Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/56Vtm13tFnBZkzcrhF4WoPB3HzE.roa
File: 56Vtm13tFnBZkzcrhF4WoPB3HzE.roa (raw, json)
Hash identifier: sEoDln1DxJGJgfqr2cS7M9uUpKXrQ8j6g/ZHEbGvOzk=
Subject key identifier: E7:A5:6D:9B:5D:ED:16:70:59:93:37:2B:84:5E:16:A0:F0:77:1F:31
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4031
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/56Vtm13tFnBZkzcrhF4WoPB3HzE.roa
Signing time: Sun 14 Apr 2024 04:22:51 +0000
ROA not before: Sun 14 Apr 2024 04:22:51 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16433 (0x4031)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 14 04:22:51 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=E7A56D9B5DED16705993372B845E16A0F0771F31
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:8b:50:b2:df:1a:11:31:59:89:58:d7:7b:7f:
b1:b1:27:e4:91:c3:8f:9f:1c:c1:82:75:6d:fa:97:
40:2a:37:b8:9f:ae:44:10:0e:84:27:3f:7e:e2:b2:
6d:72:15:66:e7:d7:a4:48:55:5c:c2:8d:6b:e7:36:
59:40:68:ec:e2:bc:d3:cd:ee:af:3b:6a:3a:a3:70:
89:cd:96:9f:dd:36:88:c0:c1:f1:64:61:da:d3:b9:
a4:f4:c9:82:f3:15:5a:a2:56:a1:05:5e:8f:be:53:
0f:ad:3a:d6:75:f5:c1:38:63:24:52:3d:94:d9:85:
8a:a3:9f:bf:a4:6a:37:1b:07:18:5d:9a:cc:eb:b9:
76:4e:cc:ae:15:eb:83:68:09:7a:8a:70:39:aa:06:
56:04:26:e5:41:8f:ab:29:17:8c:54:d6:1e:90:d3:
a8:29:b0:6c:f2:da:c3:0b:a6:cf:3a:ba:52:ba:24:
c9:a2:1c:51:e3:3d:77:f7:a9:0d:88:12:03:19:9b:
49:ac:35:e7:c2:5f:96:3a:19:06:be:14:b3:a1:60:
68:37:75:5e:58:ef:20:63:9c:be:d5:7e:44:b4:a0:
c9:59:ff:bd:17:e9:82:17:e7:0f:67:d8:c4:9f:8f:
d4:1f:25:e6:b6:1c:60:d3:ea:57:22:1b:17:c7:47:
6c:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:A5:6D:9B:5D:ED:16:70:59:93:37:2B:84:5E:16:A0:F0:77:1F:31
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/56Vtm13tFnBZkzcrhF4WoPB3HzE.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
57:7a:2b:52:e6:3b:0e:aa:de:ca:77:98:39:5b:74:76:00:22:
6f:39:fd:dc:ec:c7:c9:6e:4a:30:9d:05:cc:bd:b2:6e:f5:f2:
28:7e:e5:ef:76:aa:02:fa:95:7f:c3:fc:06:9d:32:b5:6a:5d:
c0:7a:8c:7e:ec:bb:18:81:be:28:22:b0:86:20:54:f8:66:63:
39:fe:70:9c:80:af:ab:d2:d5:36:c7:ab:a7:e8:bd:dc:93:0a:
c6:1e:2f:1b:ba:32:04:c1:53:8b:ec:16:e0:13:a8:e4:bd:fe:
73:f2:99:9c:8f:81:64:10:8e:ab:f6:eb:6d:50:d6:ad:8c:aa:
c0:9e:65:af:4a:e1:13:6e:4b:7c:69:d2:be:9e:58:7b:e6:16:
fd:a2:63:b4:15:81:0d:0f:22:cd:db:9b:b1:07:d7:2d:95:70:
f1:fb:4c:03:ea:5a:7e:42:1d:3b:50:c0:7a:c8:e5:d8:a3:ca:
b5:8c:7f:2a:d6:35:7f:cd:7e:9f:d3:58:b3:fe:ee:11:1d:f1:
f7:39:f7:60:8d:2e:4c:a9:2d:cb:59:d9:24:d8:2b:14:2f:9b:
a8:bf:57:aa:37:3c:2b:ca:3f:ae:89:1b:ed:ff:47:d1:11:40:
d1:80:7b:c9:17:44:fc:ae:84:0f:e3:ad:a9:73:0c:94:29:08:
da:44:da:ab
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICQDEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTQw
NDIyNTFaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEU3QTU2RDlCNURFRDE2
NzA1OTkzMzcyQjg0NUUxNkEwRjA3NzFGMzEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDJi1Cy3xoRMVmJWNd7f7GxJ+SRw4+fHMGCdW36l0AqN7ifrkQQ
DoQnP37ism1yFWbn16RIVVzCjWvnNllAaOzivNPN7q87ajqjcInNlp/dNojAwfFk
YdrTuaT0yYLzFVqiVqEFXo++Uw+tOtZ19cE4YyRSPZTZhYqjn7+kajcbBxhdmszr
uXZOzK4V64NoCXqKcDmqBlYEJuVBj6spF4xU1h6Q06gpsGzy2sMLps86ulK6JMmi
HFHjPXf3qQ2IEgMZm0msNefCX5Y6GQa+FLOhYGg3dV5Y7yBjnL7VfkS0oMlZ/70X
6YIX5w9n2MSfj9QfJea2HGDT6lciGxfHR2yFAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQU56Vtm13tFnBZkzcrhF4WoPB3HzEwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzU2VnRtMTN0Rm5CWmt6
Y3JoRjRXb1BCM0h6RS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAFd6K1LmOw6q3sp3
mDlbdHYAIm85/dzsx8luSjCdBcy9sm718ih+5e92qgL6lX/D/AadMrVqXcB6jH7s
uxiBvigisIYgVPhmYzn+cJyAr6vS1TbHq6fovdyTCsYeLxu6MgTBU4vsFuATqOS9
/nPymZyPgWQQjqv2621Q1q2MqsCeZa9K4RNuS3xp0r6eWHvmFv2iY7QVgQ0PIs3b
m7EH1y2VcPH7TAPqWn5CHTtQwHrI5dijyrWMfyrWNX/Nfp/TWLP+7hEd8fc592CN
LkypLctZ2STYKxQvm6i/V6o3PCvKP66JG+3/R9ERQNGAe8kXRPyuhA/jralzDJQp
CNpE2qs=
-----END CERTIFICATE-----
Generated at Mon May 19 03:49:35 2025 by rpki-client