Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/6EbyMptQVMbUCCK2UswqtYIma4E.roa
File: 6EbyMptQVMbUCCK2UswqtYIma4E.roa (raw, json)
Hash identifier: qAeqcyCzV3IywXx1i/nnqH7QZ4XU68HLWl92MrdSSIM=
Subject key identifier: E8:46:F2:32:9B:50:54:C6:D4:08:22:B6:52:CC:2A:B5:82:26:6B:81
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 5346
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/6EbyMptQVMbUCCK2UswqtYIma4E.roa
Signing time: Thu 09 May 2024 14:53:57 +0000
ROA not before: Thu 09 May 2024 14:53:57 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21318 (0x5346)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 9 14:53:57 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=E846F2329B5054C6D40822B652CC2AB582266B81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:b3:3f:65:35:bb:48:b0:a3:45:63:67:25:9c:
3d:3a:6b:95:dd:97:d8:1d:53:47:2a:34:61:4c:c5:
05:8e:d1:26:7d:2d:3f:53:5b:ea:fb:00:04:68:e0:
c2:a0:1e:17:55:59:4c:5b:3f:1e:4e:bf:57:1b:6a:
f8:b3:1a:79:6d:d3:6b:df:79:e5:16:5e:0b:60:14:
b9:1b:0d:d7:85:14:bc:8e:1e:57:97:0b:00:3a:9a:
77:aa:f9:ba:50:6a:ad:59:a1:f3:24:c4:99:7c:5b:
d2:16:7e:3d:d5:65:d4:49:80:19:76:1d:93:a4:cb:
c3:ce:76:94:ac:8f:37:c1:67:e4:41:d8:a9:c2:25:
56:9c:69:b2:ed:ac:05:1a:cd:1f:58:d5:af:5e:50:
36:b0:4e:80:24:22:28:a2:d1:14:76:b4:5c:26:61:
d8:34:40:1a:44:3c:f9:dc:3d:5e:7c:5f:73:6a:c8:
00:ae:56:69:0e:18:d4:04:23:8b:68:70:03:d4:95:
20:02:c1:a0:97:82:cd:ca:63:63:ff:5b:25:ee:3b:
a9:e7:e2:04:1c:f7:09:2d:ab:dd:8c:d5:2b:1c:3a:
88:fe:19:16:1c:5b:bf:7f:06:28:a4:e3:3a:f0:6b:
b5:7e:e5:31:df:4e:49:74:ba:f9:6d:84:04:d6:0c:
09:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:46:F2:32:9B:50:54:C6:D4:08:22:B6:52:CC:2A:B5:82:26:6B:81
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/6EbyMptQVMbUCCK2UswqtYIma4E.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
a7:77:0b:cc:0a:67:88:ca:06:f6:2d:a4:0f:0f:e0:b7:8d:77:
69:22:79:0c:d7:b4:7e:75:bd:b3:78:09:04:31:4d:84:47:5e:
84:d3:ab:4d:77:83:c8:80:a4:b8:4e:f3:52:a6:cc:f6:a7:7c:
96:27:e3:21:46:c4:73:ab:f2:1e:a2:05:c5:8a:c2:58:92:0c:
29:10:4d:a2:82:b0:45:2c:75:6a:58:f4:d7:89:c2:7a:28:62:
9f:f2:f3:2b:c9:9e:23:93:b0:a9:10:fe:bf:c4:30:cf:58:c2:
a6:5a:af:a5:8a:6f:f2:d1:ec:35:6a:06:50:46:19:cd:94:70:
a9:ca:91:0e:af:18:1c:e4:30:66:f7:1c:d4:cd:6a:7c:86:b9:
91:d6:d9:23:0a:e6:de:00:c6:2f:21:4a:6f:5a:98:7d:89:fc:
00:35:df:77:e6:f1:34:32:5c:b3:f2:85:80:43:ae:b6:96:75:
e1:05:33:f6:6a:31:b5:23:a4:32:76:30:3c:4b:d2:a6:d6:e0:
23:95:c7:77:90:5a:a9:8e:a0:4b:2e:e9:51:e6:aa:ae:e8:d1:
dd:f0:3d:28:6a:99:d8:5c:e0:ad:af:27:67:ce:d1:c1:f9:7b:
ec:39:cd:b4:49:75:db:68:d1:cb:23:42:a2:69:77:11:4b:93:
34:51:71:a7
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICU0YwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDkx
NDUzNTdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEU4NDZGMjMyOUI1MDU0
QzZENDA4MjJCNjUyQ0MyQUI1ODIyNjZCODEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDGsz9lNbtIsKNFY2clnD06a5Xdl9gdU0cqNGFMxQWO0SZ9LT9T
W+r7AARo4MKgHhdVWUxbPx5Ov1cbavizGnlt02vfeeUWXgtgFLkbDdeFFLyOHleX
CwA6mneq+bpQaq1ZofMkxJl8W9IWfj3VZdRJgBl2HZOky8POdpSsjzfBZ+RB2KnC
JVacabLtrAUazR9Y1a9eUDawToAkIiii0RR2tFwmYdg0QBpEPPncPV58X3NqyACu
VmkOGNQEI4tocAPUlSACwaCXgs3KY2P/WyXuO6nn4gQc9wktq92M1SscOoj+GRYc
W79/Biik4zrwa7V+5THfTkl0uvlthATWDAkDAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQU6EbyMptQVMbUCCK2UswqtYIma4EwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzZFYnlNcHRRVk1iVUND
SzJVc3dxdFlJbWE0RS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAp3cLzApniMoG9i2kDw/gt413aSJ5DNe0
fnW9s3gJBDFNhEdehNOrTXeDyICkuE7zUqbM9qd8lifjIUbEc6vyHqIFxYrCWJIM
KRBNooKwRSx1alj014nCeihin/LzK8meI5OwqRD+v8Qwz1jCplqvpYpv8tHsNWoG
UEYZzZRwqcqRDq8YHOQwZvcc1M1qfIa5kdbZIwrm3gDGLyFKb1qYfYn8ADXfd+bx
NDJcs/KFgEOutpZ14QUz9moxtSOkMnYwPEvSptbgI5XHd5BaqY6gSy7pUeaqrujR
3fA9KGqZ2Fzgra8nZ87Rwfl77DnNtEl122jRyyNComl3EUuTNFFxpw==
-----END CERTIFICATE-----
Generated at Thu May 9 21:56:18 2024 by rpki-client on console.sobornost.net