Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/5gsEizIREHOTh3hYro96EVqe7j8.roa
File: 5gsEizIREHOTh3hYro96EVqe7j8.roa (raw, json)
Hash identifier: 7ai5lWHEFm7G/PcyXF+sz4XPPqaJyMBRLkl8sxD/Ilw=
Subject key identifier: E6:0B:04:8B:32:11:10:73:93:87:78:58:AE:8F:7A:11:5A:9E:EE:3F
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3421
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/5gsEizIREHOTh3hYro96EVqe7j8.roa
Signing time: Fri 29 Mar 2024 02:22:12 +0000
ROA not before: Fri 29 Mar 2024 02:22:12 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13345 (0x3421)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Mar 29 02:22:12 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=E60B048B3211107393877858AE8F7A115A9EEE3F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:24:1b:9c:8d:81:33:b8:4e:38:eb:6d:fd:78:
5f:eb:09:87:2f:7a:2a:70:c6:60:e9:cc:d1:c7:ae:
b2:72:79:3e:6b:5e:7e:3d:89:05:1c:be:a2:26:b2:
d9:5b:ad:b2:b7:ff:1e:ea:96:dd:24:31:a7:db:3f:
58:7e:1b:7c:d6:f8:46:96:b5:8a:38:00:39:96:4b:
53:99:de:79:92:71:c0:1b:0f:62:b7:9d:bb:2e:b1:
a2:9c:26:b9:9e:a6:94:6f:3d:73:b4:06:9d:3f:d0:
55:3d:26:35:cb:27:88:a0:56:13:d0:62:1d:40:fd:
ec:d9:62:16:6d:26:15:da:17:d9:ef:c9:98:d5:1e:
5b:61:fd:35:2e:c1:f8:ac:68:66:c3:55:bc:d8:15:
1f:cc:29:98:2e:b5:46:2e:53:a7:90:bd:53:a7:c6:
88:ec:c9:37:b1:e9:da:c4:25:c0:b7:67:13:8a:c3:
f5:cc:57:39:b6:e1:b3:f7:1d:6f:92:0c:f7:ea:15:
33:75:27:7d:b3:99:78:22:d6:7d:49:26:6d:8f:62:
1b:3a:52:29:f4:19:7a:2b:ae:a2:d8:88:c0:ca:b1:
e2:04:31:83:c6:f6:85:9b:1e:de:bd:5e:98:1a:da:
de:81:11:68:b9:2d:5e:56:e2:2e:31:73:c0:ca:d5:
af:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:0B:04:8B:32:11:10:73:93:87:78:58:AE:8F:7A:11:5A:9E:EE:3F
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/5gsEizIREHOTh3hYro96EVqe7j8.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
8f:5c:68:96:b6:e4:1d:b6:39:ad:0a:e8:4d:20:03:26:21:f2:
97:14:3b:62:e1:9f:81:ef:e3:d4:e6:c0:40:9c:29:cb:cd:29:
81:dc:08:d8:13:3a:e2:76:f1:c6:62:fd:fa:ae:ec:ba:5e:43:
af:c6:9d:e5:52:7b:94:5e:4b:76:e4:1a:f7:22:ac:97:04:60:
d3:91:bf:63:ae:b6:e7:f3:fa:93:c9:02:7e:d3:71:1e:1a:a2:
48:42:c6:ce:78:2c:bd:83:b4:85:2f:fd:d5:10:14:d3:33:0d:
cd:00:ab:c5:ec:e4:2b:f6:a2:b8:51:9c:f6:54:5c:90:09:92:
c0:1e:61:3e:10:f1:58:97:45:26:43:a5:9e:51:84:22:97:a2:
2c:6e:29:3d:39:cc:fd:b3:38:31:b1:6a:b4:4e:27:97:25:8d:
f8:dd:8d:4f:ba:a4:e8:81:c3:ce:32:da:c1:f8:4c:ae:c0:55:
e4:c0:2e:e0:99:7f:4c:33:0a:18:c2:7d:0d:11:40:4f:36:9a:
d1:e6:41:c6:96:df:17:ec:2f:a6:53:dd:59:14:29:f7:e7:5d:
73:d4:60:a4:b5:35:db:ba:bf:4b:fe:26:da:30:9d:66:59:6f:
c1:92:29:ff:83:6e:3c:a5:d7:7d:90:0b:1d:e2:74:59:a7:34:
cd:ff:2f:2b
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICNCEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDAzMjkw
MjIyMTJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEU2MEIwNDhCMzIxMTEw
NzM5Mzg3Nzg1OEFFOEY3QTExNUE5RUVFM0YwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCaJBucjYEzuE446239eF/rCYcveipwxmDpzNHHrrJyeT5rXn49
iQUcvqImstlbrbK3/x7qlt0kMafbP1h+G3zW+EaWtYo4ADmWS1OZ3nmSccAbD2K3
nbsusaKcJrmeppRvPXO0Bp0/0FU9JjXLJ4igVhPQYh1A/ezZYhZtJhXaF9nvyZjV
Hlth/TUuwfisaGbDVbzYFR/MKZgutUYuU6eQvVOnxojsyTex6drEJcC3ZxOKw/XM
Vzm24bP3HW+SDPfqFTN1J32zmXgi1n1JJm2PYhs6Uin0GXorrqLYiMDKseIEMYPG
9oWbHt69Xpga2t6BEWi5LV5W4i4xc8DK1a8xAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQU5gsEizIREHOTh3hYro96EVqe7j8wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzVnc0VpeklSRUhPVGgz
aFlybzk2RVZxZTdqOC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAI9caJa25B22Oa0K
6E0gAyYh8pcUO2Lhn4Hv49TmwECcKcvNKYHcCNgTOuJ28cZi/fqu7LpeQ6/GneVS
e5ReS3bkGvcirJcEYNORv2Outufz+pPJAn7TcR4aokhCxs54LL2DtIUv/dUQFNMz
Dc0Aq8Xs5Cv2orhRnPZUXJAJksAeYT4Q8ViXRSZDpZ5RhCKXoixuKT05zP2zODGx
arROJ5cljfjdjU+6pOiBw84y2sH4TK7AVeTALuCZf0wzChjCfQ0RQE82mtHmQcaW
3xfsL6ZT3VkUKffnXXPUYKS1Ndu6v0v+JtownWZZb8GSKf+Dbjyl132QCx3idFmn
NM3/Lys=
-----END CERTIFICATE-----
Generated at Fri Mar 29 07:59:35 2024 by rpki-client on console.sobornost.net