Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/QjUvHC4rz8bniyDXRqkqDgPIe_8.roa
File: QjUvHC4rz8bniyDXRqkqDgPIe_8.roa (raw, json)
Hash identifier: 7pbsEFruNVw233B7HOgzkg44toE38j2MmJxI6Qhe2Uo=
Subject key identifier: 42:35:2F:1C:2E:2B:CF:C6:E7:8B:20:D7:46:A9:2A:0E:03:C8:7B:FF
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4AF1
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/QjUvHC4rz8bniyDXRqkqDgPIe_8.roa
Signing time: Sun 28 Apr 2024 12:23:35 +0000
ROA not before: Sun 28 Apr 2024 12:23:35 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 19185 (0x4af1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 28 12:23:35 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=42352F1C2E2BCFC6E78B20D746A92A0E03C87BFF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:f0:58:df:08:fc:44:81:e2:19:23:73:8a:b2:
4d:9b:2d:ed:e8:2f:30:07:b3:8b:72:3e:5e:6a:01:
b4:78:25:f3:01:44:f7:e6:4e:b7:db:12:ac:05:5d:
d8:7d:0f:97:7c:df:c8:79:fb:ef:b7:b9:6b:d4:aa:
05:92:8f:35:ed:ec:63:2d:c9:47:d2:af:ae:ef:18:
d7:a1:48:55:9c:64:52:bd:da:68:8e:fd:bd:cc:df:
88:d0:fd:ef:6a:87:7d:63:d0:cc:d1:d6:70:8d:79:
3e:5e:76:06:ac:42:31:42:04:3f:0e:d1:40:d2:7c:
84:22:76:b3:34:bc:f1:41:65:04:24:d6:22:dd:ea:
9c:a4:91:11:9c:c4:ac:82:c0:67:80:fc:64:50:1b:
ed:55:72:a9:71:9d:3f:93:26:e3:80:84:35:fb:6c:
8d:6f:a9:8d:f8:89:15:0f:23:4b:43:c9:07:a5:02:
92:10:87:cc:74:f8:3f:7f:cd:20:b6:f3:fb:43:d9:
de:66:e3:85:12:d9:74:23:d0:c4:07:9d:ee:58:14:
28:1d:ac:b4:d2:fe:9f:d3:b7:d6:8e:40:f6:de:27:
e0:7f:8c:49:97:b6:6d:8e:b5:62:b3:1b:20:75:d5:
15:f7:3b:db:8a:9c:48:b2:03:32:ba:fe:0f:23:82:
b9:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:35:2F:1C:2E:2B:CF:C6:E7:8B:20:D7:46:A9:2A:0E:03:C8:7B:FF
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/QjUvHC4rz8bniyDXRqkqDgPIe_8.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
65:31:63:0d:80:e1:3f:75:cd:e2:f8:4a:47:a8:7e:74:15:c1:
eb:99:fc:47:1b:d4:c4:a3:3e:e4:02:ef:60:27:eb:25:f7:1a:
8a:73:47:45:69:b7:37:45:f6:4a:95:ae:ae:da:2b:36:24:29:
20:36:9a:55:0c:6e:df:92:91:9d:04:ce:ab:a5:c2:dd:bd:4f:
65:12:6d:d3:19:11:44:48:f1:04:4b:81:36:5d:f6:ef:e6:69:
3b:d4:d9:6e:6b:97:4a:08:ef:04:26:ad:9b:f2:81:88:2a:75:
03:46:90:4a:29:1e:96:98:cf:f2:94:ac:7f:95:d7:4d:c6:a6:
54:6a:3b:42:ca:1f:d5:13:a7:78:d9:47:29:0e:c6:04:df:6e:
dc:3f:44:ba:ce:a9:a5:4e:5c:b2:e9:69:3e:55:df:95:bd:d6:
40:eb:a6:42:a9:15:af:33:30:e9:91:56:6d:22:4b:02:8b:c0:
9f:d3:65:eb:6d:71:af:da:b3:1a:87:0d:9d:c3:bd:11:cd:78:
3a:1b:3b:92:99:78:11:21:5d:96:cb:f7:a1:1d:a7:31:c3:05:
2e:0b:73:46:5f:e0:2e:f3:d6:da:c0:ff:17:31:61:8b:d2:cc:
87:74:37:cc:9d:8e:cd:60:87:8d:ed:11:27:77:f3:f5:cc:f4:
72:e2:c6:d4
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICSvEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0Mjgx
MjIzMzVaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDQyMzUyRjFDMkUyQkNG
QzZFNzhCMjBENzQ2QTkyQTBFMDNDODdCRkYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDg8FjfCPxEgeIZI3OKsk2bLe3oLzAHs4tyPl5qAbR4JfMBRPfm
TrfbEqwFXdh9D5d838h5+++3uWvUqgWSjzXt7GMtyUfSr67vGNehSFWcZFK92miO
/b3M34jQ/e9qh31j0MzR1nCNeT5edgasQjFCBD8O0UDSfIQidrM0vPFBZQQk1iLd
6pykkRGcxKyCwGeA/GRQG+1VcqlxnT+TJuOAhDX7bI1vqY34iRUPI0tDyQelApIQ
h8x0+D9/zSC28/tD2d5m44US2XQj0MQHne5YFCgdrLTS/p/Tt9aOQPbeJ+B/jEmX
tm2OtWKzGyB11RX3O9uKnEiyAzK6/g8jgrn5AgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUQjUvHC4rz8bniyDXRqkqDgPIe/8wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1FqVXZIQzRyejhibml5
RFhScWtxRGdQSWVfOC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAGUxYw2A4T91zeL4
SkeofnQVweuZ/Ecb1MSjPuQC72An6yX3GopzR0VptzdF9kqVrq7aKzYkKSA2mlUM
bt+SkZ0Ezqulwt29T2USbdMZEURI8QRLgTZd9u/maTvU2W5rl0oI7wQmrZvygYgq
dQNGkEopHpaYz/KUrH+V103GplRqO0LKH9UTp3jZRykOxgTfbtw/RLrOqaVOXLLp
aT5V35W91kDrpkKpFa8zMOmRVm0iSwKLwJ/TZettca/asxqHDZ3DvRHNeDobO5KZ
eBEhXZbL96EdpzHDBS4Lc0Zf4C7z1trA/xcxYYvSzId0N8ydjs1gh43tESd38/XM
9HLixtQ=
-----END CERTIFICATE-----
Generated at Sat May 17 19:38:56 2025 by rpki-client