Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/mXqpjIo8qMBV8vDWdVQUH_iVWso.roa
File: mXqpjIo8qMBV8vDWdVQUH_iVWso.roa (raw, json)
Hash identifier: 89H3zAWvhkrOhrLCDPG8xJ28/9LzbDAXKqQQeF2zZ0Q=
Subject key identifier: 99:7A:A9:8C:8A:3C:A8:C0:55:F2:F0:D6:75:54:14:1F:F8:95:5A:CA
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4461
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/mXqpjIo8qMBV8vDWdVQUH_iVWso.roa
Signing time: Fri 19 Apr 2024 18:23:00 +0000
ROA not before: Fri 19 Apr 2024 18:23:00 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17505 (0x4461)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 19 18:23:00 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=997AA98C8A3CA8C055F2F0D67554141FF8955ACA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:50:8e:3b:4d:52:5a:4f:61:f1:ca:79:d5:ef:
be:0e:66:86:ab:99:33:d2:cc:bd:df:fc:9a:dc:25:
0b:12:dd:e4:a7:ad:30:3e:3c:52:59:c4:02:8b:8c:
fc:61:d3:75:84:4c:de:83:df:78:29:b0:84:96:03:
e6:4c:22:e9:9c:a4:ff:3a:ec:89:b4:24:8c:b1:62:
a3:c1:80:b9:5e:4e:66:b2:81:94:c4:11:5b:b2:f2:
71:7b:f8:69:d9:27:60:19:df:01:8f:3b:dc:69:d1:
a3:c9:d6:3a:54:9b:bf:09:42:c0:ec:75:d9:a4:74:
7c:76:8a:20:0d:c5:a2:d5:67:60:05:77:e7:9c:e2:
14:d2:f7:d6:b6:fa:3f:d1:f7:39:61:d9:d0:00:16:
7a:ec:88:ad:9a:59:2c:c7:af:fe:1a:b0:40:ac:b3:
1d:a3:c1:9b:5a:11:dd:b1:77:01:7e:24:80:59:4b:
42:63:11:84:f0:65:90:d9:4f:72:f4:a8:99:1a:25:
52:a9:c7:1c:6b:c9:d9:e3:5b:ee:3e:cf:4e:23:a2:
14:a4:cc:d6:55:2f:04:7f:28:e7:9d:fc:8b:24:c6:
2e:a9:11:7b:32:da:28:46:4a:03:15:eb:d6:33:aa:
47:68:81:a0:85:04:19:c5:9a:a4:51:16:be:c4:2e:
1b:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:7A:A9:8C:8A:3C:A8:C0:55:F2:F0:D6:75:54:14:1F:F8:95:5A:CA
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/mXqpjIo8qMBV8vDWdVQUH_iVWso.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
27:fe:c4:71:48:8a:3c:b3:8b:bb:3d:6b:54:71:d6:ab:1d:af:
34:08:3f:fa:e9:1e:3f:4b:b9:a7:d2:46:a1:c4:1f:fa:39:eb:
e5:1e:f5:fc:1e:f5:e8:1f:8b:35:3a:08:d0:ea:22:4a:bf:a6:
75:58:09:7f:79:71:2e:26:f3:f4:85:ba:17:c0:21:a8:b2:85:
cf:ce:86:a7:4e:21:36:f3:08:fb:c4:7f:86:91:8f:46:b7:57:
b5:bf:f4:05:30:a2:04:15:24:99:25:f6:01:8e:73:53:15:07:
ab:c1:3d:17:a1:7e:d1:6f:6b:6a:cf:01:6a:3c:28:71:98:a1:
21:4e:9c:d1:70:30:b2:4a:06:7d:f8:d1:30:6b:67:a3:a3:d4:
45:6a:3d:5c:28:73:90:8e:0a:aa:1c:9e:f3:58:1b:bc:3a:dc:
68:16:4c:45:10:7e:4c:36:d7:72:d0:97:11:3b:f0:cb:7b:01:
45:31:f8:0b:a4:e0:41:a8:aa:4f:bd:f0:1f:52:ae:6b:dc:78:
5a:da:81:ba:f1:62:1b:b6:f3:df:67:53:f8:e6:a4:bc:39:16:
b7:b3:e6:62:bc:3b:15:cc:f8:5a:df:a8:44:0e:7d:3c:81:5b:
aa:40:77:f4:b3:96:9a:8f:0b:6e:e2:03:e0:c5:42:91:bf:5c:
49:0d:3d:98
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICRGEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTkx
ODIzMDBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDk5N0FBOThDOEEzQ0E4
QzA1NUYyRjBENjc1NTQxNDFGRjg5NTVBQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDJUI47TVJaT2HxynnV774OZoarmTPSzL3f/JrcJQsS3eSnrTA+
PFJZxAKLjPxh03WETN6D33gpsISWA+ZMIumcpP867Im0JIyxYqPBgLleTmaygZTE
EVuy8nF7+GnZJ2AZ3wGPO9xp0aPJ1jpUm78JQsDsddmkdHx2iiANxaLVZ2AFd+ec
4hTS99a2+j/R9zlh2dAAFnrsiK2aWSzHr/4asECssx2jwZtaEd2xdwF+JIBZS0Jj
EYTwZZDZT3L0qJkaJVKpxxxrydnjW+4+z04johSkzNZVLwR/KOed/Iskxi6pEXsy
2ihGSgMV69YzqkdogaCFBBnFmqRRFr7ELhvLAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUmXqpjIo8qMBV8vDWdVQUH/iVWsowHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L21YcXBqSW84cU1CVjh2
RFdkVlFVSF9pVldzby5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBACf+xHFIijyzi7s9
a1Rx1qsdrzQIP/rpHj9LuafSRqHEH/o56+Ue9fwe9egfizU6CNDqIkq/pnVYCX95
cS4m8/SFuhfAIaiyhc/OhqdOITbzCPvEf4aRj0a3V7W/9AUwogQVJJkl9gGOc1MV
B6vBPRehftFva2rPAWo8KHGYoSFOnNFwMLJKBn340TBrZ6Oj1EVqPVwoc5COCqoc
nvNYG7w63GgWTEUQfkw213LQlxE78Mt7AUUx+Auk4EGoqk+98B9SrmvceFragbrx
Yhu2899nU/jmpLw5Frez5mK8OxXM+FrfqEQOfTyBW6pAd/SzlpqPC27iA+DFQpG/
XEkNPZg=
-----END CERTIFICATE-----
Generated at Fri Apr 19 19:21:45 2024 by rpki-client on console-fra.rpki-client.org