Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/9jqPugrM5KYRzsJgaIwIpICQDgM.roa
File: 9jqPugrM5KYRzsJgaIwIpICQDgM.roa (raw, json)
Hash identifier: 5nYB359PYbe0tGAE7YuIr/vJiKA/KnbBat6tRBmM84U=
Subject key identifier: F6:3A:8F:BA:0A:CC:E4:A6:11:CE:C2:60:68:8C:08:A4:80:90:0E:03
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 34BD
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/9jqPugrM5KYRzsJgaIwIpICQDgM.roa
Signing time: Fri 29 Mar 2024 21:52:05 +0000
ROA not before: Fri 29 Mar 2024 21:52:05 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13501 (0x34bd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Mar 29 21:52:05 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=F63A8FBA0ACCE4A611CEC260688C08A480900E03
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:be:2f:61:9f:af:9a:1b:47:5e:00:a9:b6:e5:
6e:0e:e0:17:56:f1:37:45:24:62:23:5b:0a:88:6a:
9d:5b:15:88:cc:72:68:5a:de:d0:60:e6:4c:b5:2a:
03:33:13:31:9d:7d:dd:b9:5c:81:4c:f5:22:24:c2:
7e:23:2d:b3:13:8c:88:ab:20:8d:aa:b7:0c:75:df:
66:30:05:62:5e:99:11:f2:e2:56:42:98:17:ee:af:
42:0b:87:ce:55:ff:fa:63:1c:b5:85:7d:79:61:65:
a3:2c:9d:ff:89:4c:14:5b:5e:d5:62:d2:62:c2:3c:
7d:42:19:5f:b8:8d:a1:37:ae:b4:9f:13:f5:37:78:
0b:ad:02:02:89:e4:73:97:c8:39:3b:3e:20:47:8b:
34:e7:11:d2:4a:6d:69:e6:ea:8d:cf:d7:b8:5e:cb:
e4:76:91:40:e8:28:a6:d0:3e:0c:1b:55:7c:81:26:
5b:2b:43:4d:1d:e9:91:bd:c1:3c:61:e4:2f:1f:2e:
97:28:cb:1c:7c:40:2e:2b:ea:ed:a9:ee:3a:54:c1:
b8:fd:5d:91:56:93:98:84:92:99:b4:4a:62:2d:3e:
dd:36:81:b2:16:39:25:8f:99:bb:15:e1:55:de:79:
c5:ed:9a:43:09:3c:9a:6a:26:9b:9a:77:d6:0e:19:
ba:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:3A:8F:BA:0A:CC:E4:A6:11:CE:C2:60:68:8C:08:A4:80:90:0E:03
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/9jqPugrM5KYRzsJgaIwIpICQDgM.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
9f:d8:c9:12:d5:f2:c8:b4:eb:73:49:1e:47:dd:f1:36:cd:d6:
8b:e9:50:4b:c0:03:55:bc:38:73:57:f4:ae:81:fe:60:a7:98:
5d:2d:a2:7f:fb:eb:f5:fb:03:08:fa:c5:a5:b9:c9:55:3e:00:
29:79:82:f1:28:ef:7e:7b:ef:1d:82:c5:90:34:6a:30:35:60:
73:72:45:92:c2:50:55:c8:c7:1a:16:c7:6a:e0:b7:47:fd:1d:
94:41:39:59:e4:1a:c3:65:40:3f:ae:ee:aa:c6:d5:62:f2:db:
b9:f0:ab:e2:74:a0:42:58:65:6d:ae:03:b3:e6:a1:2e:8c:45:
13:8e:48:c7:73:d3:fb:bc:e2:ba:ed:01:f2:9a:ce:ee:64:da:
e3:d0:bc:ed:ae:de:0d:df:c0:b7:cd:39:af:5c:0f:17:80:f9:
b3:97:9b:b0:51:b2:08:94:ce:5b:5c:e8:18:06:fc:1e:5a:44:
59:af:db:f4:59:12:ad:15:42:0a:0c:21:fc:8e:10:88:d1:2a:
66:48:a7:57:f3:2d:61:09:2c:8d:6a:8f:fa:1a:1d:49:0a:75:
a9:e8:1a:5b:80:bf:6e:e7:c2:24:fb:a2:b3:ff:15:24:ac:0f:
36:d6:f0:76:f9:46:5d:d5:64:77:04:32:ec:5d:fc:c8:e6:23:
24:06:57:0b
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICNL0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDAzMjky
MTUyMDVaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEY2M0E4RkJBMEFDQ0U0
QTYxMUNFQzI2MDY4OEMwOEE0ODA5MDBFMDMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDYvi9hn6+aG0deAKm25W4O4BdW8TdFJGIjWwqIap1bFYjMcmha
3tBg5ky1KgMzEzGdfd25XIFM9SIkwn4jLbMTjIirII2qtwx132YwBWJemRHy4lZC
mBfur0ILh85V//pjHLWFfXlhZaMsnf+JTBRbXtVi0mLCPH1CGV+4jaE3rrSfE/U3
eAutAgKJ5HOXyDk7PiBHizTnEdJKbWnm6o3P17hey+R2kUDoKKbQPgwbVXyBJlsr
Q00d6ZG9wTxh5C8fLpcoyxx8QC4r6u2p7jpUwbj9XZFWk5iEkpm0SmItPt02gbIW
OSWPmbsV4VXeecXtmkMJPJpqJpuad9YOGbrRAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQU9jqPugrM5KYRzsJgaIwIpICQDgMwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzlqcVB1Z3JNNUtZUnpz
SmdhSXdJcElDUURnTS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAJ/YyRLV8si063NJ
Hkfd8TbN1ovpUEvAA1W8OHNX9K6B/mCnmF0ton/76/X7Awj6xaW5yVU+ACl5gvEo
73577x2CxZA0ajA1YHNyRZLCUFXIxxoWx2rgt0f9HZRBOVnkGsNlQD+u7qrG1WLy
27nwq+J0oEJYZW2uA7PmoS6MRROOSMdz0/u84rrtAfKazu5k2uPQvO2u3g3fwLfN
Oa9cDxeA+bOXm7BRsgiUzltc6BgG/B5aRFmv2/RZEq0VQgoMIfyOEIjRKmZIp1fz
LWEJLI1qj/oaHUkKdanoGluAv27nwiT7orP/FSSsDzbW8Hb5Rl3VZHcEMuxd/Mjm
IyQGVws=
-----END CERTIFICATE-----
Generated at Sat May 17 21:28:07 2025 by rpki-client