Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/TORBHBDD4Q2ljBpBSAUmGf0T2e0.roa
File: TORBHBDD4Q2ljBpBSAUmGf0T2e0.roa (raw, json)
Hash identifier: iF8cDBvhQ5qfMjhA2X+myqfFz2oc2Wib3GRJcrf7Zr4=
Subject key identifier: 4C:E4:41:1C:10:C3:E1:0D:A5:8C:1A:41:48:05:26:19:FD:13:D9:ED
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3815
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/TORBHBDD4Q2ljBpBSAUmGf0T2e0.roa
Signing time: Wed 03 Apr 2024 08:52:17 +0000
ROA not before: Wed 03 Apr 2024 08:52:17 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14357 (0x3815)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 3 08:52:17 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=4CE4411C10C3E10DA58C1A4148052619FD13D9ED
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:f4:7c:0a:34:88:ab:33:17:d5:e6:e8:db:0f:
bb:9b:79:05:6d:30:1f:11:8d:50:83:25:b0:7d:f0:
fe:79:d0:a9:ad:fe:8f:6c:ac:56:1e:a6:07:e8:4a:
46:13:72:28:62:db:3e:5a:f2:97:89:a3:9b:7b:6b:
d4:b4:23:f2:d4:5d:f7:52:33:88:0a:c7:cc:59:d1:
ea:84:b6:cc:e1:94:24:4e:f8:89:08:f9:6c:76:07:
5c:04:02:c3:c5:aa:93:5f:05:c6:2c:8a:f3:a4:e8:
16:a7:5f:8a:20:6c:b2:c7:7c:21:18:6f:44:44:e1:
d8:07:b2:b7:6f:c8:b8:9d:e5:36:6b:68:35:8d:d8:
54:ac:44:f2:1f:b2:bf:7c:1e:1f:ab:bb:63:56:71:
48:f1:d9:61:28:37:8d:66:35:5e:16:bb:3b:de:4f:
4a:8e:b0:00:79:33:8b:e6:07:60:c3:6d:c9:50:e6:
e1:5e:f0:87:47:ab:25:4f:9c:0b:aa:09:24:5e:ae:
79:d2:f0:9a:74:b8:c2:19:a1:2e:4e:07:06:e3:48:
2d:a3:b5:91:8b:0c:59:9a:e4:0c:7c:f2:d4:df:c6:
fa:c9:e5:98:7f:08:8d:15:50:6a:5d:fc:d0:ee:df:
a3:59:1b:28:8b:c6:9d:b0:ed:d0:da:ff:83:c5:24:
0a:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:E4:41:1C:10:C3:E1:0D:A5:8C:1A:41:48:05:26:19:FD:13:D9:ED
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/TORBHBDD4Q2ljBpBSAUmGf0T2e0.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
2c:fe:ac:ec:7b:9f:c7:f9:da:42:d5:c6:0b:49:9b:0a:d3:9b:
18:05:b3:27:bf:98:69:a3:ab:1d:72:cc:50:99:30:1d:ab:b3:
24:9e:88:74:1a:0c:30:46:b7:5d:94:5d:2b:7c:b7:d8:21:39:
ea:8f:66:30:7d:9f:e8:89:0f:63:b9:0f:bf:fa:c9:85:47:b3:
62:1b:64:c8:31:e9:19:2f:8a:cf:83:c2:7e:77:33:f5:18:72:
b9:4e:c6:30:42:3c:aa:c3:d9:70:90:e9:88:c5:c8:28:77:bc:
9a:e2:03:23:b4:ee:9d:ae:a8:f8:96:4e:b6:fc:dc:56:c0:1e:
ba:f6:93:0f:36:5c:30:1d:f2:b2:7f:9d:aa:4f:e4:ab:9d:d4:
81:43:d0:0e:22:5c:2d:5b:a7:ee:35:13:70:41:23:d8:e5:19:
20:5e:c1:db:20:3c:01:ce:f1:3f:d8:03:4f:ec:8b:bd:b4:18:
01:94:7e:b0:cc:84:f3:d0:29:64:68:73:74:f0:1a:f3:ba:06:
56:c0:10:ae:2a:7b:ec:56:88:16:84:c6:09:69:2f:e9:28:08:
7e:d2:53:34:76:8f:bb:ec:00:58:f1:26:7d:f4:bb:01:c9:64:
83:48:1e:ec:32:5d:a2:d9:eb:ed:87:b7:9a:54:0d:46:4a:43:
fd:7c:68:43
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICOBUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDMw
ODUyMTdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDRDRTQ0MTFDMTBDM0Ux
MERBNThDMUE0MTQ4MDUyNjE5RkQxM0Q5RUQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC39HwKNIirMxfV5ujbD7ubeQVtMB8RjVCDJbB98P550Kmt/o9s
rFYepgfoSkYTcihi2z5a8peJo5t7a9S0I/LUXfdSM4gKx8xZ0eqEtszhlCRO+IkI
+Wx2B1wEAsPFqpNfBcYsivOk6BanX4ogbLLHfCEYb0RE4dgHsrdvyLid5TZraDWN
2FSsRPIfsr98Hh+ru2NWcUjx2WEoN41mNV4WuzveT0qOsAB5M4vmB2DDbclQ5uFe
8IdHqyVPnAuqCSRernnS8Jp0uMIZoS5OBwbjSC2jtZGLDFma5Ax88tTfxvrJ5Zh/
CI0VUGpd/NDu36NZGyiLxp2w7dDa/4PFJArFAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUTORBHBDD4Q2ljBpBSAUmGf0T2e0wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1RPUkJIQkRENFEybGpC
cEJTQVVtR2YwVDJlMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBACz+rOx7n8f52kLV
xgtJmwrTmxgFsye/mGmjqx1yzFCZMB2rsySeiHQaDDBGt12UXSt8t9ghOeqPZjB9
n+iJD2O5D7/6yYVHs2IbZMgx6Rkvis+Dwn53M/UYcrlOxjBCPKrD2XCQ6YjFyCh3
vJriAyO07p2uqPiWTrb83FbAHrr2kw82XDAd8rJ/napP5Kud1IFD0A4iXC1bp+41
E3BBI9jlGSBewdsgPAHO8T/YA0/si720GAGUfrDMhPPQKWRoc3TwGvO6BlbAEK4q
e+xWiBaExglpL+koCH7SUzR2j7vsAFjxJn30uwHJZINIHuwyXaLZ6+2Ht5pUDUZK
Q/18aEM=
-----END CERTIFICATE-----
Generated at Sat May 17 20:00:52 2025 by rpki-client