Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/vvFqa63T6zgbzy79EPAlHUTfq-4.roa
File: vvFqa63T6zgbzy79EPAlHUTfq-4.roa (raw, json)
Hash identifier: hzpLcgRQie06p76ky5aMq0Dy5L0OiuSH2Mw79s2QRoI=
Subject key identifier: BE:F1:6A:6B:AD:D3:EB:38:1B:CF:2E:FD:10:F0:25:1D:44:DF:AB:EE
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3F15
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vvFqa63T6zgbzy79EPAlHUTfq-4.roa
Signing time: Fri 12 Apr 2024 16:52:50 +0000
ROA not before: Fri 12 Apr 2024 16:52:50 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16149 (0x3f15)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 12 16:52:50 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=BEF16A6BADD3EB381BCF2EFD10F0251D44DFABEE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:7d:20:15:52:7d:fa:0a:20:f5:3c:81:ff:0d:
a6:46:85:8a:12:6e:9d:4b:67:71:8e:2c:93:7b:5d:
52:eb:07:33:d2:36:b7:12:43:c2:06:24:82:24:3c:
ee:61:09:c4:6f:04:6a:56:19:00:9b:0f:53:01:d8:
cd:cc:65:56:b2:8c:33:d2:19:62:2d:69:27:35:98:
2c:62:23:cc:3f:dc:32:1c:c1:7a:25:40:51:e1:84:
42:0a:e2:89:ec:7a:54:b7:c5:f8:be:34:37:02:a0:
bf:11:eb:c7:5c:d9:f8:fa:ce:11:1d:69:e2:aa:13:
9f:39:b1:46:91:d5:6d:e1:78:bb:07:c6:eb:ab:d7:
6d:ed:c0:cf:29:c1:41:e4:0d:0b:d1:d6:ef:31:5c:
11:8d:26:9c:a0:08:bf:12:a1:20:b2:27:97:dd:40:
fd:b3:f6:1a:e7:d6:83:d2:5a:2c:22:7c:77:ef:7d:
19:83:63:47:97:af:fe:67:46:7f:49:77:d3:72:e2:
f9:16:a1:28:a6:1e:e4:79:89:f1:3b:f8:06:c1:db:
5c:4f:51:7d:c7:3d:00:cb:e0:54:f2:08:40:c1:8c:
80:f5:ea:ad:9c:04:9a:12:49:89:38:3d:9a:f3:c6:
86:29:5f:e4:1b:7e:d4:2a:97:84:6c:7b:6c:e0:17:
c0:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:F1:6A:6B:AD:D3:EB:38:1B:CF:2E:FD:10:F0:25:1D:44:DF:AB:EE
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vvFqa63T6zgbzy79EPAlHUTfq-4.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
79:0f:5b:1e:b2:c1:2d:e7:8d:7a:29:cd:fd:9d:a0:56:62:30:
ba:f0:79:95:8c:1f:cd:35:54:37:37:37:d0:65:5b:28:af:a4:
96:f9:6c:99:2a:7f:60:f9:0e:a2:64:5d:39:7b:07:0c:c5:26:
6b:0a:b9:e9:41:b6:fc:58:dd:77:05:e4:7a:b6:0b:26:e7:13:
85:8a:73:a8:a3:b8:98:22:ad:6e:bd:b9:81:9a:a6:20:a1:53:
a6:44:2e:1e:a9:ca:84:a3:77:2f:2d:84:c0:f8:1e:64:10:ba:
d0:cf:70:16:0d:a6:33:9b:69:72:da:fe:93:b8:dc:15:87:4b:
d9:ac:cb:f9:15:c1:ec:b5:29:c2:c6:a0:31:1d:99:ba:93:4e:
32:b0:3d:37:7e:b5:d4:1b:5d:6f:82:09:a8:00:6d:fa:9f:d9:
a2:73:d1:f9:df:87:06:1b:66:47:5c:dd:dc:8f:3a:7a:a8:1d:
66:7d:cb:16:1d:76:c4:f4:da:4c:4e:d9:e9:3c:86:0f:25:27:
74:45:ea:3a:b5:c0:bc:e3:18:4c:19:6d:cc:66:3b:28:e4:85:
60:77:db:a1:e0:4a:e4:f5:6b:b9:3c:13:d3:0b:14:e6:97:1b:
8b:9b:55:d1:d8:cf:fd:31:3e:64:9d:9b:e2:0e:45:64:6c:64:
41:21:5b:f1
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICPxUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTIx
NjUyNTBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEJFRjE2QTZCQUREM0VC
MzgxQkNGMkVGRDEwRjAyNTFENDRERkFCRUUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDgfSAVUn36CiD1PIH/DaZGhYoSbp1LZ3GOLJN7XVLrBzPSNrcS
Q8IGJIIkPO5hCcRvBGpWGQCbD1MB2M3MZVayjDPSGWItaSc1mCxiI8w/3DIcwXol
QFHhhEIK4onselS3xfi+NDcCoL8R68dc2fj6zhEdaeKqE585sUaR1W3heLsHxuur
123twM8pwUHkDQvR1u8xXBGNJpygCL8SoSCyJ5fdQP2z9hrn1oPSWiwifHfvfRmD
Y0eXr/5nRn9Jd9Ny4vkWoSimHuR5ifE7+AbB21xPUX3HPQDL4FTyCEDBjID16q2c
BJoSSYk4PZrzxoYpX+QbftQql4Rse2zgF8CnAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUvvFqa63T6zgbzy79EPAlHUTfq+4wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3Z2RnFhNjNUNnpnYnp5
NzlFUEFsSFVUZnEtNC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAHkPWx6ywS3njXop
zf2doFZiMLrweZWMH801VDc3N9BlWyivpJb5bJkqf2D5DqJkXTl7BwzFJmsKuelB
tvxY3XcF5Hq2CybnE4WKc6ijuJgirW69uYGapiChU6ZELh6pyoSjdy8thMD4HmQQ
utDPcBYNpjObaXLa/pO43BWHS9msy/kVwey1KcLGoDEdmbqTTjKwPTd+tdQbXW+C
CagAbfqf2aJz0fnfhwYbZkdc3dyPOnqoHWZ9yxYddsT02kxO2ek8hg8lJ3RF6jq1
wLzjGEwZbcxmOyjkhWB326HgSuT1a7k8E9MLFOaXG4ubVdHYz/0xPmSdm+IORWRs
ZEEhW/E=
-----END CERTIFICATE-----
Generated at Sat Jun 21 09:03:01 2025 by rpki-client