Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/B6ILB_-j_dp7RSFDN6mYRiC61iU.roa
File: B6ILB_-j_dp7RSFDN6mYRiC61iU.roa (raw, json)
Hash identifier: prqPcn0kDXO7AQqqZceq5TdewGD/IUUqWnf/bitk5lw=
Subject key identifier: 07:A2:0B:07:FF:A3:FD:DA:7B:45:21:43:37:A9:98:46:20:BA:D6:25
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 47C1
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/B6ILB_-j_dp7RSFDN6mYRiC61iU.roa
Signing time: Wed 24 Apr 2024 06:23:34 +0000
ROA not before: Wed 24 Apr 2024 06:23:34 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18369 (0x47c1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 24 06:23:34 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=07A20B07FFA3FDDA7B45214337A9984620BAD625
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:95:e3:06:2b:1a:ee:34:f1:5c:c9:25:95:03:
4b:b9:36:9e:3e:36:88:a2:76:be:51:d2:50:4e:c8:
99:2b:f7:aa:25:d9:92:d8:eb:40:66:66:26:4e:1a:
85:c8:b5:37:fd:26:94:aa:bd:16:2c:31:ed:b5:55:
59:04:8e:a2:fd:18:b2:ec:17:d0:7e:9f:f8:af:c5:
89:d5:f2:57:6b:43:53:a3:6d:fd:b7:8d:ef:8e:dd:
7e:d9:80:b2:9f:17:1a:ee:fc:98:9e:7c:71:56:84:
e9:27:e9:d5:3c:b1:09:ee:e7:95:83:d5:34:29:5f:
c5:f4:fa:41:68:6f:f5:c0:bb:22:2d:6e:01:bf:3b:
c6:39:46:d6:ba:c7:50:63:1b:a7:6c:1f:8c:7d:74:
d4:43:10:64:79:9f:99:48:d6:79:be:44:ff:5f:5e:
02:49:a1:80:38:cc:e5:a6:41:1a:84:7c:6d:98:79:
c2:7a:41:b2:34:35:e6:86:0b:b1:e0:43:42:65:48:
db:e6:83:45:be:e5:ca:e4:09:2c:75:ae:b9:92:3e:
eb:84:08:41:bc:17:27:12:e0:4f:77:2e:9c:1b:4a:
89:15:1e:c2:db:a2:d9:dc:ce:29:e9:b1:4b:42:0a:
b8:fc:68:c0:9f:c1:5d:81:6e:ba:f2:db:1e:ce:44:
15:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:A2:0B:07:FF:A3:FD:DA:7B:45:21:43:37:A9:98:46:20:BA:D6:25
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/B6ILB_-j_dp7RSFDN6mYRiC61iU.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
2e:c2:cc:a8:64:00:19:13:a1:6a:a5:bb:3d:9b:40:85:fb:7c:
ae:e8:9f:cc:66:ca:e7:60:76:a1:ae:a4:6c:b3:1e:e9:49:cd:
cc:b7:33:ed:2b:5e:9c:65:d3:1a:2d:65:02:a9:89:e4:d1:50:
1f:97:f8:86:20:38:c4:25:48:8d:fb:92:7b:08:d1:92:68:01:
b4:81:43:0e:af:2f:dc:07:4d:18:a8:3c:49:ff:b8:b6:70:d3:
45:70:a3:14:dd:a9:95:2f:bb:82:51:fc:d0:fb:2a:ab:d3:dc:
52:2b:8e:34:a4:79:0f:56:d4:f0:27:7d:da:bc:c4:31:87:39:
cc:65:a3:e6:9b:b9:0a:d2:6d:3c:28:e2:55:6f:02:6d:dc:61:
39:0d:45:ba:13:7b:d5:ec:15:50:5f:8b:9e:52:6d:e9:63:1c:
ea:e4:a4:b8:9f:4b:ec:c0:ad:49:a9:3e:d9:48:ba:9b:76:b8:
f1:f6:a4:3e:4f:81:ad:21:05:83:76:11:ef:a6:74:1a:55:2d:
50:16:d9:05:eb:d7:6f:7e:ab:2e:b4:06:4d:12:d2:c2:83:72:
19:1e:10:9c:3d:ce:ac:a1:6e:ce:0c:e4:db:2c:85:a2:47:6b:
47:7c:9d:8d:df:ee:f9:48:5a:ef:9f:b5:f9:38:29:2c:d8:13:
89:36:0c:41
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICR8EwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MjQw
NjIzMzRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDA3QTIwQjA3RkZBM0ZE
REE3QjQ1MjE0MzM3QTk5ODQ2MjBCQUQ2MjUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDmleMGKxruNPFcySWVA0u5Np4+Noiidr5R0lBOyJkr96ol2ZLY
60BmZiZOGoXItTf9JpSqvRYsMe21VVkEjqL9GLLsF9B+n/ivxYnV8ldrQ1Ojbf23
je+O3X7ZgLKfFxru/JiefHFWhOkn6dU8sQnu55WD1TQpX8X0+kFob/XAuyItbgG/
O8Y5Rta6x1BjG6dsH4x9dNRDEGR5n5lI1nm+RP9fXgJJoYA4zOWmQRqEfG2YecJ6
QbI0NeaGC7HgQ0JlSNvmg0W+5crkCSx1rrmSPuuECEG8FycS4E93LpwbSokVHsLb
otnczinpsUtCCrj8aMCfwV2Bbrry2x7ORBV1AgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUB6ILB/+j/dp7RSFDN6mYRiC61iUwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0I2SUxCXy1qX2RwN1JT
RkRONm1ZUmlDNjFpVS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAC7CzKhkABkToWql
uz2bQIX7fK7on8xmyudgdqGupGyzHulJzcy3M+0rXpxl0xotZQKpieTRUB+X+IYg
OMQlSI37knsI0ZJoAbSBQw6vL9wHTRioPEn/uLZw00VwoxTdqZUvu4JR/ND7KqvT
3FIrjjSkeQ9W1PAnfdq8xDGHOcxlo+abuQrSbTwo4lVvAm3cYTkNRboTe9XsFVBf
i55SbeljHOrkpLifS+zArUmpPtlIupt2uPH2pD5Pga0hBYN2Ee+mdBpVLVAW2QXr
129+qy60Bk0S0sKDchkeEJw9zqyhbs4M5NsshaJHa0d8nY3f7vlIWu+ftfk4KSzY
E4k2DEE=
-----END CERTIFICATE-----
Generated at Sat Jun 21 00:59:29 2025 by rpki-client