Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/CVs82qRV14vJn9DVauNXACKAJHQ.roa
File: CVs82qRV14vJn9DVauNXACKAJHQ.roa (raw, json)
Hash identifier: j+gYwPiVTWo9A2ycLBCwBzBg69OAZBgke/VgZAy3+g4=
Subject key identifier: 09:5B:3C:DA:A4:55:D7:8B:C9:9F:D0:D5:6A:E3:57:00:22:80:24:74
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 37C5
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/CVs82qRV14vJn9DVauNXACKAJHQ.roa
Signing time: Tue 02 Apr 2024 22:52:39 +0000
ROA not before: Tue 02 Apr 2024 22:52:39 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14277 (0x37c5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 2 22:52:39 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=095B3CDAA455D78BC99FD0D56AE3570022802474
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:54:d0:6d:9e:5c:01:0a:ca:a1:b4:35:e1:ae:
42:7d:8d:76:ff:cc:58:48:e4:df:49:a6:ee:7b:8b:
14:e0:38:57:8c:3f:d4:16:44:2e:a2:d0:3d:0d:e2:
7c:b6:53:2b:12:00:6d:18:4f:e7:73:3b:0f:cc:40:
56:31:d0:1f:cb:2b:0c:b3:34:5e:48:61:d6:68:79:
3d:99:95:a5:f0:7c:9a:81:70:77:54:b2:10:59:4d:
63:a7:55:08:d3:6e:95:17:fd:a4:c7:ea:a8:5e:57:
b9:7b:f3:46:cf:b0:a9:9a:57:7e:f4:3b:2f:a5:32:
e2:c9:3f:b4:a0:c0:ec:30:d1:55:a4:e2:0f:07:d0:
a5:85:56:77:fa:7a:6b:fd:0c:cb:63:29:82:17:54:
8a:cd:d7:92:e5:dd:1f:92:9b:83:7d:72:48:99:1d:
36:c6:85:4e:92:d5:d0:1c:ef:79:57:4a:d5:f7:bb:
d6:86:b3:53:a5:5f:98:0b:58:6e:5a:fe:6b:48:47:
7e:87:1b:26:54:7c:b9:03:6e:fb:bf:0d:7b:32:81:
88:00:5f:26:3e:3f:c8:2f:60:a0:05:a9:f4:ca:0a:
a8:c2:cd:de:91:1f:e2:6f:26:f5:c6:95:08:12:c4:
59:c6:f6:c8:f7:6b:6d:73:4e:c2:22:67:a4:70:92:
10:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:5B:3C:DA:A4:55:D7:8B:C9:9F:D0:D5:6A:E3:57:00:22:80:24:74
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/CVs82qRV14vJn9DVauNXACKAJHQ.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
3f:bd:e4:41:fd:dd:cb:c7:60:c7:2f:bb:f0:14:0d:b0:75:dd:
ff:93:18:58:5d:e3:39:15:33:27:59:c0:88:5a:eb:17:57:81:
dc:67:eb:0f:e5:f0:2c:4f:dc:ef:54:14:be:a4:5b:83:ee:28:
f5:cd:b2:d2:1f:4e:32:72:82:f1:61:51:88:c7:a0:73:af:f8:
17:ce:99:00:59:41:5e:0c:71:74:25:44:96:42:77:0c:5b:6d:
72:7a:19:c8:9d:8f:ac:4c:cf:51:c2:16:5e:56:73:23:60:30:
80:76:c9:64:46:38:20:d9:9a:8b:b2:44:30:5c:59:12:81:1c:
19:f9:53:83:8e:58:b0:60:92:8e:bb:95:b3:a4:69:27:e7:b4:
51:cc:75:16:a7:49:a1:fa:3d:31:ee:7b:e2:a6:f5:da:71:52:
ad:79:a9:3f:da:79:d6:e7:19:78:8e:85:40:8e:96:45:65:77:
ff:59:cd:c1:53:9d:dd:bc:11:ba:46:cd:c3:31:1e:13:83:19:
8d:36:3d:c1:9e:c5:e8:78:3a:67:5f:4a:2a:03:ba:52:37:52:
94:5b:c9:74:27:b2:0f:1a:62:90:87:58:7f:90:11:07:1f:36:
17:5f:f6:ae:14:29:88:9e:8d:ba:e5:49:95:dc:93:b7:0e:bb:
ec:a7:64:ff
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICN8UwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDIy
MjUyMzlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDA5NUIzQ0RBQTQ1NUQ3
OEJDOTlGRDBENTZBRTM1NzAwMjI4MDI0NzQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC2VNBtnlwBCsqhtDXhrkJ9jXb/zFhI5N9Jpu57ixTgOFeMP9QW
RC6i0D0N4ny2UysSAG0YT+dzOw/MQFYx0B/LKwyzNF5IYdZoeT2ZlaXwfJqBcHdU
shBZTWOnVQjTbpUX/aTH6qheV7l780bPsKmaV370Oy+lMuLJP7SgwOww0VWk4g8H
0KWFVnf6emv9DMtjKYIXVIrN15Ll3R+Sm4N9ckiZHTbGhU6S1dAc73lXStX3u9aG
s1OlX5gLWG5a/mtIR36HGyZUfLkDbvu/DXsygYgAXyY+P8gvYKAFqfTKCqjCzd6R
H+JvJvXGlQgSxFnG9sj3a21zTsIiZ6RwkhCNAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUCVs82qRV14vJn9DVauNXACKAJHQwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0NWczgycVJWMTR2Sm45
RFZhdU5YQUNLQUpIUS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAD+95EH93cvHYMcv
u/AUDbB13f+TGFhd4zkVMydZwIha6xdXgdxn6w/l8CxP3O9UFL6kW4PuKPXNstIf
TjJygvFhUYjHoHOv+BfOmQBZQV4McXQlRJZCdwxbbXJ6Gcidj6xMz1HCFl5WcyNg
MIB2yWRGOCDZmouyRDBcWRKBHBn5U4OOWLBgko67lbOkaSfntFHMdRanSaH6PTHu
e+Km9dpxUq15qT/aedbnGXiOhUCOlkVld/9ZzcFTnd28EbpGzcMxHhODGY02PcGe
xeh4OmdfSioDulI3UpRbyXQnsg8aYpCHWH+QEQcfNhdf9q4UKYiejbrlSZXck7cO
u+ynZP8=
-----END CERTIFICATE-----
Generated at Sat May 17 22:38:22 2025 by rpki-client