Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/WYMWYZn_z4fxusPmYd_ruTb8AnI.roa
File: WYMWYZn_z4fxusPmYd_ruTb8AnI.roa (raw, json)
Hash identifier: RQs9XNW7X0TwK7KFMTefxZlc29VUHSl9NBP8VYCu5oE=
Subject key identifier: 59:83:16:61:99:FF:CF:87:F1:BA:C3:E6:61:DF:EB:B9:36:FC:02:72
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 5441
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/WYMWYZn_z4fxusPmYd_ruTb8AnI.roa
Signing time: Fri 10 May 2024 22:24:25 +0000
ROA not before: Fri 10 May 2024 22:24:25 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21569 (0x5441)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 10 22:24:25 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=5983166199FFCF87F1BAC3E661DFEBB936FC0272
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:86:04:e4:01:cc:5b:9b:35:e8:ea:f2:90:1c:
2b:85:ac:84:5f:59:98:63:04:a4:19:3d:6b:94:67:
6c:c1:62:f4:15:cb:1e:8c:3b:4b:ed:58:08:ee:fb:
16:f5:8c:b8:e8:43:8b:7d:18:01:2a:b0:6c:96:31:
1e:31:ff:a4:7b:cc:98:59:93:cf:aa:d7:12:62:4f:
fe:dc:5b:3f:32:7e:35:77:82:3f:13:0e:73:15:7f:
94:84:11:8a:3c:b8:b7:e0:5f:40:96:5f:9b:ff:4c:
0e:f4:35:24:46:15:3c:0d:3a:7e:52:ab:0c:01:42:
b5:83:c2:5d:0a:7b:47:52:b4:07:b8:81:f4:b5:7b:
84:63:26:19:f8:38:f4:14:29:e6:92:ce:5d:a7:e3:
f0:81:c7:1a:4c:92:f7:75:ab:35:46:6f:6c:54:47:
e9:15:68:91:e6:ca:57:b4:9c:b5:d9:01:f1:1a:18:
fb:92:17:ee:1a:69:d2:f8:1d:56:43:0a:6b:b7:3b:
c4:76:0c:ff:43:02:50:b9:f1:5d:93:68:71:0c:1a:
d8:71:86:01:0c:32:3c:4b:bc:f4:53:25:09:53:06:
5c:94:0a:01:a9:7c:3e:0c:23:66:a9:54:c4:5c:62:
e7:8c:47:e8:4f:16:7a:b3:81:a3:96:01:76:a5:03:
fb:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:83:16:61:99:FF:CF:87:F1:BA:C3:E6:61:DF:EB:B9:36:FC:02:72
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/WYMWYZn_z4fxusPmYd_ruTb8AnI.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
9c:3a:fb:ef:e4:f0:54:7a:a9:e6:f4:fe:01:9c:05:2b:e8:a0:
a0:17:ce:91:87:6d:24:e2:9f:d2:fc:a1:5f:ea:f0:15:ec:b8:
f8:07:86:b2:f0:c3:42:b6:dc:3c:ea:ea:fb:48:57:8c:c7:d9:
04:02:3b:34:2d:53:d3:a2:f2:01:e8:c6:69:f4:d3:b1:7b:02:
82:16:ab:97:1b:48:59:24:f6:f9:a9:28:4b:c7:ad:ee:80:8b:
97:d2:d1:2f:19:4a:a3:a3:31:e4:c9:dd:68:a6:b1:0d:31:ca:
85:18:55:d3:ff:d7:97:4e:26:d7:6d:88:27:dc:f5:69:74:dd:
90:98:b2:25:4c:56:35:3a:d1:5c:b2:b6:6c:dd:10:1f:d8:8a:
99:6a:1d:43:d9:ad:94:12:6a:64:fe:94:8d:8f:c8:c5:0e:c0:
f3:3a:32:05:da:80:73:2a:d6:d1:37:9e:31:66:6a:95:6e:b4:
aa:cd:f2:37:e0:68:dc:36:41:16:fc:be:ac:87:15:b3:2e:4d:
dd:76:cd:ab:41:d1:07:29:2d:b6:82:8a:b0:d7:e6:0e:bc:82:
ab:f3:a7:60:1b:9d:2c:44:5e:30:56:b8:ee:0f:8d:1e:09:37:
95:d0:52:3a:c7:c3:12:70:65:a5:37:69:9a:6f:1a:f5:7f:6d:
b3:e9:39:60
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICVEEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MTAy
MjI0MjVaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDU5ODMxNjYxOTlGRkNG
ODdGMUJBQzNFNjYxREZFQkI5MzZGQzAyNzIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC0hgTkAcxbmzXo6vKQHCuFrIRfWZhjBKQZPWuUZ2zBYvQVyx6M
O0vtWAju+xb1jLjoQ4t9GAEqsGyWMR4x/6R7zJhZk8+q1xJiT/7cWz8yfjV3gj8T
DnMVf5SEEYo8uLfgX0CWX5v/TA70NSRGFTwNOn5SqwwBQrWDwl0Ke0dStAe4gfS1
e4RjJhn4OPQUKeaSzl2n4/CBxxpMkvd1qzVGb2xUR+kVaJHmyle0nLXZAfEaGPuS
F+4aadL4HVZDCmu3O8R2DP9DAlC58V2TaHEMGthxhgEMMjxLvPRTJQlTBlyUCgGp
fD4MI2apVMRcYueMR+hPFnqzgaOWAXalA/tvAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUWYMWYZn/z4fxusPmYd/ruTb8AnIwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1dZTVdZWm5fejRmeHVz
UG1ZZF9ydVRiOEFuSS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAJw6++/k8FR6qeb0
/gGcBSvooKAXzpGHbSTin9L8oV/q8BXsuPgHhrLww0K23Dzq6vtIV4zH2QQCOzQt
U9Oi8gHoxmn007F7AoIWq5cbSFkk9vmpKEvHre6Ai5fS0S8ZSqOjMeTJ3WimsQ0x
yoUYVdP/15dOJtdtiCfc9Wl03ZCYsiVMVjU60VyytmzdEB/YiplqHUPZrZQSamT+
lI2PyMUOwPM6MgXagHMq1tE3njFmapVutKrN8jfgaNw2QRb8vqyHFbMuTd12zatB
0QcpLbaCirDX5g68gqvzp2AbnSxEXjBWuO4PjR4JN5XQUjrHwxJwZaU3aZpvGvV/
bbPpOWA=
-----END CERTIFICATE-----
Generated at Sat May 17 19:47:58 2025 by rpki-client