Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/UBKOvzCLBBwwKGdtFnyD8MyliTc.roa
File: UBKOvzCLBBwwKGdtFnyD8MyliTc.roa (raw, json)
Hash identifier: ynoMsL4eoSRrBlMTA+ehGgp+gTs94yjQ0LWGTfDt/n8=
Subject key identifier: 50:12:8E:BF:30:8B:04:1C:30:28:67:6D:16:7C:83:F0:CC:A5:89:37
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4929
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/UBKOvzCLBBwwKGdtFnyD8MyliTc.roa
Signing time: Fri 26 Apr 2024 03:23:19 +0000
ROA not before: Fri 26 Apr 2024 03:23:19 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18729 (0x4929)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 26 03:23:19 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=50128EBF308B041C3028676D167C83F0CCA58937
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:36:12:73:cf:ed:5b:b0:48:64:ce:7d:07:f2:
25:20:fd:44:cb:38:68:fe:5b:94:44:46:e5:18:d0:
c3:6c:07:3e:a0:ba:d5:7d:5f:e0:1c:02:a0:33:39:
07:1c:79:d7:8c:5a:12:2f:22:36:1d:5f:95:89:bf:
fc:5e:54:14:d7:8f:60:5a:26:cc:35:16:76:b2:d7:
5f:c8:a2:33:e7:4e:67:ac:7b:4b:4a:1e:3b:e7:4e:
a1:b7:43:3c:bb:12:08:ca:17:f6:75:f4:e7:5b:53:
02:8a:91:7d:fd:22:34:f0:f1:32:74:42:da:eb:76:
c3:e2:e1:d6:16:6b:4b:c3:b2:b7:15:ae:12:82:7f:
78:36:74:20:e1:3b:12:6f:3f:a7:e3:33:28:96:91:
62:12:85:a6:0e:b2:fd:68:d6:87:91:94:6b:5e:c7:
44:c7:3f:96:f6:b7:b1:bc:f1:00:de:4b:09:5e:9e:
6f:bd:e5:ff:19:c6:b8:26:84:ac:06:7c:af:d2:cf:
81:cc:1c:cb:14:17:9d:82:84:ac:31:b9:cb:c6:91:
5d:89:35:de:26:51:0d:df:13:4c:ed:ac:ee:42:93:
56:b1:04:7f:4f:42:96:44:e8:36:89:07:8a:de:54:
49:f9:4b:2c:a6:e4:65:a3:29:45:27:53:3c:94:29:
c8:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:12:8E:BF:30:8B:04:1C:30:28:67:6D:16:7C:83:F0:CC:A5:89:37
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/UBKOvzCLBBwwKGdtFnyD8MyliTc.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
8b:84:9d:44:e4:96:ab:5e:e1:d3:16:3f:7a:e6:f8:24:1e:27:
08:6e:88:ef:74:01:ac:63:33:d2:43:03:5f:66:fa:0c:35:50:
7d:39:33:0c:26:24:67:9c:77:3f:07:31:d7:82:95:8a:c7:a2:
fb:98:46:90:3b:a3:a0:42:82:67:09:06:f9:88:d7:02:95:b7:
f6:19:d1:f2:7b:70:97:ba:39:12:69:f2:41:96:c0:32:02:a1:
a3:44:eb:30:bc:db:ba:5c:1d:5f:aa:d8:2e:e9:d6:41:b9:87:
5d:60:dc:42:9d:30:e9:da:a3:36:a1:e9:64:65:39:38:2c:02:
be:48:2b:67:ca:79:0b:9d:4e:72:c9:ae:3c:8c:26:db:d1:6c:
01:cd:1d:d8:ea:56:b9:fd:e7:c2:d2:eb:b1:80:08:5d:e3:08:
75:67:a5:e9:0a:f5:64:f2:1a:00:c2:f1:27:e9:a7:bb:48:8c:
2d:0f:7e:a4:26:ac:88:82:03:b6:e8:ef:b3:36:23:14:93:d5:
82:b4:7c:8e:65:1c:d4:0f:4c:3a:dc:3c:d7:34:d2:9c:26:3e:
f0:f1:d5:76:43:3e:69:26:0e:47:90:0d:a9:d2:08:94:72:bd:
fa:b9:e4:78:5e:cc:dc:05:19:5e:10:77:73:b1:6c:f5:49:f3:
2b:2f:60:7d
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICSSkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MjYw
MzIzMTlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDUwMTI4RUJGMzA4QjA0
MUMzMDI4Njc2RDE2N0M4M0YwQ0NBNTg5MzcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC0NhJzz+1bsEhkzn0H8iUg/UTLOGj+W5RERuUY0MNsBz6gutV9
X+AcAqAzOQccedeMWhIvIjYdX5WJv/xeVBTXj2BaJsw1Fnay11/IojPnTmese0tK
HjvnTqG3Qzy7EgjKF/Z19OdbUwKKkX39IjTw8TJ0QtrrdsPi4dYWa0vDsrcVrhKC
f3g2dCDhOxJvP6fjMyiWkWIShaYOsv1o1oeRlGtex0THP5b2t7G88QDeSwlenm+9
5f8ZxrgmhKwGfK/Sz4HMHMsUF52ChKwxucvGkV2JNd4mUQ3fE0ztrO5Ck1axBH9P
QpZE6DaJB4reVEn5Syym5GWjKUUnUzyUKciBAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUUBKOvzCLBBwwKGdtFnyD8MyliTcwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1VCS092ekNMQkJ3d0tH
ZHRGbnlEOE15bGlUYy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAIuEnUTklqte4dMW
P3rm+CQeJwhuiO90AaxjM9JDA19m+gw1UH05MwwmJGecdz8HMdeClYrHovuYRpA7
o6BCgmcJBvmI1wKVt/YZ0fJ7cJe6ORJp8kGWwDICoaNE6zC827pcHV+q2C7p1kG5
h11g3EKdMOnaozah6WRlOTgsAr5IK2fKeQudTnLJrjyMJtvRbAHNHdjqVrn958LS
67GACF3jCHVnpekK9WTyGgDC8Sfpp7tIjC0PfqQmrIiCA7bo77M2IxST1YK0fI5l
HNQPTDrcPNc00pwmPvDx1XZDPmkmDkeQDanSCJRyvfq55HhezNwFGV4Qd3OxbPVJ
8ysvYH0=
-----END CERTIFICATE-----
Generated at Sat May 17 23:46:37 2025 by rpki-client