Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/B-ejvYESF_ej6SbQn0fXuaW1Epk.roa
File: B-ejvYESF_ej6SbQn0fXuaW1Epk.roa (raw, json)
Hash identifier: 1pcTP9L88hRPXpbHNx31LK46xTlR3zuwOpurhmKa4Os=
Subject key identifier: 07:E7:A3:BD:81:12:17:F7:A3:E9:26:D0:9F:47:D7:B9:A5:B5:12:99
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 5615
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/B-ejvYESF_ej6SbQn0fXuaW1Epk.roa
Signing time: Mon 13 May 2024 08:54:25 +0000
ROA not before: Mon 13 May 2024 08:54:25 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 22037 (0x5615)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 13 08:54:25 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=07E7A3BD811217F7A3E926D09F47D7B9A5B51299
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:c0:78:fe:e6:3c:fa:79:62:8f:53:f1:72:bf:
2e:58:35:cb:82:c6:3b:16:00:6d:26:f0:56:f2:4c:
fe:08:a3:f5:dc:49:f2:7d:9f:4a:56:60:2d:24:f9:
84:30:2e:9c:0c:2a:c7:42:15:10:48:bb:e8:25:52:
c9:de:3f:54:77:23:82:cd:96:09:f3:96:14:b0:51:
44:c6:2e:cf:6d:08:35:14:e0:b0:aa:2c:b4:05:f0:
33:24:57:52:23:10:b6:bf:df:1d:77:f3:f3:d6:97:
cd:1a:e2:1a:14:ce:f8:f2:17:ad:50:f0:f1:1d:24:
b2:fe:22:89:1a:d1:da:66:b8:71:b7:71:7a:7a:ac:
53:34:ce:a8:da:2d:37:10:f2:16:95:17:b1:7e:fe:
4c:f6:e4:6b:a1:85:8a:54:97:43:41:7d:bf:04:45:
f5:b3:1a:d6:7f:19:d9:41:a5:13:89:7a:64:b7:b3:
30:e6:a9:5f:d4:ec:38:1d:c6:b7:75:ff:ac:69:72:
0e:ae:0a:1f:c6:5b:b3:e9:93:62:a8:53:85:3b:12:
91:6d:1d:37:c9:0b:21:9c:26:e5:59:ba:7f:b3:88:
bd:b4:2c:1f:a0:c6:9c:2b:10:30:60:01:de:eb:97:
c1:49:52:b8:b4:ec:e6:b9:72:cf:34:f4:18:9d:10:
b8:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:E7:A3:BD:81:12:17:F7:A3:E9:26:D0:9F:47:D7:B9:A5:B5:12:99
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/B-ejvYESF_ej6SbQn0fXuaW1Epk.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
8e:5c:fa:b7:0a:7c:00:bc:cf:3c:0b:77:1a:71:35:1d:ab:32:
ca:16:83:cf:f7:97:cf:91:42:ad:3d:22:0b:99:22:db:bc:40:
4e:76:87:26:0f:93:80:f8:fe:80:38:cd:b4:af:57:06:d8:39:
19:e1:f5:72:2a:6e:42:73:af:77:16:fd:b0:1a:f8:92:c9:93:
a8:93:2f:63:03:fb:39:ea:eb:44:0c:3b:b4:8d:ef:b6:1d:d8:
89:a8:ef:08:75:6c:07:06:5c:98:2f:27:e9:b5:45:a1:9b:2d:
4e:a8:10:f5:18:d8:81:9e:71:21:32:36:85:85:49:27:8d:2e:
d8:64:6b:74:8f:c5:dd:74:74:c5:3f:fe:8f:10:31:8e:ba:95:
d6:92:0c:70:3e:d2:1e:c6:99:bc:4a:77:51:45:76:8c:26:b4:
51:82:22:81:af:04:91:61:3a:ff:68:9a:63:55:96:83:27:c6:
30:d6:f4:16:9f:45:d4:5e:24:b9:54:1c:b2:48:50:39:18:1a:
8d:31:7c:49:44:81:9f:67:c5:e3:c5:13:2e:b8:40:5c:20:6d:
90:ae:3b:c0:b1:63:20:b8:c8:4e:e4:db:e5:b4:f1:d9:44:90:
4c:b9:5b:cf:d0:f7:4e:cc:16:f2:68:9e:b6:10:b9:54:fe:c1:
37:31:67:76
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICVhUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MTMw
ODU0MjVaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDA3RTdBM0JEODExMjE3
RjdBM0U5MjZEMDlGNDdEN0I5QTVCNTEyOTkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDOwHj+5jz6eWKPU/Fyvy5YNcuCxjsWAG0m8FbyTP4Io/XcSfJ9
n0pWYC0k+YQwLpwMKsdCFRBIu+glUsneP1R3I4LNlgnzlhSwUUTGLs9tCDUU4LCq
LLQF8DMkV1IjELa/3x138/PWl80a4hoUzvjyF61Q8PEdJLL+Ioka0dpmuHG3cXp6
rFM0zqjaLTcQ8haVF7F+/kz25GuhhYpUl0NBfb8ERfWzGtZ/GdlBpROJemS3szDm
qV/U7Dgdxrd1/6xpcg6uCh/GW7Ppk2KoU4U7EpFtHTfJCyGcJuVZun+ziL20LB+g
xpwrEDBgAd7rl8FJUri07Oa5cs809BidELjLAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUB+ejvYESF/ej6SbQn0fXuaW1EpkwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0ItZWp2WUVTRl9lajZT
YlFuMGZYdWFXMUVway5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAI5c+rcKfAC8zzwL
dxpxNR2rMsoWg8/3l8+RQq09IguZItu8QE52hyYPk4D4/oA4zbSvVwbYORnh9XIq
bkJzr3cW/bAa+JLJk6iTL2MD+znq60QMO7SN77Yd2Imo7wh1bAcGXJgvJ+m1RaGb
LU6oEPUY2IGecSEyNoWFSSeNLthka3SPxd10dMU//o8QMY66ldaSDHA+0h7GmbxK
d1FFdowmtFGCIoGvBJFhOv9ommNVloMnxjDW9BafRdReJLlUHLJIUDkYGo0xfElE
gZ9nxePFEy64QFwgbZCuO8CxYyC4yE7k2+W08dlEkEy5W8/Q907MFvJonrYQuVT+
wTcxZ3Y=
-----END CERTIFICATE-----
Generated at Mon Apr 14 13:44:09 2025 by rpki-client