Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/WpSZgBfCb-ujRC-hJnPEFTVYN5k.roa
File: WpSZgBfCb-ujRC-hJnPEFTVYN5k.roa (raw, json)
Hash identifier: Yi2TUC+uFIT05nV4pkcJOgvyWT2dO5wyk22pLFZflsY=
Subject key identifier: 5A:94:99:80:17:C2:6F:EB:A3:44:2F:A1:26:73:C4:15:35:58:37:99
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 386D
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/WpSZgBfCb-ujRC-hJnPEFTVYN5k.roa
Signing time: Wed 03 Apr 2024 19:52:20 +0000
ROA not before: Wed 03 Apr 2024 19:52:20 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14445 (0x386d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 3 19:52:20 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=5A94998017C26FEBA3442FA12673C41535583799
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:1d:e9:86:b1:81:c8:fb:6e:55:31:83:5b:31:
b1:29:ac:cf:1f:46:34:de:5d:5a:bd:c7:3b:5e:d9:
3e:d9:47:d4:a4:e0:65:15:23:9e:d2:18:04:6f:8f:
e3:83:41:7d:c2:30:b0:91:8d:8b:e7:ff:58:b1:76:
56:74:a4:93:76:8e:bc:f2:63:eb:37:d3:1b:c0:10:
1a:86:04:dd:90:08:ff:8d:33:11:1f:46:97:5b:af:
21:92:dc:99:0b:3a:68:40:c8:04:01:d5:89:66:f6:
44:6b:a5:ec:59:31:46:ea:fb:7b:fc:25:6d:ca:66:
8d:f6:35:88:6c:5e:aa:44:2f:79:31:01:89:26:0a:
a5:2f:2f:ba:c2:1b:d7:e2:80:91:fc:b7:3d:0e:71:
62:b3:48:1a:3c:f6:eb:08:5d:34:b3:92:bb:35:db:
a3:db:6c:ee:89:26:32:29:b5:3b:52:e4:7a:bb:58:
ca:3f:dc:85:db:e7:73:2f:c7:f1:e7:3a:3c:71:97:
74:64:46:94:69:05:6d:e3:3e:59:8d:39:e8:a6:f1:
a7:a2:06:bf:fb:cd:e5:48:38:15:a4:63:e3:b3:f5:
80:1e:a7:82:83:8d:43:8b:37:c1:43:a7:10:ef:84:
ce:10:b6:0e:a9:19:f6:b0:0a:ff:27:e0:04:86:ae:
04:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:94:99:80:17:C2:6F:EB:A3:44:2F:A1:26:73:C4:15:35:58:37:99
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/WpSZgBfCb-ujRC-hJnPEFTVYN5k.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
a7:cb:c1:93:8f:35:e9:29:22:30:2e:b2:c2:ea:36:8e:34:d0:
57:61:93:dd:fd:15:40:06:e6:e1:f2:de:f8:c9:bc:30:f3:b9:
ec:d5:66:0b:55:2e:d3:b2:c9:3f:53:0d:8a:a0:76:6b:f5:55:
47:3b:32:fe:d4:3a:0b:94:ee:42:1c:b2:61:b5:da:da:64:05:
25:0e:31:b0:8d:f2:47:1e:32:84:4e:23:1a:8a:0a:9b:36:b5:
70:ef:74:85:69:94:07:2e:9e:2f:05:f5:a1:f5:c2:32:76:d3:
01:f0:29:d0:60:3c:9e:78:da:2a:c0:fa:02:58:fa:4f:44:69:
49:4d:bc:41:9c:ad:45:32:39:83:57:cd:c5:50:dd:67:ad:a1:
dd:d6:94:46:ad:6c:39:8f:0b:d0:f7:e1:b9:51:eb:8c:b0:af:
53:b2:07:5e:07:1e:13:d3:bd:34:c3:7d:f7:73:7c:5d:d9:2a:
51:12:6a:da:f2:da:6f:81:82:db:bf:52:d7:ac:57:fd:bf:2b:
f8:c5:e9:50:fe:4c:35:ce:91:30:51:6a:ba:1c:4a:3e:ba:55:
21:1f:c4:50:a1:54:a4:fe:2d:f5:0b:f1:5a:bd:25:83:30:aa:
87:a2:6c:b8:55:59:6e:2a:85:17:16:6a:ff:99:6f:46:8c:71:
7b:d5:b0:16
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICOG0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDMx
OTUyMjBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDVBOTQ5OTgwMTdDMjZG
RUJBMzQ0MkZBMTI2NzNDNDE1MzU1ODM3OTkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC9HemGsYHI+25VMYNbMbEprM8fRjTeXVq9xzte2T7ZR9Sk4GUV
I57SGARvj+ODQX3CMLCRjYvn/1ixdlZ0pJN2jrzyY+s30xvAEBqGBN2QCP+NMxEf
RpdbryGS3JkLOmhAyAQB1Ylm9kRrpexZMUbq+3v8JW3KZo32NYhsXqpEL3kxAYkm
CqUvL7rCG9figJH8tz0OcWKzSBo89usIXTSzkrs126PbbO6JJjIptTtS5Hq7WMo/
3IXb53Mvx/HnOjxxl3RkRpRpBW3jPlmNOeim8aeiBr/7zeVIOBWkY+Oz9YAep4KD
jUOLN8FDpxDvhM4Qtg6pGfawCv8n4ASGrgTNAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUWpSZgBfCb+ujRC+hJnPEFTVYN5kwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1dwU1pnQmZDYi11alJD
LWhKblBFRlRWWU41ay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAKfLwZOPNekpIjAu
ssLqNo400Fdhk939FUAG5uHy3vjJvDDzuezVZgtVLtOyyT9TDYqgdmv1VUc7Mv7U
OguU7kIcsmG12tpkBSUOMbCN8kceMoROIxqKCps2tXDvdIVplAcuni8F9aH1wjJ2
0wHwKdBgPJ542irA+gJY+k9EaUlNvEGcrUUyOYNXzcVQ3Wetod3WlEatbDmPC9D3
4blR64ywr1OyB14HHhPTvTTDffdzfF3ZKlESatry2m+Bgtu/UtesV/2/K/jF6VD+
TDXOkTBRarocSj66VSEfxFChVKT+LfUL8Vq9JYMwqoeibLhVWW4qhRcWav+Zb0aM
cXvVsBY=
-----END CERTIFICATE-----
Generated at Sat May 17 19:52:37 2025 by rpki-client