Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/LQdheSy5QLwVA8Vb92EZQzehO9U.roa
File: LQdheSy5QLwVA8Vb92EZQzehO9U.roa (raw, json)
Hash identifier: uetSVCnwvNSVMEoisDEk3UVaCQf8Hp6UlowPodl25es=
Subject key identifier: 2D:07:61:79:2C:B9:40:BC:15:03:C5:5B:F7:61:19:43:37:A1:3B:D5
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 505D
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/LQdheSy5QLwVA8Vb92EZQzehO9U.roa
Signing time: Sun 05 May 2024 17:53:50 +0000
ROA not before: Sun 05 May 2024 17:53:50 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 20573 (0x505d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 5 17:53:50 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=2D0761792CB940BC1503C55BF761194337A13BD5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:5e:d3:83:0d:4f:a3:13:67:a6:af:72:c7:11:
e8:78:ee:0b:f7:79:97:55:49:2f:b6:9f:2a:7e:66:
84:fd:2d:5c:05:88:ac:5c:d1:54:74:6a:b6:1d:73:
66:6d:e8:a0:89:68:f0:9a:30:0b:bb:31:fc:27:61:
82:02:62:b9:f5:db:ca:75:76:fa:57:67:16:f2:46:
d5:16:a9:21:64:a3:ad:8d:38:cf:ee:79:65:41:12:
a3:f5:46:5f:80:7f:3a:36:16:16:e0:71:6e:b0:2a:
b9:f9:78:ea:f8:3d:ad:91:cb:47:92:15:f6:ac:66:
8e:3c:a1:f0:ea:a4:0a:1f:cb:67:5f:ce:5c:b3:ba:
9e:29:eb:83:4c:a1:83:d5:73:d3:05:8f:00:53:a0:
c0:a7:b0:d1:74:ba:85:58:c4:9c:92:fe:3b:5a:6f:
bd:db:26:e1:ee:a1:9f:89:f3:ed:10:66:20:0d:e1:
1f:b0:6d:4d:c3:01:d1:1f:42:c6:2f:fa:d7:0a:1e:
05:58:2c:d1:3e:4b:92:b2:8c:fa:96:2f:e6:a2:24:
09:f7:c1:f7:40:f1:0b:dc:75:9b:85:7e:58:1a:fc:
11:0a:1b:4e:b5:d0:e9:6e:89:3a:2d:d5:75:50:95:
6f:06:4d:07:e8:c3:68:cb:50:a4:f4:95:5b:92:cf:
77:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:07:61:79:2C:B9:40:BC:15:03:C5:5B:F7:61:19:43:37:A1:3B:D5
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/LQdheSy5QLwVA8Vb92EZQzehO9U.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
53:69:0c:81:4d:3d:0d:cb:01:f4:19:de:9e:6d:35:e5:a7:4b:
51:fc:43:91:2c:77:ce:8b:18:cf:40:80:8c:de:0e:30:5f:17:
82:b7:a9:84:17:01:96:a2:3c:21:51:04:a8:7e:3d:83:9c:ed:
67:23:db:81:01:97:65:6a:72:07:c2:f7:17:35:ff:83:e5:7e:
53:70:c8:de:bd:6f:c3:cb:7a:70:a5:3f:02:01:ca:c1:6c:93:
52:ac:3b:30:05:ef:36:33:21:13:cd:82:99:af:72:0a:3b:a9:
bc:e5:3e:55:0f:b7:51:f7:75:4f:54:be:64:31:6c:d6:b2:44:
b5:f0:74:50:95:ea:84:fe:91:64:24:97:2d:84:36:80:29:20:
6c:a1:2b:9e:a3:40:62:75:d0:04:d7:d6:74:2f:67:9c:c3:92:
96:1e:85:da:56:33:87:72:2e:39:48:f4:16:53:d6:05:f8:48:
71:16:e6:87:29:bc:3d:d7:66:b0:08:f2:1a:15:9f:0d:33:c3:
c7:d0:75:1a:8a:3f:79:3b:79:a8:66:73:c8:d0:f2:eb:22:7f:
fd:2f:fc:50:b5:8a:1b:7e:55:58:dd:d2:6d:6f:c3:85:02:1d:
de:ec:f8:9b:17:2e:d1:8e:64:12:b4:7d:b7:e3:85:21:f0:c8:
9b:23:16:92
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICUF0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDUx
NzUzNTBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDJEMDc2MTc5MkNCOTQw
QkMxNTAzQzU1QkY3NjExOTQzMzdBMTNCRDUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCiXtODDU+jE2emr3LHEeh47gv3eZdVSS+2nyp+ZoT9LVwFiKxc
0VR0arYdc2Zt6KCJaPCaMAu7MfwnYYICYrn128p1dvpXZxbyRtUWqSFko62NOM/u
eWVBEqP1Rl+Afzo2FhbgcW6wKrn5eOr4Pa2Ry0eSFfasZo48ofDqpAofy2dfzlyz
up4p64NMoYPVc9MFjwBToMCnsNF0uoVYxJyS/jtab73bJuHuoZ+J8+0QZiAN4R+w
bU3DAdEfQsYv+tcKHgVYLNE+S5KyjPqWL+aiJAn3wfdA8QvcdZuFflga/BEKG061
0OluiTot1XVQlW8GTQfow2jLUKT0lVuSz3f5AgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQULQdheSy5QLwVA8Vb92EZQzehO9UwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0xRZGhlU3k1UUx3VkE4
VmI5MkVaUXplaE85VS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAFNpDIFNPQ3LAfQZ
3p5tNeWnS1H8Q5Esd86LGM9AgIzeDjBfF4K3qYQXAZaiPCFRBKh+PYOc7Wcj24EB
l2VqcgfC9xc1/4PlflNwyN69b8PLenClPwIBysFsk1KsOzAF7zYzIRPNgpmvcgo7
qbzlPlUPt1H3dU9UvmQxbNayRLXwdFCV6oT+kWQkly2ENoApIGyhK56jQGJ10ATX
1nQvZ5zDkpYehdpWM4dyLjlI9BZT1gX4SHEW5ocpvD3XZrAI8hoVnw0zw8fQdRqK
P3k7eahmc8jQ8usif/0v/FC1iht+VVjd0m1vw4UCHd7s+JsXLtGOZBK0fbfjhSHw
yJsjFpI=
-----END CERTIFICATE-----
Generated at Sun Jun 22 09:00:10 2025 by rpki-client