Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/OBJgp4SbAer78wBWa5JXQaRtg1Y.roa
File: OBJgp4SbAer78wBWa5JXQaRtg1Y.roa (raw, json)
Hash identifier: yePJrIAWMeg7fVcmAuXP1DVdvbfZ3ywBCFlQEsrcRPs=
Subject key identifier: 38:12:60:A7:84:9B:01:EA:FB:F3:00:56:6B:92:57:41:A4:6D:83:56
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3589
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/OBJgp4SbAer78wBWa5JXQaRtg1Y.roa
Signing time: Sat 30 Mar 2024 23:22:08 +0000
ROA not before: Sat 30 Mar 2024 23:22:08 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13705 (0x3589)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Mar 30 23:22:08 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=381260A7849B01EAFBF300566B925741A46D8356
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:c5:14:ed:38:92:89:a7:49:63:62:7f:87:63:
b5:8e:65:e2:f3:ab:fc:98:f9:df:bf:14:ec:41:9f:
b8:34:28:56:06:0d:a3:d3:68:a8:60:77:7f:c3:ff:
fe:03:dc:2e:f2:85:f2:af:ce:71:0d:4e:00:ad:a1:
15:af:c2:0c:85:71:af:d7:03:1b:ff:58:2e:d9:62:
1f:97:90:ae:0a:ad:e6:8a:d2:b4:c9:45:ab:de:01:
4f:e6:c6:72:00:62:4f:cd:92:09:1b:e6:cd:13:45:
f9:3c:b5:f2:df:47:e7:72:48:f9:6e:ce:20:55:84:
01:86:3b:ed:f4:d7:08:e0:4f:a4:07:95:59:cb:10:
c0:2f:c9:3f:b2:bd:58:1b:53:08:b3:c7:16:76:f8:
68:92:05:15:20:d0:04:ec:a6:f2:d4:b7:3d:0b:62:
c1:4f:2b:90:b9:36:72:88:7a:fa:32:6a:a1:13:f4:
86:62:f7:37:e2:09:90:92:c5:7e:95:93:d5:7f:0f:
bb:eb:f1:d0:db:13:a7:7a:b4:e3:92:b4:51:04:62:
72:1f:7d:a8:8d:e4:41:4e:27:55:3c:56:f8:50:34:
9f:f3:6e:c6:f1:2e:3e:d7:9a:02:a1:e4:d0:b3:ab:
5a:9b:6f:a5:2a:10:17:1b:5c:10:d7:8f:7f:a9:0a:
ac:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:12:60:A7:84:9B:01:EA:FB:F3:00:56:6B:92:57:41:A4:6D:83:56
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/OBJgp4SbAer78wBWa5JXQaRtg1Y.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
89:04:90:58:f5:df:3e:eb:7d:a7:ad:8c:3c:79:05:e1:5d:da:
cd:43:6e:cb:0b:38:c3:30:1f:4f:36:d4:2b:22:ce:8e:74:7a:
c1:b3:6d:27:fc:ec:6f:7e:41:24:05:5b:8a:48:b2:e3:d7:8c:
bd:36:31:41:b3:0b:46:b0:0f:80:ea:a3:04:35:03:37:15:56:
e4:cc:4b:1f:0f:c4:e7:c2:c3:db:d9:f2:a2:a5:43:19:c4:92:
a1:bf:81:64:d9:fd:0b:0f:cb:4f:94:12:97:a7:9f:e9:69:de:
2e:0b:8f:85:1e:71:aa:fb:5d:14:5b:c4:3f:ae:a6:33:64:c0:
f1:7b:cd:fa:f5:d3:0f:61:86:16:58:a3:9e:4d:b5:44:f8:5a:
9a:e3:0e:3e:ff:bf:06:bf:e8:6a:87:44:6b:2d:6b:65:3f:eb:
af:3a:81:8c:1c:d1:8b:23:e9:96:04:7b:cb:3f:b7:a1:5a:ed:
1e:36:5c:df:64:ff:75:43:d2:04:c6:db:49:b7:11:b1:da:79:
9a:7f:84:d5:19:ea:fa:e4:de:32:f7:7d:5f:e3:0e:86:b2:3d:
b9:c6:56:e5:1d:e1:90:97:84:7d:74:84:59:14:38:cf:57:b0:
b5:0a:c5:93:b9:1f:3e:64:79:6b:66:57:5f:38:31:f9:2e:c9:
51:a4:f9:ee
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICNYkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDAzMzAy
MzIyMDhaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDM4MTI2MEE3ODQ5QjAx
RUFGQkYzMDA1NjZCOTI1NzQxQTQ2RDgzNTYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDPxRTtOJKJp0ljYn+HY7WOZeLzq/yY+d+/FOxBn7g0KFYGDaPT
aKhgd3/D//4D3C7yhfKvznENTgCtoRWvwgyFca/XAxv/WC7ZYh+XkK4KreaK0rTJ
RaveAU/mxnIAYk/Nkgkb5s0TRfk8tfLfR+dySPluziBVhAGGO+301wjgT6QHlVnL
EMAvyT+yvVgbUwizxxZ2+GiSBRUg0ATspvLUtz0LYsFPK5C5NnKIevoyaqET9IZi
9zfiCZCSxX6Vk9V/D7vr8dDbE6d6tOOStFEEYnIffaiN5EFOJ1U8VvhQNJ/zbsbx
Lj7XmgKh5NCzq1qbb6UqEBcbXBDXj3+pCqxTAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUOBJgp4SbAer78wBWa5JXQaRtg1YwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L09CSmdwNFNiQWVyNzh3
QldhNUpYUWFSdGcxWS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAIkEkFj13z7rfaet
jDx5BeFd2s1DbssLOMMwH0821Csizo50esGzbSf87G9+QSQFW4pIsuPXjL02MUGz
C0awD4DqowQ1AzcVVuTMSx8PxOfCw9vZ8qKlQxnEkqG/gWTZ/QsPy0+UEpenn+lp
3i4Lj4Uecar7XRRbxD+upjNkwPF7zfr10w9hhhZYo55NtUT4WprjDj7/vwa/6GqH
RGsta2U/6686gYwc0Ysj6ZYEe8s/t6Fa7R42XN9k/3VD0gTG20m3EbHaeZp/hNUZ
6vrk3jL3fV/jDoayPbnGVuUd4ZCXhH10hFkUOM9XsLUKxZO5Hz5keWtmV184Mfku
yVGk+e4=
-----END CERTIFICATE-----
Generated at Sun May 18 09:13:30 2025 by rpki-client