Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/JMespqVMiR2M6qdaef_2ERC-lVg.roa
File: JMespqVMiR2M6qdaef_2ERC-lVg.roa (raw, json)
Hash identifier: cCuzuxX37XUsbW07LDnUrmddOGOh6kmJCo1w2bkhmU8=
Subject key identifier: 24:C7:AC:A6:A5:4C:89:1D:8C:EA:A7:5A:79:FF:F6:11:10:BE:95:58
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 56C9
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/JMespqVMiR2M6qdaef_2ERC-lVg.roa
Signing time: Tue 14 May 2024 07:24:24 +0000
ROA not before: Tue 14 May 2024 07:24:24 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 22217 (0x56c9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 14 07:24:24 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=24C7ACA6A54C891D8CEAA75A79FFF61110BE9558
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:62:0a:e3:b3:11:77:d6:00:f1:6e:51:aa:40:
f4:cf:c2:c3:6f:82:07:ea:9e:9e:e0:d0:71:f4:bb:
0d:f0:a7:71:97:0e:06:df:90:19:83:75:31:bc:d4:
ff:6b:63:52:6c:48:c2:e2:6f:d8:70:77:ea:61:44:
28:ef:80:4e:97:63:d7:2d:3d:02:1c:20:38:d5:dc:
2d:5b:38:df:ae:d9:de:04:ed:67:8d:85:36:6d:2e:
e8:df:a0:d8:b9:b7:a2:d3:32:6e:c7:20:a8:80:0f:
54:5b:9f:d6:89:d7:85:28:12:0b:59:74:43:9a:a9:
b2:82:9b:c0:32:ed:52:c8:60:5d:4b:67:79:7a:cb:
ae:4b:8a:37:cd:fc:0e:e6:0b:72:41:04:86:f0:f7:
5d:4c:4e:24:27:e3:7f:2c:10:2a:fe:d0:e6:2c:c1:
5c:03:bd:53:c1:52:3f:98:9c:db:1e:e6:73:86:7a:
9d:7e:4a:cb:ac:17:27:9b:7a:bd:f3:53:5e:23:86:
f5:15:35:12:4b:c2:23:a9:eb:f7:39:40:96:5d:1c:
28:86:af:c8:88:5b:80:c7:d9:1c:ae:8e:5e:72:7a:
92:01:0f:93:02:69:35:f1:2d:b7:6d:c3:e0:d3:f8:
8b:e1:91:57:65:34:54:4e:eb:0a:04:a5:ab:bf:ea:
59:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:C7:AC:A6:A5:4C:89:1D:8C:EA:A7:5A:79:FF:F6:11:10:BE:95:58
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/JMespqVMiR2M6qdaef_2ERC-lVg.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
81:b2:99:5e:6e:27:fd:e0:41:5c:aa:dd:7c:fe:ba:e8:c6:6d:
ac:5f:74:3b:33:99:cd:f8:51:d4:c9:fc:41:c8:8e:2a:53:51:
bd:3f:4c:f0:28:8c:82:8d:aa:16:41:18:dc:45:5f:2d:b7:7c:
e0:bc:0f:d6:0a:f4:88:06:ee:a8:ba:78:0c:68:c6:bb:17:a0:
33:b7:a5:b9:02:48:4e:db:01:e0:f1:d0:20:92:86:94:3e:26:
4e:96:8a:1f:58:32:9d:51:94:f7:f7:23:52:6f:36:1d:49:8a:
c3:e7:30:f3:7b:0b:1f:89:de:f8:ff:3d:53:d7:1c:c5:b8:c5:
41:c8:26:da:65:16:ce:91:ff:d1:59:e3:2a:d4:82:d3:6d:43:
cc:48:de:10:ad:3b:8b:8c:08:3f:49:86:da:52:a6:48:6e:75:
f3:35:3f:6e:7c:f2:66:3f:bc:77:cf:33:39:dd:0d:90:e7:68:
d6:36:03:99:21:b2:80:8f:49:93:94:e5:53:e5:42:59:6e:28:
2e:14:ab:55:01:57:ad:fb:ba:4e:17:ec:9f:83:e4:49:1e:46:
e6:81:03:76:f0:90:6c:ec:07:e3:11:c9:08:1f:50:af:2f:da:
56:17:17:d3:ad:61:bb:14:1a:d6:ac:ff:80:da:25:ea:89:d9:
5a:ac:f7:cf
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICVskwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MTQw
NzI0MjRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDI0QzdBQ0E2QTU0Qzg5
MUQ4Q0VBQTc1QTc5RkZGNjExMTBCRTk1NTgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDEYgrjsxF31gDxblGqQPTPwsNvggfqnp7g0HH0uw3wp3GXDgbf
kBmDdTG81P9rY1JsSMLib9hwd+phRCjvgE6XY9ctPQIcIDjV3C1bON+u2d4E7WeN
hTZtLujfoNi5t6LTMm7HIKiAD1Rbn9aJ14UoEgtZdEOaqbKCm8Ay7VLIYF1LZ3l6
y65LijfN/A7mC3JBBIbw911MTiQn438sECr+0OYswVwDvVPBUj+YnNse5nOGep1+
SsusFyeber3zU14jhvUVNRJLwiOp6/c5QJZdHCiGr8iIW4DH2Ryujl5yepIBD5MC
aTXxLbdtw+DT+IvhkVdlNFRO6woEpau/6lnLAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUJMespqVMiR2M6qdaef/2ERC+lVgwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0pNZXNwcVZNaVIyTTZx
ZGFlZl8yRVJDLWxWZy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAIGymV5uJ/3gQVyq
3Xz+uujGbaxfdDszmc34UdTJ/EHIjipTUb0/TPAojIKNqhZBGNxFXy23fOC8D9YK
9IgG7qi6eAxoxrsXoDO3pbkCSE7bAeDx0CCShpQ+Jk6Wih9YMp1RlPf3I1JvNh1J
isPnMPN7Cx+J3vj/PVPXHMW4xUHIJtplFs6R/9FZ4yrUgtNtQ8xI3hCtO4uMCD9J
htpSpkhudfM1P2588mY/vHfPMzndDZDnaNY2A5khsoCPSZOU5VPlQlluKC4Uq1UB
V637uk4X7J+D5EkeRuaBA3bwkGzsB+MRyQgfUK8v2lYXF9OtYbsUGtas/4DaJeqJ
2Vqs988=
-----END CERTIFICATE-----
Generated at Sat May 17 19:55:16 2025 by rpki-client