Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/mEUATWDSrelo74TNIQCA6N8tyRc.roa
File: mEUATWDSrelo74TNIQCA6N8tyRc.roa (raw, json)
Hash identifier: CliN3V5pTR+k4cQNg0qXcJxxfK2HJ1V9mv4z/Gqk9qI=
Subject key identifier: 98:45:00:4D:60:D2:AD:E9:68:EF:84:CD:21:00:80:E8:DF:2D:C9:17
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4551
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/mEUATWDSrelo74TNIQCA6N8tyRc.roa
Signing time: Sun 21 Apr 2024 00:23:05 +0000
ROA not before: Sun 21 Apr 2024 00:23:05 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17745 (0x4551)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 21 00:23:05 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=9845004D60D2ADE968EF84CD210080E8DF2DC917
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:4b:8f:e4:e8:8b:d1:69:1e:fd:0d:86:fc:7e:
56:d4:9c:f6:0e:72:86:67:bd:98:cf:ba:68:14:f0:
6a:08:6c:29:d7:79:d4:01:99:29:8f:85:59:79:cb:
9d:78:41:ea:34:cb:1d:2d:3c:c5:e5:86:7e:fa:c8:
66:35:a3:8e:7f:c9:71:51:45:db:84:1d:30:16:0c:
b8:41:e1:4e:6c:40:a5:3f:ab:ff:c2:74:5e:fd:f6:
b6:19:6f:fb:a6:64:3d:ec:9e:a9:0c:8f:57:67:2e:
d0:aa:e8:7c:d5:22:43:db:c1:29:fe:d9:d4:69:99:
f2:3c:e2:cd:c2:60:d1:be:ea:c5:b6:03:f5:2f:01:
14:ce:44:f5:67:37:b1:8c:b9:2d:c0:35:83:de:c4:
d7:f8:f6:bb:56:89:06:ef:fa:61:80:92:3d:8f:84:
51:92:6a:f8:84:76:e9:ca:c3:97:d3:da:ce:a4:eb:
78:3a:d8:f4:25:2a:d4:76:3b:8a:2d:c7:8e:90:9e:
0d:c4:62:9f:97:8e:29:1f:a0:d4:e4:42:67:5e:f7:
8b:4b:cb:45:47:78:25:ba:30:16:5c:1d:df:0e:f4:
dc:3f:4f:f8:f8:b1:7c:70:51:f2:6d:1d:a3:f2:bb:
b7:71:66:24:37:e2:56:ce:35:e7:0f:e0:6c:5b:e7:
67:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:45:00:4D:60:D2:AD:E9:68:EF:84:CD:21:00:80:E8:DF:2D:C9:17
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/mEUATWDSrelo74TNIQCA6N8tyRc.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
6b:fb:c8:16:af:f1:a5:72:9f:a6:97:e5:3d:5d:d1:8d:21:22:
cc:3b:fb:f8:e3:8b:c7:83:ec:b9:0f:09:2b:0f:46:9c:fc:27:
75:c8:51:43:c9:c2:20:c4:94:c6:09:37:6d:91:1f:c1:09:1f:
d9:9a:3c:18:1d:77:48:ff:c7:6a:3d:ce:2a:e5:c1:e5:ed:0c:
26:8b:6c:04:49:7e:40:ad:4d:18:bb:82:2d:ab:98:cf:45:58:
c6:a4:49:dc:14:8d:3b:0b:05:d3:a3:02:70:8d:33:ad:d5:63:
29:fe:f4:28:ef:41:3d:58:19:85:d9:80:ff:31:6c:3b:b0:56:
11:43:02:70:9c:02:3c:94:5b:03:ce:5f:75:f8:b8:5b:6e:a5:
94:b8:1e:6c:ba:cb:d4:b1:11:7a:c2:9d:f7:52:86:80:f6:2f:
ba:8d:2d:00:23:f5:41:b6:0d:26:cd:7c:45:48:89:a7:ca:a2:
f8:5a:5d:e3:b2:1c:f0:97:b0:ac:9f:61:02:aa:54:74:a6:e1:
3b:c1:94:ee:0c:22:09:c2:6a:fa:36:91:35:cc:a5:3d:2d:f5:
a6:10:e3:5f:67:fa:af:fe:a1:b3:44:aa:c3:c9:ee:19:9b:4b:
28:cc:f2:f1:f3:90:91:e0:70:93:2a:23:8d:55:78:c3:35:48:
fa:a9:25:34
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICRVEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MjEw
MDIzMDVaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDk4NDUwMDRENjBEMkFE
RTk2OEVGODRDRDIxMDA4MEU4REYyREM5MTcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCzS4/k6IvRaR79DYb8flbUnPYOcoZnvZjPumgU8GoIbCnXedQB
mSmPhVl5y514Qeo0yx0tPMXlhn76yGY1o45/yXFRRduEHTAWDLhB4U5sQKU/q//C
dF799rYZb/umZD3snqkMj1dnLtCq6HzVIkPbwSn+2dRpmfI84s3CYNG+6sW2A/Uv
ARTORPVnN7GMuS3ANYPexNf49rtWiQbv+mGAkj2PhFGSaviEdunKw5fT2s6k63g6
2PQlKtR2O4otx46Qng3EYp+XjikfoNTkQmde94tLy0VHeCW6MBZcHd8O9Nw/T/j4
sXxwUfJtHaPyu7dxZiQ34lbONecP4Gxb52fTAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUmEUATWDSrelo74TNIQCA6N8tyRcwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L21FVUFUV0RTcmVsbzc0
VE5JUUNBNk44dHlSYy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAGv7yBav8aVyn6aX
5T1d0Y0hIsw7+/jji8eD7LkPCSsPRpz8J3XIUUPJwiDElMYJN22RH8EJH9maPBgd
d0j/x2o9zirlweXtDCaLbARJfkCtTRi7gi2rmM9FWMakSdwUjTsLBdOjAnCNM63V
Yyn+9CjvQT1YGYXZgP8xbDuwVhFDAnCcAjyUWwPOX3X4uFtupZS4Hmy6y9SxEXrC
nfdShoD2L7qNLQAj9UG2DSbNfEVIiafKovhaXeOyHPCXsKyfYQKqVHSm4TvBlO4M
IgnCavo2kTXMpT0t9aYQ419n+q/+obNEqsPJ7hmbSyjM8vHzkJHgcJMqI41VeMM1
SPqpJTQ=
-----END CERTIFICATE-----
Generated at Sat Jun 21 16:18:38 2025 by rpki-client