Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/5JR5BqZtlZBGQWQ-diiGKBCaFIw.roa
File: 5JR5BqZtlZBGQWQ-diiGKBCaFIw.roa (raw, json)
Hash identifier: R0MmlFXe5g3s3POdU9Gdi0kP6A3QuSS15GNIkl3pNZA=
Subject key identifier: E4:94:79:06:A6:6D:95:90:46:41:64:3E:76:28:86:28:10:9A:14:8C
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4236
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/5JR5BqZtlZBGQWQ-diiGKBCaFIw.roa
Signing time: Tue 16 Apr 2024 20:52:58 +0000
ROA not before: Tue 16 Apr 2024 20:52:58 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16950 (0x4236)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 16 20:52:58 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=E4947906A66D95904641643E76288628109A148C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:92:67:43:0d:bd:e7:40:50:18:f1:2c:23:b9:
f4:20:cd:a7:7e:7f:37:52:63:de:0e:b2:2d:61:23:
9a:33:60:d2:98:c4:a5:df:f8:c7:2e:6a:4c:81:8f:
14:df:7b:65:b5:1b:b0:a2:2e:b1:0a:74:44:79:b5:
35:5a:b7:2c:35:b1:36:81:ea:93:3c:89:7f:e7:f4:
dc:ec:ba:dc:3e:17:67:99:5c:8b:28:db:18:db:c1:
6a:df:3d:31:c6:5e:6a:3f:fc:3f:38:5d:c2:8b:ad:
bd:68:96:c3:96:32:6e:5e:12:ce:5f:42:07:14:1f:
da:70:db:ec:cd:d3:d1:31:7e:01:da:92:f5:4e:40:
40:7f:e8:d9:68:2c:03:1b:1f:ca:65:c6:8a:c7:2d:
6a:ed:df:e2:6d:68:61:bd:5c:a7:3d:d4:fb:0e:ac:
03:95:1b:4e:8e:f3:22:9d:94:89:c8:16:bc:33:ca:
22:1d:1f:89:2f:79:2a:21:06:eb:5e:b1:49:ae:8a:
c4:43:16:82:12:26:c4:ae:16:42:e5:8e:92:40:4b:
5c:53:04:6e:78:ce:4e:fc:5c:6f:ea:30:4e:16:26:
1b:06:07:cd:d7:5a:14:68:36:01:ed:48:47:57:fb:
fe:9d:0d:13:96:76:ae:d8:c5:04:a6:9a:45:db:f4:
6a:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:94:79:06:A6:6D:95:90:46:41:64:3E:76:28:86:28:10:9A:14:8C
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/5JR5BqZtlZBGQWQ-diiGKBCaFIw.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
9b:14:8d:c2:f5:f3:a9:21:66:9e:ec:f7:b6:c5:71:1f:c5:42:
bc:82:7f:f0:f6:46:76:c1:80:2e:cd:a4:8b:70:92:bc:33:06:
e9:28:ab:5f:1b:a5:8e:0d:fc:bb:39:75:94:8a:08:cc:10:e8:
07:09:f4:f6:7b:24:77:b3:90:6f:0d:1a:a6:33:46:89:00:46:
73:28:22:42:75:b7:49:6e:19:9a:c6:f8:0a:39:99:ae:ce:88:
69:06:5f:98:44:d7:70:d1:07:cf:b8:c8:01:72:de:29:19:dd:
2f:45:5c:f7:05:bf:2d:36:be:52:39:a6:af:18:38:4b:eb:ac:
4d:40:c8:4e:9c:cc:2c:8c:3e:f4:80:cb:a7:17:b6:be:d8:94:
4c:9e:86:c8:05:25:f1:14:9b:70:85:11:d2:0d:ff:c1:a2:eb:
61:e7:8c:af:29:26:b5:e6:99:e5:10:f9:8b:86:15:3b:42:9d:
07:7c:22:dc:cc:7d:3f:e7:ec:ac:90:55:2b:91:4d:ac:cf:93:
2f:6c:5f:47:c9:d4:83:b0:9e:18:40:84:7f:1c:11:67:ad:d8:
a7:42:50:56:2b:5d:7f:b9:e5:a4:37:bc:60:3a:4c:49:19:46:
50:e0:7f:56:78:ad:cd:d5:be:ca:80:d6:18:92:57:5f:2d:46:
c6:76:14:3a
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICQjYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTYy
MDUyNThaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEU0OTQ3OTA2QTY2RDk1
OTA0NjQxNjQzRTc2Mjg4NjI4MTA5QTE0OEMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCkkmdDDb3nQFAY8SwjufQgzad+fzdSY94Osi1hI5ozYNKYxKXf
+McuakyBjxTfe2W1G7CiLrEKdER5tTVatyw1sTaB6pM8iX/n9Nzsutw+F2eZXIso
2xjbwWrfPTHGXmo//D84XcKLrb1olsOWMm5eEs5fQgcUH9pw2+zN09ExfgHakvVO
QEB/6NloLAMbH8plxorHLWrt3+JtaGG9XKc91PsOrAOVG06O8yKdlInIFrwzyiId
H4kveSohButesUmuisRDFoISJsSuFkLljpJAS1xTBG54zk78XG/qME4WJhsGB83X
WhRoNgHtSEdX+/6dDROWdq7YxQSmmkXb9GqPAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQU5JR5BqZtlZBGQWQ+diiGKBCaFIwwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzVKUjVCcVp0bFpCR1FX
US1kaWlHS0JDYUZJdy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAmxSNwvXzqSFmnuz3tsVxH8VCvIJ/8PZG
dsGALs2ki3CSvDMG6SirXxuljg38uzl1lIoIzBDoBwn09nskd7OQbw0apjNGiQBG
cygiQnW3SW4Zmsb4CjmZrs6IaQZfmETXcNEHz7jIAXLeKRndL0Vc9wW/LTa+Ujmm
rxg4S+usTUDITpzMLIw+9IDLpxe2vtiUTJ6GyAUl8RSbcIUR0g3/waLrYeeMrykm
teaZ5RD5i4YVO0KdB3wi3Mx9P+fsrJBVK5FNrM+TL2xfR8nUg7CeGECEfxwRZ63Y
p0JQVitdf7nlpDe8YDpMSRlGUOB/VnitzdW+yoDWGJJXXy1GxnYUOg==
-----END CERTIFICATE-----
Generated at Wed Apr 17 04:19:29 2024 by rpki-client on console.sobornost.net