Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/Bv5it8uwkP51cJI3TG6AaWNhOV4.roa
File: Bv5it8uwkP51cJI3TG6AaWNhOV4.roa (raw, json)
Hash identifier: QySpwTHusbYkY0yaAaIKC5i8i4QITcVSSH6fJWKRbWo=
Subject key identifier: 06:FE:62:B7:CB:B0:90:FE:75:70:92:37:4C:6E:80:69:63:61:39:5E
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3B39
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/Bv5it8uwkP51cJI3TG6AaWNhOV4.roa
Signing time: Sun 07 Apr 2024 13:22:30 +0000
ROA not before: Sun 07 Apr 2024 13:22:30 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15161 (0x3b39)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 7 13:22:30 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=06FE62B7CBB090FE757092374C6E80696361395E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:7e:26:1e:f8:b3:90:1e:f8:38:2d:00:7f:5b:
ff:94:de:dd:16:4c:46:e6:ff:01:5d:e9:af:a9:24:
df:c5:d8:cb:d4:b9:fb:07:09:fd:4d:ff:3d:f7:79:
39:b5:dc:49:33:75:b4:2d:0e:e4:f4:47:6f:74:53:
ae:b5:9c:2d:6e:a1:d2:d9:ec:b3:42:04:1a:54:dd:
8e:c2:10:a5:b6:e5:9b:cf:ff:7c:05:da:68:63:15:
14:98:06:1f:69:c8:fd:b8:50:78:0d:f7:a2:36:a2:
59:08:14:0d:66:af:9b:ca:4b:a0:5e:69:ac:c4:d0:
8d:e6:17:48:b0:17:1e:a2:e7:00:86:5c:13:73:ca:
6f:a6:15:4e:63:6b:47:b0:21:05:53:8f:cf:ad:ad:
b4:a8:03:99:78:0b:58:13:0e:f0:72:ba:4c:ca:1c:
d4:5f:7c:f2:57:13:cb:da:4a:e0:53:3a:98:96:a2:
fd:7e:70:2e:f1:77:d3:b8:e9:ed:bd:18:6d:7b:46:
41:0b:c7:1c:b9:ec:44:58:a4:01:8a:eb:43:01:62:
eb:15:85:a7:85:23:57:1b:00:8b:83:e5:2f:ad:8f:
f6:e5:db:71:d9:3e:be:b1:ab:fe:75:bc:fe:74:81:
20:5e:6e:24:1a:77:18:e0:37:ad:a4:55:e2:5b:b2:
eb:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:FE:62:B7:CB:B0:90:FE:75:70:92:37:4C:6E:80:69:63:61:39:5E
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/Bv5it8uwkP51cJI3TG6AaWNhOV4.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
2b:02:0c:71:71:75:4d:eb:8f:9e:41:5c:eb:13:bc:82:b0:6c:
6c:a3:71:67:ea:2f:41:5d:88:0f:e2:56:74:4f:19:21:7a:66:
5a:46:fa:35:9f:77:c2:a6:99:8f:ed:10:d8:ba:69:a4:8f:30:
da:ba:f4:46:b4:b3:8c:35:36:06:90:51:0a:b4:39:e2:e5:8f:
7c:81:17:bc:b8:44:f7:ec:c4:77:e0:fc:28:47:7c:4b:5a:8c:
3f:e2:1c:e2:85:3a:8a:11:cc:f0:d8:a8:b1:73:2e:59:73:b8:
cf:fb:75:ae:69:02:56:a7:f1:ac:b8:23:58:70:d1:bc:f5:5c:
71:3b:72:20:aa:99:0a:a3:ea:72:2e:5c:e8:5b:c7:f0:ea:7e:
82:5f:53:54:dd:72:87:87:f2:ec:f1:23:6c:20:0d:56:d6:27:
48:db:28:dc:a8:3b:f7:80:59:3c:b1:0f:1e:7c:29:fe:b7:e8:
cd:74:d8:07:a7:d7:10:a4:be:82:d5:75:7e:da:9d:3a:98:b8:
ab:f8:24:ec:4b:25:61:f5:ae:20:a5:e2:e6:c1:49:61:dd:c9:
9e:96:99:a3:97:8f:17:e5:4f:cf:a7:20:6f:7e:27:b0:27:c3:
1d:e1:46:1a:4d:ba:ff:e4:ae:69:03:a7:e6:c6:73:26:60:be:
0d:06:78:29
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICOzkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDcx
MzIyMzBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDA2RkU2MkI3Q0JCMDkw
RkU3NTcwOTIzNzRDNkU4MDY5NjM2MTM5NUUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDxfiYe+LOQHvg4LQB/W/+U3t0WTEbm/wFd6a+pJN/F2MvUufsH
Cf1N/z33eTm13EkzdbQtDuT0R290U661nC1uodLZ7LNCBBpU3Y7CEKW25ZvP/3wF
2mhjFRSYBh9pyP24UHgN96I2olkIFA1mr5vKS6BeaazE0I3mF0iwFx6i5wCGXBNz
ym+mFU5ja0ewIQVTj8+trbSoA5l4C1gTDvByukzKHNRffPJXE8vaSuBTOpiWov1+
cC7xd9O46e29GG17RkELxxy57ERYpAGK60MBYusVhaeFI1cbAIuD5S+tj/bl23HZ
Pr6xq/51vP50gSBebiQadxjgN62kVeJbsusfAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUBv5it8uwkP51cJI3TG6AaWNhOV4wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0J2NWl0OHV3a1A1MWNK
STNURzZBYVdOaE9WNC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBACsCDHFxdU3rj55B
XOsTvIKwbGyjcWfqL0FdiA/iVnRPGSF6ZlpG+jWfd8KmmY/tENi6aaSPMNq69Ea0
s4w1NgaQUQq0OeLlj3yBF7y4RPfsxHfg/ChHfEtajD/iHOKFOooRzPDYqLFzLllz
uM/7da5pAlan8ay4I1hw0bz1XHE7ciCqmQqj6nIuXOhbx/DqfoJfU1TdcoeH8uzx
I2wgDVbWJ0jbKNyoO/eAWTyxDx58Kf636M102Aen1xCkvoLVdX7anTqYuKv4JOxL
JWH1riCl4ubBSWHdyZ6WmaOXjxflT8+nIG9+J7Anwx3hRhpNuv/krmkDp+bGcyZg
vg0GeCk=
-----END CERTIFICATE-----
Generated at Sun Jun 22 00:08:43 2025 by rpki-client