Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/BYqB_R-BnCRh-OSzhfQyE4Edcok.roa
File: BYqB_R-BnCRh-OSzhfQyE4Edcok.roa (raw, json)
Hash identifier: BmOH06cYWjU9kk0ONzJumsXxqMaoajVsl2/A9wIA1s8=
Subject key identifier: 05:8A:81:FD:1F:81:9C:24:61:F8:E4:B3:85:F4:32:13:81:1D:72:89
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4C01
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/BYqB_R-BnCRh-OSzhfQyE4Edcok.roa
Signing time: Mon 29 Apr 2024 22:23:31 +0000
ROA not before: Mon 29 Apr 2024 22:23:31 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 19457 (0x4c01)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 29 22:23:31 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=058A81FD1F819C2461F8E4B385F43213811D7289
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:d3:1c:a7:12:c6:a0:49:4a:18:41:63:9f:a6:
73:2e:3b:47:e0:82:8d:bb:78:fd:6a:99:da:87:f5:
a3:eb:1a:43:c2:23:76:fb:1b:60:29:7e:d7:ad:1d:
b6:3c:53:92:9c:31:f0:e4:ef:9d:86:6c:0c:88:e4:
15:a0:8a:fc:85:87:c7:50:91:b8:91:66:03:c0:98:
f2:cf:ed:a2:6b:81:34:8e:a3:f9:e0:1d:2a:b2:a1:
ed:c7:c6:f0:5f:64:32:b6:96:3c:5d:62:70:13:b5:
4b:2e:5d:00:4e:35:86:25:b1:89:2d:1b:58:1e:3d:
dd:c3:0f:a1:1e:64:75:47:9d:d3:8e:32:e9:c3:dd:
8d:87:a4:c7:f0:35:ad:8d:e7:67:8e:d1:2f:42:25:
85:1e:cd:ec:50:1c:3b:5e:ca:2a:c6:35:c1:14:12:
a4:1b:8a:43:eb:0f:ab:8a:a7:00:c2:a3:96:70:55:
b7:08:a4:94:f3:9d:21:8e:b0:33:cc:60:8b:c1:eb:
84:c2:cf:b0:69:12:76:1c:d1:c5:fd:60:d7:a8:77:
c4:e5:1f:de:7c:19:67:62:1e:91:e0:09:e6:f6:39:
c7:32:79:9a:bf:47:66:21:4d:de:e5:a8:ff:e7:62:
1f:71:d0:99:22:c5:0f:30:fa:db:b7:cc:0f:f1:7e:
52:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:8A:81:FD:1F:81:9C:24:61:F8:E4:B3:85:F4:32:13:81:1D:72:89
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/BYqB_R-BnCRh-OSzhfQyE4Edcok.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
98:08:08:6e:40:5a:d5:94:b2:26:60:a7:b6:64:e2:2b:1d:f6:
01:b9:4d:91:4a:9b:15:ab:f3:7e:fb:42:cf:f4:56:e3:28:fb:
a9:06:0c:17:2c:8d:4d:a1:f2:d8:67:43:73:13:1f:f7:55:78:
e7:4d:43:99:5d:35:ef:5f:72:87:f6:d0:b9:ab:d8:8d:cd:bf:
28:b1:da:ed:b8:82:ef:88:d7:fe:9e:76:43:2a:a4:0b:36:d1:
99:4e:ca:66:76:37:5a:38:32:eb:60:5b:19:be:63:3b:a2:30:
b1:57:d6:d3:7d:4d:a9:58:e4:5f:38:63:b3:5d:27:d2:1c:14:
35:16:02:68:d4:56:2d:13:08:f4:0e:45:32:2d:aa:09:37:55:
ba:b6:8b:e0:82:c8:8a:cf:5e:a3:33:35:09:39:2b:2f:6d:93:
ef:04:c0:3b:b1:af:26:1c:0c:69:d4:4f:77:37:26:9b:ca:13:
dd:b2:30:df:20:24:b7:26:09:a4:16:28:10:c0:29:84:0d:f0:
c3:8a:87:a6:23:c9:73:99:82:47:dc:a8:c9:f3:d2:ae:16:a4:
1b:a0:13:c4:4e:00:90:3d:a8:03:02:bc:6d:54:03:c5:1e:29:
c6:9c:c1:58:8a:0e:7c:7e:f7:7a:55:92:2e:60:f4:3e:71:b4:
dd:40:d7:a5
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICTAEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0Mjky
MjIzMzFaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDA1OEE4MUZEMUY4MTlD
MjQ2MUY4RTRCMzg1RjQzMjEzODExRDcyODkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDM0xynEsagSUoYQWOfpnMuO0fggo27eP1qmdqH9aPrGkPCI3b7
G2ApftetHbY8U5KcMfDk752GbAyI5BWgivyFh8dQkbiRZgPAmPLP7aJrgTSOo/ng
HSqyoe3HxvBfZDK2ljxdYnATtUsuXQBONYYlsYktG1gePd3DD6EeZHVHndOOMunD
3Y2HpMfwNa2N52eO0S9CJYUezexQHDteyirGNcEUEqQbikPrD6uKpwDCo5ZwVbcI
pJTznSGOsDPMYIvB64TCz7BpEnYc0cX9YNeod8TlH958GWdiHpHgCeb2OccyeZq/
R2YhTd7lqP/nYh9x0JkixQ8w+tu3zA/xflJ5AgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUBYqB/R+BnCRh+OSzhfQyE4EdcokwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0JZcUJfUi1CbkNSaC1P
U3poZlF5RTRFZGNvay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAJgICG5AWtWUsiZg
p7Zk4isd9gG5TZFKmxWr8377Qs/0VuMo+6kGDBcsjU2h8thnQ3MTH/dVeOdNQ5ld
Ne9fcof20Lmr2I3Nvyix2u24gu+I1/6edkMqpAs20ZlOymZ2N1o4MutgWxm+Yzui
MLFX1tN9TalY5F84Y7NdJ9IcFDUWAmjUVi0TCPQORTItqgk3Vbq2i+CCyIrPXqMz
NQk5Ky9tk+8EwDuxryYcDGnUT3c3JpvKE92yMN8gJLcmCaQWKBDAKYQN8MOKh6Yj
yXOZgkfcqMnz0q4WpBugE8ROAJA9qAMCvG1UA8UeKcacwViKDnx+93pVki5g9D5x
tN1A16U=
-----END CERTIFICATE-----
Generated at Sun Jul 20 12:38:36 2025 by rpki-client