Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/pEYC_xML2Eyv-uUt_fJ3VMnLP70.roa
File: pEYC_xML2Eyv-uUt_fJ3VMnLP70.roa (raw, json)
Hash identifier: 49PIh7HZk2FmgAbZ/9gq1u9y1szWXq0UxvjjBwmTY6E=
Subject key identifier: A4:46:02:FF:13:0B:D8:4C:AF:FA:E5:2D:FD:F2:77:54:C9:CB:3F:BD
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4249
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/pEYC_xML2Eyv-uUt_fJ3VMnLP70.roa
Signing time: Tue 16 Apr 2024 23:22:56 +0000
ROA not before: Tue 16 Apr 2024 23:22:56 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16969 (0x4249)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 16 23:22:56 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=A44602FF130BD84CAFFAE52DFDF27754C9CB3FBD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:ef:e0:49:cc:bb:20:3f:35:fb:df:5f:0b:77:
55:60:0b:99:a8:7e:88:87:55:52:95:a8:cd:f3:b5:
2e:da:d5:d9:47:80:34:c7:73:4a:2e:f4:d3:73:2a:
c0:6a:9d:c6:13:02:25:cd:d8:ec:d3:d8:29:79:9b:
5d:15:23:ef:ef:11:ed:a8:d8:ea:f8:58:33:07:39:
af:3b:0e:e0:29:ce:b2:f1:9c:f7:a8:4d:ad:6e:6f:
1b:d7:f7:8f:97:e8:68:c7:e5:42:4d:d1:35:5d:e0:
26:d3:fc:b3:b1:28:e7:bb:ab:28:fc:94:73:8e:0b:
d8:1a:df:97:05:60:f0:94:d5:3c:97:75:74:1f:81:
40:cf:10:77:07:30:0c:ea:46:f4:c0:0f:0a:f0:cc:
0d:70:d7:10:24:5a:1e:d2:b7:24:18:b9:4d:9c:46:
cc:91:0c:e5:55:fe:3f:74:c5:74:bc:5c:e1:6a:fe:
f5:b9:5c:31:fa:02:18:2c:fc:7b:16:28:f2:20:07:
ad:1f:76:8b:b0:42:a9:09:1a:cf:dc:67:68:19:ce:
58:1e:7d:89:66:cf:41:cb:e5:40:a3:77:0b:51:42:
3e:26:d4:9a:59:71:29:1a:2a:19:cb:27:1e:97:37:
05:fe:4a:33:0c:a0:e0:75:1a:6c:50:2e:10:f2:ea:
3b:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:46:02:FF:13:0B:D8:4C:AF:FA:E5:2D:FD:F2:77:54:C9:CB:3F:BD
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/pEYC_xML2Eyv-uUt_fJ3VMnLP70.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
40:22:c6:f7:79:d0:ee:bb:32:4f:10:c3:42:f2:50:26:99:c8:
d1:d6:8e:08:79:40:6d:7e:6e:d0:97:19:49:b5:cf:09:e0:a4:
0c:5b:82:18:a8:9b:a5:3b:d5:80:14:35:d4:ea:63:2b:f2:6b:
54:58:e2:58:42:7a:e0:aa:86:3b:60:46:a0:9c:33:e2:af:c3:
82:82:4c:88:5d:b4:74:bf:3a:70:3f:6b:a1:19:75:32:eb:4d:
a8:b0:1b:49:75:37:91:9e:0a:45:89:28:8b:c9:19:f0:f1:22:
82:6f:53:4e:ba:b7:f9:7c:04:e5:20:28:55:5e:38:11:19:18:
f8:bf:72:96:bc:5d:61:b3:a1:f8:70:30:a6:15:4f:ca:41:67:
ff:56:17:3f:b2:e7:3c:c1:10:31:9d:5d:56:4d:68:f6:f7:8b:
41:ef:89:3a:21:d6:28:21:35:cf:60:34:e0:bb:84:52:23:b6:
b0:28:c4:0e:77:7c:38:ef:41:02:11:bd:c1:95:11:6c:df:91:
7f:ed:0e:dc:d7:f8:0e:ed:67:3d:1d:fb:4b:c9:d8:84:94:b5:
44:0c:83:af:a9:4c:28:55:3f:ba:1f:57:8b:3c:b0:54:33:1b:
33:d1:e0:9f:51:ca:5a:bb:e1:24:00:7f:29:81:f6:4d:c8:37:
37:af:c9:6d
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICQkkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTYy
MzIyNTZaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEE0NDYwMkZGMTMwQkQ4
NENBRkZBRTUyREZERjI3NzU0QzlDQjNGQkQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDA7+BJzLsgPzX7318Ld1VgC5mofoiHVVKVqM3ztS7a1dlHgDTH
c0ou9NNzKsBqncYTAiXN2OzT2Cl5m10VI+/vEe2o2Or4WDMHOa87DuApzrLxnPeo
Ta1ubxvX94+X6GjH5UJN0TVd4CbT/LOxKOe7qyj8lHOOC9ga35cFYPCU1TyXdXQf
gUDPEHcHMAzqRvTADwrwzA1w1xAkWh7StyQYuU2cRsyRDOVV/j90xXS8XOFq/vW5
XDH6Ahgs/HsWKPIgB60fdouwQqkJGs/cZ2gZzlgefYlmz0HL5UCjdwtRQj4m1JpZ
cSkaKhnLJx6XNwX+SjMMoOB1GmxQLhDy6jvXAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUpEYC/xML2Eyv+uUt/fJ3VMnLP70wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3BFWUNfeE1MMkV5di11
VXRfZkozVk1uTFA3MC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAEAixvd50O67Mk8Q
w0LyUCaZyNHWjgh5QG1+btCXGUm1zwngpAxbghiom6U71YAUNdTqYyvya1RY4lhC
euCqhjtgRqCcM+Kvw4KCTIhdtHS/OnA/a6EZdTLrTaiwG0l1N5GeCkWJKIvJGfDx
IoJvU066t/l8BOUgKFVeOBEZGPi/cpa8XWGzofhwMKYVT8pBZ/9WFz+y5zzBEDGd
XVZNaPb3i0HviToh1ighNc9gNOC7hFIjtrAoxA53fDjvQQIRvcGVEWzfkX/tDtzX
+A7tZz0d+0vJ2ISUtUQMg6+pTChVP7ofV4s8sFQzGzPR4J9Rylq74SQAfymB9k3I
NzevyW0=
-----END CERTIFICATE-----
Generated at Sun Jun 15 09:25:29 2025 by rpki-client