Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/uzl6p8g8_VWAZLb_mrslVMqJsXk.roa
File: uzl6p8g8_VWAZLb_mrslVMqJsXk.roa (raw, json)
Hash identifier: BiMmxroRzLi6yAE3OIk4W/DtobF92W+SH8qWm+S13cM=
Subject key identifier: BB:39:7A:A7:C8:3C:FD:55:80:64:B6:FF:9A:BB:25:54:CA:89:B1:79
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3B4D
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/uzl6p8g8_VWAZLb_mrslVMqJsXk.roa
Signing time: Sun 07 Apr 2024 15:52:33 +0000
ROA not before: Sun 07 Apr 2024 15:52:33 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15181 (0x3b4d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 7 15:52:33 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=BB397AA7C83CFD558064B6FF9ABB2554CA89B179
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:61:24:7a:f6:26:85:1e:56:4a:e7:66:e3:c5:
d5:d4:af:14:ee:91:cd:93:84:4d:57:3f:7d:c7:1f:
c5:e8:21:42:37:70:5a:cc:7c:cd:57:48:8a:a6:9b:
d6:97:bd:44:fb:d2:01:f8:48:3b:ff:c2:24:46:61:
7e:18:6d:24:b6:55:49:68:c2:59:8c:a3:e1:0b:c5:
95:89:1c:5e:db:18:45:60:b6:7c:99:55:7e:88:21:
eb:76:96:cc:89:a0:c7:9a:61:bd:4d:99:ea:87:fa:
70:98:0a:e5:04:d9:d9:8d:0e:ff:69:de:54:2f:5a:
3a:55:83:5d:81:e3:c0:83:a7:69:bc:9f:b2:66:12:
02:95:3b:84:1b:54:61:5c:ee:9c:cc:04:04:d2:e9:
d9:1b:40:ce:c3:42:37:cd:78:71:95:ef:a9:14:9d:
91:32:56:64:cb:ce:d6:5d:bb:80:fc:01:3c:7b:83:
86:e9:e9:d4:d2:7d:a3:ed:d6:d1:88:98:94:73:8a:
f1:cc:69:a0:ae:40:26:ed:5c:41:20:c8:91:41:d2:
65:0c:f7:2c:42:19:7d:e8:1b:c8:7f:59:42:89:c2:
e2:2a:33:28:e4:2a:6a:86:53:a1:b2:bc:0b:1c:ac:
c9:64:8a:b5:fc:c7:37:62:b2:18:c4:08:b4:d1:b2:
1b:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:39:7A:A7:C8:3C:FD:55:80:64:B6:FF:9A:BB:25:54:CA:89:B1:79
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/uzl6p8g8_VWAZLb_mrslVMqJsXk.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
39:7a:bd:3d:3b:1c:d7:10:ae:a8:eb:2d:bc:03:53:e4:9a:80:
e0:41:ff:6d:24:cb:f1:10:17:dc:ca:99:4f:36:f5:70:85:41:
aa:ad:ee:c6:5c:6a:39:e5:03:9d:17:f9:fb:db:e9:3b:1f:27:
3e:97:12:33:70:14:64:5a:25:78:fa:06:6c:87:d8:99:e3:e1:
95:dd:af:66:58:4a:85:05:38:86:71:97:9f:43:ac:1c:cd:d7:
fb:8e:53:92:60:06:2d:88:1a:d5:6d:ba:4d:95:c8:e7:73:86:
3b:22:17:bb:26:a7:e3:a3:09:d9:1c:2e:6e:41:a2:40:c7:df:
d6:80:82:5f:4a:36:b6:77:7d:7e:c3:eb:3f:b7:8a:70:4d:9c:
5a:ea:b0:fe:2c:f0:f7:30:6a:37:c6:52:25:b3:6a:a9:dd:53:
aa:9e:fe:1a:ec:a5:b3:39:82:c9:24:f2:f4:95:e4:0c:c7:b6:
fc:fa:8a:f4:d2:26:c3:00:14:d2:bb:61:9a:8f:07:61:69:7f:
e0:7a:57:f0:dd:e2:89:5c:db:2b:65:f2:b3:b8:e7:c0:dc:2a:
53:64:ba:bf:41:1e:6c:39:fb:e8:40:95:ab:59:83:d4:5e:72:
cc:24:e3:f1:bf:25:02:4f:ab:1c:47:d7:75:5e:f1:3b:78:9e:
2b:7e:dd:50
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICO00wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDcx
NTUyMzNaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEJCMzk3QUE3QzgzQ0ZE
NTU4MDY0QjZGRjlBQkIyNTU0Q0E4OUIxNzkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDuYSR69iaFHlZK52bjxdXUrxTukc2ThE1XP33HH8XoIUI3cFrM
fM1XSIqmm9aXvUT70gH4SDv/wiRGYX4YbSS2VUlowlmMo+ELxZWJHF7bGEVgtnyZ
VX6IIet2lsyJoMeaYb1NmeqH+nCYCuUE2dmNDv9p3lQvWjpVg12B48CDp2m8n7Jm
EgKVO4QbVGFc7pzMBATS6dkbQM7DQjfNeHGV76kUnZEyVmTLztZdu4D8ATx7g4bp
6dTSfaPt1tGImJRzivHMaaCuQCbtXEEgyJFB0mUM9yxCGX3oG8h/WUKJwuIqMyjk
KmqGU6GyvAscrMlkirX8xzdishjECLTRsht9AgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUuzl6p8g8/VWAZLb/mrslVMqJsXkwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3V6bDZwOGc4X1ZXQVpM
Yl9tcnNsVk1xSnNYay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBADl6vT07HNcQrqjr
LbwDU+SagOBB/20ky/EQF9zKmU829XCFQaqt7sZcajnlA50X+fvb6TsfJz6XEjNw
FGRaJXj6BmyH2Jnj4ZXdr2ZYSoUFOIZxl59DrBzN1/uOU5JgBi2IGtVtuk2VyOdz
hjsiF7smp+OjCdkcLm5BokDH39aAgl9KNrZ3fX7D6z+3inBNnFrqsP4s8PcwajfG
UiWzaqndU6qe/hrspbM5gskk8vSV5AzHtvz6ivTSJsMAFNK7YZqPB2Fpf+B6V/Dd
4olc2ytl8rO458DcKlNkur9BHmw5++hAlatZg9Recswk4/G/JQJPqxxH13Ve8Tt4
nit+3VA=
-----END CERTIFICATE-----
Generated at Sun May 18 02:01:47 2025 by rpki-client