Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/6RecboJZ5qdhjryRPaJT9OHQQ04.roa
File: 6RecboJZ5qdhjryRPaJT9OHQQ04.roa (raw, json)
Hash identifier: wG9lbVZ9kjVdbC7L9qT8hNFM1iGhsj04TwDgJt/+TjY=
Subject key identifier: E9:17:9C:6E:82:59:E6:A7:61:8E:BC:91:3D:A2:53:F4:E1:D0:43:4E
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4385
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/6RecboJZ5qdhjryRPaJT9OHQQ04.roa
Signing time: Thu 18 Apr 2024 14:53:00 +0000
ROA not before: Thu 18 Apr 2024 14:53:00 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17285 (0x4385)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 18 14:53:00 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=E9179C6E8259E6A7618EBC913DA253F4E1D0434E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fa:80:4c:ab:cc:1d:45:e8:1e:65:a4:b3:7d:cb:
0c:7a:c7:ae:11:ab:69:f4:bd:36:66:37:95:be:08:
fe:25:ce:f6:c7:b0:cd:f1:a6:99:c7:78:fc:8c:a8:
ff:77:0c:89:cd:f4:0b:19:46:34:cc:cf:54:5b:61:
b4:61:08:db:65:44:ed:dc:fc:10:d5:96:14:e6:f1:
34:90:42:f1:01:b4:42:c8:0f:99:0c:74:62:d0:74:
48:19:af:31:c0:5a:a0:c7:9e:71:63:5c:10:9e:45:
2d:cf:99:63:7c:cb:f4:b4:27:7b:4e:56:ab:9e:4d:
bf:89:24:9a:77:9b:82:48:a2:82:bd:be:88:6d:9b:
52:c0:34:56:6e:2d:ad:77:8d:42:cb:67:b6:8b:b0:
52:e6:30:20:d1:9e:e2:29:95:1b:7d:5d:1c:d7:66:
30:3e:09:07:72:8e:c9:6a:5c:6d:ae:60:2f:62:d6:
8a:75:0e:6b:fe:19:f2:74:48:97:bc:77:11:f2:64:
57:e0:b8:71:1a:75:ab:f8:3c:5f:0e:f8:8a:3c:3d:
9c:90:39:81:77:18:b4:25:af:57:a8:7b:30:f7:7c:
8a:40:84:f0:dc:aa:55:70:56:29:45:a0:04:34:d7:
df:46:54:82:0b:14:86:46:fb:89:a8:46:13:23:a8:
b4:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:17:9C:6E:82:59:E6:A7:61:8E:BC:91:3D:A2:53:F4:E1:D0:43:4E
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/6RecboJZ5qdhjryRPaJT9OHQQ04.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
a8:64:36:68:04:29:65:15:89:5e:7b:7f:4d:db:a6:cb:9c:59:
7a:bf:a2:b7:da:9d:51:eb:5c:4f:6c:57:2f:21:f7:98:87:12:
0a:7f:58:eb:42:56:16:e2:02:75:c0:a6:d4:a8:b7:fa:a1:2c:
73:c6:b3:92:ca:09:53:9f:e1:86:5f:b7:ba:93:e6:7c:95:6c:
f2:a4:66:be:cd:27:88:7f:22:95:b5:38:49:f7:8c:bc:4a:dc:
ba:78:17:02:43:d5:87:66:32:0d:12:df:1f:fa:0e:9c:40:94:
1d:e6:97:05:4b:bd:b4:96:80:e7:3e:65:b6:70:dd:3c:9a:4e:
bc:1d:b9:bc:8a:bd:15:33:9c:66:ff:7c:6c:da:19:3f:91:0d:
24:a7:e5:f3:55:0d:27:e4:77:b7:56:a7:a2:fd:00:27:63:d6:
1c:90:60:c5:a9:39:91:5c:f4:7a:04:a5:37:42:7d:0f:74:47:
3b:4b:ca:07:19:fb:fb:d6:6d:e6:d1:38:54:15:53:9d:08:16:
06:15:55:e5:82:4e:e9:e3:73:ea:d3:72:e0:99:d6:4c:e4:43:
2b:e7:c1:b8:4c:d3:ea:3a:46:ef:80:1f:de:df:c6:64:68:60:
09:06:5b:ed:02:2a:ab:1d:48:7e:cf:ab:fb:90:7a:d4:e7:5a:
40:15:cd:83
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICQ4UwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTgx
NDUzMDBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEU5MTc5QzZFODI1OUU2
QTc2MThFQkM5MTNEQTI1M0Y0RTFEMDQzNEUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQD6gEyrzB1F6B5lpLN9ywx6x64Rq2n0vTZmN5W+CP4lzvbHsM3x
ppnHePyMqP93DInN9AsZRjTMz1RbYbRhCNtlRO3c/BDVlhTm8TSQQvEBtELID5kM
dGLQdEgZrzHAWqDHnnFjXBCeRS3PmWN8y/S0J3tOVqueTb+JJJp3m4JIooK9voht
m1LANFZuLa13jULLZ7aLsFLmMCDRnuIplRt9XRzXZjA+CQdyjslqXG2uYC9i1op1
Dmv+GfJ0SJe8dxHyZFfguHEadav4PF8O+Io8PZyQOYF3GLQlr1eoezD3fIpAhPDc
qlVwVilFoAQ0199GVIILFIZG+4moRhMjqLRxAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQU6RecboJZ5qdhjryRPaJT9OHQQ04wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzZSZWNib0paNXFkaGpy
eVJQYUpUOU9IUVEwNC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAKhkNmgEKWUViV57
f03bpsucWXq/orfanVHrXE9sVy8h95iHEgp/WOtCVhbiAnXAptSot/qhLHPGs5LK
CVOf4YZft7qT5nyVbPKkZr7NJ4h/IpW1OEn3jLxK3Lp4FwJD1YdmMg0S3x/6DpxA
lB3mlwVLvbSWgOc+ZbZw3TyaTrwdubyKvRUznGb/fGzaGT+RDSSn5fNVDSfkd7dW
p6L9ACdj1hyQYMWpOZFc9HoEpTdCfQ90RztLygcZ+/vWbebROFQVU50IFgYVVeWC
Tunjc+rTcuCZ1kzkQyvnwbhM0+o6Ru+AH97fxmRoYAkGW+0CKqsdSH7Pq/uQetTn
WkAVzYM=
-----END CERTIFICATE-----
Generated at Thu Apr 18 22:00:44 2024 by rpki-client on console.sobornost.net