Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/e_inqbvAVE3lW7mXjfrj1AaYFEs.roa
File: e_inqbvAVE3lW7mXjfrj1AaYFEs.roa (raw, json)
Hash identifier: MDv8OH5AEVYYVgMqOIR5ymdi3c6GUhBllUQgTbeGSMk=
Subject key identifier: 7B:F8:A7:A9:BB:C0:54:4D:E5:5B:B9:97:8D:FA:E3:D4:06:98:14:4B
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 34ED
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/e_inqbvAVE3lW7mXjfrj1AaYFEs.roa
Signing time: Sat 30 Mar 2024 03:52:07 +0000
ROA not before: Sat 30 Mar 2024 03:52:07 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13549 (0x34ed)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Mar 30 03:52:07 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=7BF8A7A9BBC0544DE55BB9978DFAE3D40698144B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:6b:29:e8:30:ed:61:69:ce:ce:1d:a5:05:b0:
74:18:41:03:25:65:a9:f8:99:b9:8f:09:b4:94:63:
f7:ad:7a:5b:51:91:ff:7b:b5:f5:b5:0f:07:0e:64:
44:99:a8:d2:b7:01:b6:bc:5a:b0:28:9a:c6:43:5f:
69:2f:a9:4a:55:3b:df:7e:ff:66:8f:92:f9:3d:1f:
6a:da:5e:34:a1:ac:08:cd:1d:da:f8:f8:f8:cb:4d:
7a:1c:09:91:4e:6a:e1:c6:aa:9d:1f:66:81:40:73:
24:74:00:70:e9:2f:ed:be:9d:71:24:64:63:7d:71:
d4:4f:16:dd:d4:0a:8a:f1:76:bb:8f:db:9c:19:68:
15:94:49:b2:e6:d3:44:d6:3c:56:e2:7f:aa:08:6e:
31:64:a1:a4:94:22:2b:fe:68:5d:20:ae:ea:e7:c5:
b6:8a:ba:31:c6:e2:20:1f:f1:6f:96:85:a8:23:a3:
f5:ce:c5:1a:19:f5:d7:df:f0:cd:21:47:9d:c6:0d:
c2:48:04:ee:fa:df:43:16:f7:4d:8d:fa:fe:cf:c4:
61:01:e4:97:6a:1a:66:91:0c:72:5d:ff:b3:38:ea:
20:16:af:06:6a:7f:05:18:ee:e3:51:70:8c:c7:f7:
90:41:02:2a:4b:72:ca:d1:0c:a9:81:14:0d:a8:5c:
af:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:F8:A7:A9:BB:C0:54:4D:E5:5B:B9:97:8D:FA:E3:D4:06:98:14:4B
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/e_inqbvAVE3lW7mXjfrj1AaYFEs.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
0b:fb:9e:a1:6a:af:0d:af:f3:4c:eb:d9:a0:e9:0f:78:91:08:
4b:1d:b0:7c:bd:56:7f:f1:c0:45:7c:f8:af:52:74:a7:1e:9f:
ef:47:af:c7:ef:fe:0e:22:e8:82:80:28:cc:2c:19:c1:57:63:
84:0a:ed:ac:12:be:e9:07:e2:41:27:e1:dc:28:3c:49:72:fc:
19:ee:c1:e3:f3:02:8a:ab:50:77:46:37:1f:bd:2f:f9:06:17:
41:8f:46:98:67:ca:8c:f1:b0:b2:e7:1e:e7:31:e9:af:7f:12:
a3:68:97:20:34:a4:db:ac:34:c2:dc:c5:28:e8:db:e9:8d:8b:
d7:5b:59:02:47:9c:c3:dd:b8:7f:f2:11:84:f3:f8:c0:ce:43:
fc:b6:0c:3d:23:2e:aa:e8:88:10:d7:9d:50:80:6d:12:79:ee:
f7:7c:6e:f4:11:b5:d0:bf:fd:50:f7:33:da:5c:45:af:e4:30:
b0:a7:4f:e7:a4:71:f5:a2:31:3e:87:a7:6a:e0:90:95:48:c8:
22:27:2b:88:b1:08:5e:59:f1:25:9c:78:9b:d6:d3:5b:50:31:
6a:f6:30:f4:95:d9:ca:ff:ea:84:97:3b:4f:2c:9d:95:f2:5e:
de:11:f9:49:5a:64:e3:4c:37:34:54:89:c7:e2:80:bf:dc:30:
ef:1c:50:e0
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICNO0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDAzMzAw
MzUyMDdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDdCRjhBN0E5QkJDMDU0
NERFNTVCQjk5NzhERkFFM0Q0MDY5ODE0NEIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCfaynoMO1hac7OHaUFsHQYQQMlZan4mbmPCbSUY/eteltRkf97
tfW1DwcOZESZqNK3Aba8WrAomsZDX2kvqUpVO99+/2aPkvk9H2raXjShrAjNHdr4
+PjLTXocCZFOauHGqp0fZoFAcyR0AHDpL+2+nXEkZGN9cdRPFt3UCorxdruP25wZ
aBWUSbLm00TWPFbif6oIbjFkoaSUIiv+aF0grurnxbaKujHG4iAf8W+Whagjo/XO
xRoZ9dff8M0hR53GDcJIBO7630MW902N+v7PxGEB5JdqGmaRDHJd/7M46iAWrwZq
fwUY7uNRcIzH95BBAipLcsrRDKmBFA2oXK+dAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUe/inqbvAVE3lW7mXjfrj1AaYFEswHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2VfaW5xYnZBVkUzbFc3
bVhqZnJqMUFhWUZFcy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAAv7nqFqrw2v80zr
2aDpD3iRCEsdsHy9Vn/xwEV8+K9SdKcen+9Hr8fv/g4i6IKAKMwsGcFXY4QK7awS
vukH4kEn4dwoPEly/BnuwePzAoqrUHdGNx+9L/kGF0GPRphnyozxsLLnHucx6a9/
EqNolyA0pNusNMLcxSjo2+mNi9dbWQJHnMPduH/yEYTz+MDOQ/y2DD0jLqroiBDX
nVCAbRJ57vd8bvQRtdC//VD3M9pcRa/kMLCnT+ekcfWiMT6Hp2rgkJVIyCInK4ix
CF5Z8SWceJvW01tQMWr2MPSV2cr/6oSXO08snZXyXt4R+UlaZONMNzRUicfigL/c
MO8cUOA=
-----END CERTIFICATE-----
Generated at Sun May 18 02:00:48 2025 by rpki-client