Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/3C95XF0n1m99CD4oQkOIJtYtyEg.roa
File: 3C95XF0n1m99CD4oQkOIJtYtyEg.roa (raw, json)
Hash identifier: hjWKcq1ZZjswPkeq7GZclo26Rc1fkHKAbEOAmO1WKPw=
Subject key identifier: DC:2F:79:5C:5D:27:D6:6F:7D:08:3E:28:42:43:88:26:D6:2D:C8:48
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 5235
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/3C95XF0n1m99CD4oQkOIJtYtyEg.roa
Signing time: Wed 08 May 2024 04:54:07 +0000
ROA not before: Wed 08 May 2024 04:54:07 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21045 (0x5235)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 8 04:54:07 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=DC2F795C5D27D66F7D083E2842438826D62DC848
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:87:d9:87:08:a0:9e:57:b9:82:c9:e0:bc:20:
10:2f:0f:7e:35:67:c2:13:66:2a:11:18:0d:03:ab:
8d:a4:94:8b:98:3e:fc:a3:b4:ea:58:95:82:07:7d:
63:22:2d:46:d3:53:d4:8f:91:aa:a0:01:b5:d3:f9:
71:56:21:01:a1:4c:ad:6c:84:50:cb:52:fd:84:c7:
b6:b4:3e:0b:e4:81:af:2f:ad:3d:3e:4d:64:d7:27:
71:82:d7:03:d3:52:8d:02:8c:99:66:51:40:81:b6:
80:bc:02:76:7e:55:75:d2:b2:0c:5b:fb:fc:28:01:
fb:2b:86:fc:55:be:8d:3b:5c:18:b4:b1:13:3e:b3:
7c:72:07:a5:09:55:a7:3a:de:56:7b:f1:07:e8:17:
6d:ca:f6:98:0e:61:60:ac:5f:da:57:0b:13:85:cb:
51:5c:b5:f9:c3:11:41:34:9e:e5:a6:0e:fd:2d:dd:
4a:87:13:8b:a0:88:fd:2d:ca:28:3c:85:9e:be:1a:
90:5a:8d:a1:88:ff:fc:02:12:e1:e7:6b:e5:41:15:
86:6e:31:b5:c6:e3:3b:91:7d:e4:db:d0:ca:6b:6b:
4d:39:08:84:14:61:c9:1c:65:72:f7:31:6d:53:6d:
27:81:bc:45:fb:7b:8c:cf:ae:90:dd:4b:7a:d6:d6:
b2:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:2F:79:5C:5D:27:D6:6F:7D:08:3E:28:42:43:88:26:D6:2D:C8:48
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/3C95XF0n1m99CD4oQkOIJtYtyEg.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
15:f7:a8:f6:04:bd:c3:8e:b1:f8:26:3d:5b:d9:b1:e8:37:0c:
a9:47:72:8a:b0:2e:9e:ae:29:25:7c:40:08:2e:b5:c0:6e:ef:
f1:a4:5f:d5:65:1d:eb:92:a0:a7:3e:79:9a:69:2c:05:e4:81:
29:7f:b9:78:45:67:37:25:e5:6d:8d:04:87:b0:22:3f:75:2b:
d1:e2:44:05:b2:9b:37:93:f2:ae:a7:ce:27:e8:79:06:d7:4d:
7f:5e:6b:58:41:e8:a2:6e:f3:a1:c5:13:07:f1:c7:14:a6:ff:
f3:18:8a:34:48:51:3d:7d:fa:aa:b1:29:66:80:11:f6:3a:e0:
38:76:50:db:c2:93:83:11:84:6c:65:01:a4:db:4a:f1:d9:72:
ef:42:c0:af:a3:74:ac:65:09:66:0b:54:9a:01:b1:d7:79:ed:
58:30:f2:7a:bc:45:88:4f:0e:1c:b3:e1:dc:f2:6b:c8:2c:90:
42:60:14:b9:02:12:3d:f8:82:0d:9f:85:f9:33:33:f4:39:9a:
73:0c:66:38:e0:b4:d6:e0:10:67:fd:28:73:2b:0b:c4:e8:ed:
76:11:00:71:b1:18:c0:98:e4:38:36:1d:66:dc:29:69:12:ee:
eb:39:aa:cf:20:a9:46:a4:35:96:7c:63:5e:7c:23:d7:f8:05:
bc:82:16:0e
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICUjUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDgw
NDU0MDdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKERDMkY3OTVDNUQyN0Q2
NkY3RDA4M0UyODQyNDM4ODI2RDYyREM4NDgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDhh9mHCKCeV7mCyeC8IBAvD341Z8ITZioRGA0Dq42klIuYPvyj
tOpYlYIHfWMiLUbTU9SPkaqgAbXT+XFWIQGhTK1shFDLUv2Ex7a0Pgvkga8vrT0+
TWTXJ3GC1wPTUo0CjJlmUUCBtoC8AnZ+VXXSsgxb+/woAfsrhvxVvo07XBi0sRM+
s3xyB6UJVac63lZ78QfoF23K9pgOYWCsX9pXCxOFy1FctfnDEUE0nuWmDv0t3UqH
E4ugiP0tyig8hZ6+GpBajaGI//wCEuHna+VBFYZuMbXG4zuRfeTb0Mpra005CIQU
YckcZXL3MW1TbSeBvEX7e4zPrpDdS3rW1rIpAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQU3C95XF0n1m99CD4oQkOIJtYtyEgwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzNDOTVYRjBuMW05OUNE
NG9Ra09JSnRZdHlFZy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBABX3qPYEvcOOsfgm
PVvZseg3DKlHcoqwLp6uKSV8QAgutcBu7/GkX9VlHeuSoKc+eZppLAXkgSl/uXhF
Zzcl5W2NBIewIj91K9HiRAWymzeT8q6nzifoeQbXTX9ea1hB6KJu86HFEwfxxxSm
//MYijRIUT19+qqxKWaAEfY64Dh2UNvCk4MRhGxlAaTbSvHZcu9CwK+jdKxlCWYL
VJoBsdd57Vgw8nq8RYhPDhyz4dzya8gskEJgFLkCEj34gg2fhfkzM/Q5mnMMZjjg
tNbgEGf9KHMrC8To7XYRAHGxGMCY5Dg2HWbcKWkS7us5qs8gqUakNZZ8Y158I9f4
BbyCFg4=
-----END CERTIFICATE-----
Generated at Sun May 18 04:52:58 2025 by rpki-client