Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/AcyA6SoHK1ByAqxab_w4FhfTgSk.roa
File: AcyA6SoHK1ByAqxab_w4FhfTgSk.roa (raw, json)
Hash identifier: LcO2Z3wjXMtStwyiQIioNTv7fkmNJZsFw4uLUyu4sEQ=
Subject key identifier: 01:CC:80:E9:2A:07:2B:50:72:02:AC:5A:6F:FC:38:16:17:D3:81:29
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4D61
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/AcyA6SoHK1ByAqxab_w4FhfTgSk.roa
Signing time: Wed 01 May 2024 18:23:38 +0000
ROA not before: Wed 01 May 2024 18:23:38 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 19809 (0x4d61)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 1 18:23:38 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=01CC80E92A072B507202AC5A6FFC381617D38129
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:fd:7f:3a:4e:af:bd:4e:ad:a8:37:b0:c8:e6:
ca:0c:c3:8a:8b:a7:00:b8:2c:c3:83:fb:9e:0b:da:
9f:ad:66:dc:7a:6d:b1:d2:8d:c3:36:1c:8b:5a:a5:
96:b7:18:ae:4c:25:26:39:6a:91:b1:32:13:76:bb:
1c:86:78:fc:64:ce:f4:d7:1d:90:8f:74:53:0a:1a:
98:40:ac:05:a3:34:a7:8f:64:fe:ac:3f:ed:9f:b8:
d4:60:67:8d:41:eb:56:46:3b:08:61:ef:05:ee:0e:
81:34:0b:9d:e1:43:06:0d:3e:35:c6:5e:b6:42:41:
5e:e4:80:eb:46:03:ad:01:72:29:48:fd:ff:08:9b:
fe:3f:e1:5b:2c:37:a1:24:95:b4:9c:8d:96:16:68:
20:91:ec:f0:7f:01:3d:37:5e:a9:3e:2c:68:60:ff:
a8:25:6f:d3:0f:2b:22:c0:b3:2e:95:03:c9:60:5b:
fc:4d:df:3b:92:a8:57:bb:e7:1b:bf:fb:1c:b5:b4:
bf:13:e8:59:22:20:63:d9:0b:48:b8:f9:3d:c8:b0:
4d:96:8f:0a:92:2b:43:3c:a3:86:a4:c6:03:0e:e3:
57:93:91:5f:e2:2c:f9:e5:b4:14:31:94:c2:d2:b9:
28:8d:cc:57:0b:45:53:4b:1f:99:76:e8:b9:b6:07:
36:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:CC:80:E9:2A:07:2B:50:72:02:AC:5A:6F:FC:38:16:17:D3:81:29
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/AcyA6SoHK1ByAqxab_w4FhfTgSk.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
7f:e9:0e:26:08:a0:58:53:61:07:10:c2:59:a7:64:7f:00:0b:
80:1b:48:95:df:a5:83:e1:99:3b:7f:eb:85:16:fa:ec:18:ab:
c3:fe:00:04:a5:aa:10:7a:1d:52:6c:5b:f2:1c:c4:76:67:d1:
a3:b8:35:3f:59:32:61:38:23:2e:63:48:57:e1:08:29:2f:4b:
67:d8:b0:59:e0:ba:24:d2:82:44:08:0f:bc:f7:ae:c1:ab:7d:
13:58:5b:c2:7c:fd:7e:be:d3:36:21:28:64:20:8e:ba:47:f7:
41:c4:87:f8:41:fb:6d:c5:3c:ab:b6:dd:ac:38:f8:c3:11:9f:
23:90:a9:cb:71:cf:2a:2f:1a:64:bd:7c:02:86:66:6c:a5:ac:
a8:2e:85:d3:61:36:8a:d1:33:b7:bd:5b:10:bb:f2:47:ed:64:
76:46:cd:0a:31:6d:89:7b:45:4c:76:aa:ac:cb:65:1c:29:fa:
b1:2b:c7:7a:93:aa:d1:de:47:dc:1e:5e:33:38:8c:b5:a9:b2:
21:3b:b2:57:45:b6:c6:a2:1f:d7:d7:69:9c:b3:ba:51:3e:9d:
f0:e0:a5:da:96:8f:73:32:84:46:fc:97:ec:72:91:2b:be:88:
a9:97:ca:20:50:ec:a0:8b:26:13:e7:ef:6b:ce:4a:ac:a0:02:
e9:cf:a6:31
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICTWEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDEx
ODIzMzhaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDAxQ0M4MEU5MkEwNzJC
NTA3MjAyQUM1QTZGRkMzODE2MTdEMzgxMjkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCm/X86Tq+9Tq2oN7DI5soMw4qLpwC4LMOD+54L2p+tZtx6bbHS
jcM2HItapZa3GK5MJSY5apGxMhN2uxyGePxkzvTXHZCPdFMKGphArAWjNKePZP6s
P+2fuNRgZ41B61ZGOwhh7wXuDoE0C53hQwYNPjXGXrZCQV7kgOtGA60BcilI/f8I
m/4/4VssN6EklbScjZYWaCCR7PB/AT03Xqk+LGhg/6glb9MPKyLAsy6VA8lgW/xN
3zuSqFe75xu/+xy1tL8T6FkiIGPZC0i4+T3IsE2WjwqSK0M8o4akxgMO41eTkV/i
LPnltBQxlMLSuSiNzFcLRVNLH5l26Lm2BzZjAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUAcyA6SoHK1ByAqxab/w4FhfTgSkwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0FjeUE2U29ISzFCeUFx
eGFiX3c0RmhmVGdTay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAH/pDiYIoFhTYQcQ
wlmnZH8AC4AbSJXfpYPhmTt/64UW+uwYq8P+AASlqhB6HVJsW/IcxHZn0aO4NT9Z
MmE4Iy5jSFfhCCkvS2fYsFnguiTSgkQID7z3rsGrfRNYW8J8/X6+0zYhKGQgjrpH
90HEh/hB+23FPKu23aw4+MMRnyOQqctxzyovGmS9fAKGZmylrKguhdNhNorRM7e9
WxC78kftZHZGzQoxbYl7RUx2qqzLZRwp+rErx3qTqtHeR9weXjM4jLWpsiE7sldF
tsaiH9fXaZyzulE+nfDgpdqWj3MyhEb8l+xykSu+iKmXyiBQ7KCLJhPn72vOSqyg
AunPpjE=
-----END CERTIFICATE-----
Generated at Sun Jul 20 12:47:52 2025 by rpki-client