53:16 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=F4495AA23664055CB523F58BC7EBAEA2D3CC63E6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fc:bb:1e:55:77:b8:7f:42:fc:9e:5a:21:b8:fc:
12:2a:79:d5:7c:26:c8:b0:15:8e:cf:04:35:73:0e:
58:06:2d:d1:3a:6d:41:60:e8:86:e1:4e:24:c5:fb:
28:87:6c:e9:a4:7f:3c:7a:01:18:86:c0:94:df:3c:
48:b7:9c:c1:25:3e:51:4f:f7:93:55:a3:9a:fe:38:
8f:72:55:14:17:76:fa:cb:f6:a7:a0:f0:f9:fe:f1:
32:29:2d:11:42:e6:11:30:52:b7:1b:29:61:2c:46:
95:bc:70:02:0f:ba:88:fa:e6:bc:d5:bc:5b:ea:a2:
48:d0:34:13:d3:22:ae:9d:74:d9:68:53:7e:7e:68:
55:75:a7:4c:23:8f:19:ec:47:d5:3b:86:01:ef:2b:
ce:a6:f2:80:75:8e:e9:eb:b9:17:7b:b8:47:65:66:
4c:06:13:66:43:0e:bb:f9:09:7e:22:b6:10:a2:1b:
fa:bb:a2:3b:7b:35:d0:f0:2b:f8:f5:c3:3c:ba:b9:
f7:20:65:d4:a3:10:d4:a4:d0:da:bc:ec:df:22:b7:
cd:9a:1d:49:ae:24:34:3d:81:9d:07:96:ed:6f:53:
00:60:82:71:36:11:4e:7b:a7:a8:f5:70:48:74:1a:
a7:08:83:83:10:9f:79:54:25:65:9f:fb:98:79:8d:
f3:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:49:5A:A2:36:64:05:5C:B5:23:F5:8B:C7:EB:AE:A2:D3:CC:63:E6
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/9ElaojZkBVy1I_WLx-uuotPMY-Y.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
90:8b:03:21:ae:2c:28:5f:0a:68:ba:76:d6:33:8f:a7:36:f9:
ab:a9:63:bb:5d:82:c5:c1:d0:c8:fb:df:ae:fd:8a:a4:ff:f6:
86:61:71:f7:f9:05:e1:60:15:93:4c:61:24:b5:49:dd:93:62:
59:0a:bc:66:49:a0:06:1a:dc:2e:48:6a:0d:4a:0d:a5:3b:8f:
9d:51:aa:2b:d2:76:9c:2d:a6:3f:ff:c3:14:60:bf:1b:d6:72:
1f:82:9e:fd:f8:e1:56:a5:7a:ee:e9:20:1d:54:67:1b:7d:e0:
fc:55:1b:1c:39:d5:f6:f1:aa:74:3b:3f:55:bc:e3:64:e4:17:
5f:13:0e:16:59:8a:da:3e:6e:9c:f1:78:ac:6c:a1:ff:e5:3f:
13:ea:85:7a:87:01:00:2f:74:5a:51:df:99:1f:24:d1:ff:86:
86:30:5b:61:08:75:5f:cd:09:b4:ff:19:89:ad:8e:ee:13:d4:
09:23:eb:f4:84:97:2a:b4:9a:4d:33:99:14:d4:89:44:53:89:
7e:40:0d:6f:8d:5a:55:77:16:ba:da:de:bd:89:a7:30:0c:49:
5f:8c:c1:f5:53:57:69:3b:93:fc:45:3c:bd:63:23:17:24:94:
37:54:93:1f:bf:c3:71:24:cf:e1:d6:60:c1:8f:1d:07:c9:f8:
a4:af:52:52
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICSE0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MjQy
MzUzMTZaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEY0NDk1QUEyMzY2NDA1
NUNCNTIzRjU4QkM3RUJBRUEyRDNDQzYzRTYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQD8ux5Vd7h/QvyeWiG4/BIqedV8JsiwFY7PBDVzDlgGLdE6bUFg
6IbhTiTF+yiHbOmkfzx6ARiGwJTfPEi3nMElPlFP95NVo5r+OI9yVRQXdvrL9qeg
8Pn+8TIpLRFC5hEwUrcbKWEsRpW8cAIPuoj65rzVvFvqokjQNBPTIq6ddNloU35+
aFV1p0wjjxnsR9U7hgHvK86m8oB1junruRd7uEdlZkwGE2ZDDrv5CX4ithCiG/q7
ojt7NdDwK/j1wzy6ufcgZdSjENSk0Nq87N8it82aHUmuJDQ9gZ0Hlu1vUwBggnE2
EU57p6j1cEh0GqcIg4MQn3lUJWWf+5h5jfPzAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQU9ElaojZkBVy1I/WLx+uuotPMY+YwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzlFbGFvalprQlZ5MUlf
V0x4LXV1b3RQTVktWS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAJCLAyGuLChfCmi6
dtYzj6c2+aupY7tdgsXB0Mj73679iqT/9oZhcff5BeFgFZNMYSS1Sd2TYlkKvGZJ
oAYa3C5Iag1KDaU7j51RqivSdpwtpj//wxRgvxvWch+Cnv344Valeu7pIB1UZxt9
4PxVGxw51fbxqnQ7P1W842TkF18TDhZZito+bpzxeKxsof/lPxPqhXqHAQAvdFpR
35kfJNH/hoYwW2EIdV/NCbT/GYmtju4T1Akj6/SElyq0mk0zmRTUiURTiX5ADW+N
WlV3Frra3r2JpzAMSV+MwfVTV2k7k/xFPL1jIxcklDdUkx+/w3Ekz+HWYMGPHQfJ
+KSvUlI=
-----END CERTIFICATE-----
Generated at Sun Jun 22 03:43:30 2025 by rpki-client