Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/-vCUXYFkAn5hRW5tiSVhKitxJ0U.roa
File: -vCUXYFkAn5hRW5tiSVhKitxJ0U.roa (raw, json)
Hash identifier: Vevu7dLxSI6q+v6+IKvmVBrtbu4jDKsUVKWk4z4oBMs=
Subject key identifier: FA:F0:94:5D:81:64:02:7E:61:45:6E:6D:89:25:61:2A:2B:71:27:45
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4069
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/-vCUXYFkAn5hRW5tiSVhKitxJ0U.roa
Signing time: Sun 14 Apr 2024 11:22:52 +0000
ROA not before: Sun 14 Apr 2024 11:22:52 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16489 (0x4069)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 14 11:22:52 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=FAF0945D8164027E61456E6D8925612A2B712745
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:d8:70:79:f2:2c:23:03:4e:76:ea:0b:1c:b6:
7c:43:70:20:7c:81:2b:98:b9:9e:b6:16:2f:2f:35:
26:b2:a9:fc:76:41:8f:d7:ca:b1:73:fe:39:df:da:
5b:e4:58:81:7d:7d:75:c2:e3:5e:59:5f:20:21:9a:
06:98:4f:cb:7d:8f:ba:9e:57:db:28:c3:86:5b:8d:
3d:7c:c3:b5:0a:bf:17:30:75:c9:b8:b7:cc:79:29:
11:44:88:0e:6a:a5:4d:23:ae:70:34:75:3e:77:62:
8d:62:c4:48:22:de:c5:70:ef:66:12:8c:99:26:80:
82:b2:08:99:e4:22:eb:9c:aa:0c:9d:f0:74:0e:6c:
0f:91:de:e5:f5:b3:2b:f9:6c:ef:36:6b:e1:ea:4e:
f3:eb:2f:85:de:84:b3:48:3e:e4:28:13:ec:1f:e1:
eb:b2:3f:a7:68:47:cd:64:c2:a2:8a:84:09:a2:63:
56:3e:8b:ff:0a:60:df:5c:59:c4:ec:dc:4f:cf:e8:
95:5b:68:78:97:84:93:40:26:ab:dd:54:75:3f:2b:
19:e5:5f:99:92:42:39:33:1a:17:54:fd:f3:ce:f3:
f1:53:58:06:f7:7b:60:ad:00:3d:31:ba:7f:05:92:
1d:2d:be:0d:dc:f8:50:9b:e1:40:2c:3a:1a:d0:a9:
a5:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:F0:94:5D:81:64:02:7E:61:45:6E:6D:89:25:61:2A:2B:71:27:45
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/-vCUXYFkAn5hRW5tiSVhKitxJ0U.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
74:ae:4e:ca:f6:f6:dd:88:98:fc:66:c3:bc:7f:f8:dc:eb:16:
a0:24:04:63:cb:5c:3b:2e:cd:19:ce:fa:b9:58:dc:46:e7:3f:
27:40:82:39:23:9f:05:03:57:bf:96:1e:df:f3:f0:f1:9b:ad:
38:a1:eb:74:0b:9a:60:60:31:e2:4c:0b:f8:be:81:de:da:42:
05:8c:91:65:d7:5f:39:d4:09:d6:83:de:6d:8b:4e:63:c8:7e:
03:9e:98:5d:8b:c3:7a:24:86:29:e4:22:b8:7d:7c:41:40:d5:
41:73:7b:81:47:90:dd:2a:8f:50:e2:2f:4c:7e:5c:ee:12:dd:
13:d4:3f:20:ab:2d:fe:a9:0e:7f:7d:b8:03:36:26:c3:b5:ca:
af:73:02:8a:62:f1:00:86:25:90:14:7f:26:57:88:3a:1a:b4:
00:13:58:2d:d5:e0:fc:31:31:f9:30:72:19:5e:c7:43:fc:54:
ef:03:ff:5a:ad:2b:98:17:09:72:a1:df:0d:0d:54:59:f4:25:
8b:60:8e:eb:7a:cb:f1:67:02:bb:fc:90:43:76:e8:80:fc:bf:
19:04:a9:92:7e:fe:99:72:c3:17:b0:61:4f:de:a9:c4:dd:ac:
3d:56:4a:48:4d:4b:b9:6e:6c:7a:3c:1b:44:9c:f4:35:a6:dd:
1e:f8:1b:aa
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICQGkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTQx
MTIyNTJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEZBRjA5NDVEODE2NDAy
N0U2MTQ1NkU2RDg5MjU2MTJBMkI3MTI3NDUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDH2HB58iwjA0526gsctnxDcCB8gSuYuZ62Fi8vNSayqfx2QY/X
yrFz/jnf2lvkWIF9fXXC415ZXyAhmgaYT8t9j7qeV9sow4ZbjT18w7UKvxcwdcm4
t8x5KRFEiA5qpU0jrnA0dT53Yo1ixEgi3sVw72YSjJkmgIKyCJnkIuucqgyd8HQO
bA+R3uX1syv5bO82a+HqTvPrL4XehLNIPuQoE+wf4euyP6doR81kwqKKhAmiY1Y+
i/8KYN9cWcTs3E/P6JVbaHiXhJNAJqvdVHU/KxnlX5mSQjkzGhdU/fPO8/FTWAb3
e2CtAD0xun8Fkh0tvg3c+FCb4UAsOhrQqaWlAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQU+vCUXYFkAn5hRW5tiSVhKitxJ0UwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3Ly12Q1VYWUZrQW41aFJX
NXRpU1ZoS2l0eEowVS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAHSuTsr29t2ImPxm
w7x/+NzrFqAkBGPLXDsuzRnO+rlY3EbnPydAgjkjnwUDV7+WHt/z8PGbrTih63QL
mmBgMeJMC/i+gd7aQgWMkWXXXznUCdaD3m2LTmPIfgOemF2Lw3okhinkIrh9fEFA
1UFze4FHkN0qj1DiL0x+XO4S3RPUPyCrLf6pDn99uAM2JsO1yq9zAopi8QCGJZAU
fyZXiDoatAATWC3V4PwxMfkwchlex0P8VO8D/1qtK5gXCXKh3w0NVFn0JYtgjut6
y/FnArv8kEN26ID8vxkEqZJ+/plywxewYU/eqcTdrD1WSkhNS7lubHo8G0Sc9DWm
3R74G6o=
-----END CERTIFICATE-----
Generated at Sun Apr 14 16:37:35 2024 by rpki-client on console.sobornost.net