Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/vlmX_dgRZUhVH3JFRlo1wgE8WwY.roa
File: vlmX_dgRZUhVH3JFRlo1wgE8WwY.roa (raw, json)
Hash identifier: xc9JfyXN3jyVGeZ9oZuG2NKpjT7sOW6r1XV06g1ENC8=
Subject key identifier: BE:59:97:FD:D8:11:65:48:55:1F:72:45:46:5A:35:C2:01:3C:5B:06
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 488D
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vlmX_dgRZUhVH3JFRlo1wgE8WwY.roa
Signing time: Thu 25 Apr 2024 07:53:18 +0000
ROA not before: Thu 25 Apr 2024 07:53:18 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18573 (0x488d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 25 07:53:18 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=BE5997FDD8116548551F7245465A35C2013C5B06
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:9e:ce:3b:07:4e:5d:18:8d:49:fc:85:5b:14:
a4:88:77:6a:a4:bf:1a:b4:2e:ee:79:fe:3b:2b:7a:
a8:db:09:82:6c:fc:db:fe:14:d9:17:c0:7a:44:76:
0f:90:d7:38:84:c8:d3:f5:d0:98:df:46:f1:99:10:
87:bb:9e:2d:cf:8e:0b:31:96:5f:eb:6d:d5:e1:1b:
88:4a:37:33:6d:7f:05:db:89:49:18:28:b5:2b:23:
3d:b0:1d:56:1e:bb:34:48:b7:f4:7d:97:63:12:29:
ae:4b:cc:04:e6:23:4d:ee:d3:92:65:f4:88:a9:f5:
2d:df:a4:d7:11:01:60:e8:58:72:72:fc:89:02:6d:
f6:2c:56:09:22:f1:06:e7:18:0b:3c:4c:6f:49:a5:
ca:dd:f4:95:86:1c:20:b9:e0:49:42:17:ec:e5:2b:
dd:54:6f:a5:7e:c7:5b:82:b3:31:72:ef:0f:63:9e:
ba:17:32:21:e4:1f:6d:b7:e6:a9:53:73:1c:a7:56:
e1:32:fc:cc:83:92:36:21:ef:c4:b8:0f:f0:5b:76:
6c:10:b4:13:64:83:29:70:36:71:1c:29:a0:b9:13:
06:a8:8e:7b:cf:6c:b0:1a:fd:d4:e7:f9:95:f3:73:
27:8e:56:60:4d:bc:10:ba:4f:fc:82:ab:0f:46:ac:
33:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:59:97:FD:D8:11:65:48:55:1F:72:45:46:5A:35:C2:01:3C:5B:06
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vlmX_dgRZUhVH3JFRlo1wgE8WwY.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
9e:8c:48:a9:1c:08:b6:74:e3:14:62:a2:32:64:8b:bd:e8:d9:
5d:34:16:8d:b5:35:e1:d9:b9:6f:9c:0a:99:bd:47:01:02:98:
03:86:3e:e0:d2:e3:91:92:8e:1a:db:30:58:04:7f:fc:c0:cc:
ce:61:70:15:f9:90:26:da:f9:43:e8:fe:36:b0:e4:71:80:ce:
9e:c4:12:b2:e5:b0:94:28:86:75:59:5c:da:56:02:56:ba:b3:
9a:1a:3d:af:dd:83:19:33:45:6f:46:cb:a4:6a:a7:b3:40:80:
ef:11:d2:c3:b6:94:05:20:cc:15:7d:8d:33:3a:29:0a:af:3f:
5b:04:f5:d6:e1:48:a0:00:af:6e:d0:53:70:5d:b8:5b:47:d6:
35:63:dd:b9:05:14:11:4c:cb:be:49:9b:58:c8:72:2d:1b:1b:
51:e5:84:9c:99:93:af:a1:3d:48:7f:7d:d5:47:df:ee:0c:67:
73:79:2b:57:0c:9b:3b:c0:47:37:42:37:19:a0:b6:4f:76:1b:
13:60:bd:3a:f7:bb:a6:28:d5:34:d6:7e:da:f4:5f:b3:9e:17:
42:91:e3:aa:56:bf:15:cc:e2:e5:f7:fa:7f:8f:a9:c3:fb:c9:
fc:bd:f1:80:6e:5f:a5:3f:31:93:8f:a3:e8:14:ce:30:e5:79:
c7:c4:ff:ef
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICSI0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MjUw
NzUzMThaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEJFNTk5N0ZERDgxMTY1
NDg1NTFGNzI0NTQ2NUEzNUMyMDEzQzVCMDYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDKns47B05dGI1J/IVbFKSId2qkvxq0Lu55/jsreqjbCYJs/Nv+
FNkXwHpEdg+Q1ziEyNP10JjfRvGZEIe7ni3Pjgsxll/rbdXhG4hKNzNtfwXbiUkY
KLUrIz2wHVYeuzRIt/R9l2MSKa5LzATmI03u05Jl9Iip9S3fpNcRAWDoWHJy/IkC
bfYsVgki8QbnGAs8TG9Jpcrd9JWGHCC54ElCF+zlK91Ub6V+x1uCszFy7w9jnroX
MiHkH2235qlTcxynVuEy/MyDkjYh78S4D/BbdmwQtBNkgylwNnEcKaC5EwaojnvP
bLAa/dTn+ZXzcyeOVmBNvBC6T/yCqw9GrDPfAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUvlmX/dgRZUhVH3JFRlo1wgE8WwYwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3ZsbVhfZGdSWlVoVkgz
SkZSbG8xd2dFOFd3WS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAJ6MSKkcCLZ04xRi
ojJki73o2V00Fo21NeHZuW+cCpm9RwECmAOGPuDS45GSjhrbMFgEf/zAzM5hcBX5
kCba+UPo/jaw5HGAzp7EErLlsJQohnVZXNpWAla6s5oaPa/dgxkzRW9Gy6Rqp7NA
gO8R0sO2lAUgzBV9jTM6KQqvP1sE9dbhSKAAr27QU3BduFtH1jVj3bkFFBFMy75J
m1jIci0bG1HlhJyZk6+hPUh/fdVH3+4MZ3N5K1cMmzvARzdCNxmgtk92GxNgvTr3
u6Yo1TTWftr0X7OeF0KR46pWvxXM4uX3+n+PqcP7yfy98YBuX6U/MZOPo+gUzjDl
ecfE/+8=
-----END CERTIFICATE-----
Generated at Sun Jun 22 08:18:27 2025 by rpki-client