Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/6jrbyjEavQpkk3_6ZZSj0sz_SEM.roa
File: 6jrbyjEavQpkk3_6ZZSj0sz_SEM.roa (raw, json)
Hash identifier: xIikCCTtrGg1gUp5RTHGjbXVqO89Aca3xROqIru025E=
Subject key identifier: EA:3A:DB:CA:31:1A:BD:0A:64:93:7F:FA:65:94:A3:D2:CC:FF:48:43
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 541A
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/6jrbyjEavQpkk3_6ZZSj0sz_SEM.roa
Signing time: Fri 10 May 2024 17:24:28 +0000
ROA not before: Fri 10 May 2024 17:24:28 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21530 (0x541a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 10 17:24:28 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=EA3ADBCA311ABD0A64937FFA6594A3D2CCFF4843
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:f5:57:61:b6:ea:cf:a6:ab:ef:c7:1e:fd:49:
0a:59:cd:82:49:6d:63:2c:5b:55:99:fd:ef:1f:58:
8f:1c:96:b8:45:ce:d7:19:9d:69:00:b0:14:36:7a:
af:94:48:2e:c4:dc:85:c9:8c:cf:43:49:e9:e0:ec:
ca:ee:fa:49:cd:4f:81:b3:30:88:83:7c:2c:43:ae:
2a:19:26:28:63:05:fc:bf:87:49:fd:2b:79:5f:f4:
d7:4e:dd:af:2a:50:cf:18:35:c3:51:24:82:2a:2b:
ac:b9:b1:bc:55:7a:11:fd:c0:d4:97:a9:66:49:b6:
4c:25:87:fb:66:de:92:fd:d2:0c:58:12:3e:b6:52:
4d:f5:70:a8:46:bb:d4:b9:75:2c:9f:0a:03:65:dc:
7b:56:95:87:5a:50:74:d5:37:01:3c:ec:07:fa:8c:
00:e4:1d:6f:b3:81:25:4d:93:54:f8:b7:af:9f:c7:
a3:8d:a4:02:ea:bb:fa:ec:20:3f:84:8b:f4:00:4a:
a6:5b:42:2e:29:02:45:d5:9a:10:13:eb:da:50:da:
d0:7e:4a:db:07:a9:da:36:be:94:4b:d6:2a:d9:30:
7d:bd:c9:fc:5e:39:d4:b7:94:60:cb:b3:33:e6:c8:
87:76:79:87:1b:a1:75:78:fd:62:06:b0:99:71:89:
a8:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:3A:DB:CA:31:1A:BD:0A:64:93:7F:FA:65:94:A3:D2:CC:FF:48:43
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/6jrbyjEavQpkk3_6ZZSj0sz_SEM.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
7e:ff:5d:7c:45:de:7c:17:dd:b6:54:b4:53:be:e0:81:be:c2:
c2:49:f7:bc:55:5d:eb:42:3a:12:fe:c1:94:cd:60:09:e9:1d:
36:17:be:d0:ce:8b:cf:56:37:91:52:9c:0f:e5:7f:35:23:5b:
34:6a:14:5f:83:7d:d9:5b:e9:50:c2:23:4c:5b:b2:68:60:b0:
78:a2:19:01:e7:fa:ee:f1:1e:d5:bb:df:ef:89:89:64:32:14:
df:af:68:88:c0:0c:79:6d:50:26:6f:3f:65:6d:23:a0:21:5e:
68:a2:72:40:ac:ec:83:81:ea:41:21:87:6b:9e:a9:64:72:1d:
a6:91:1f:b4:3f:b7:18:e4:57:e1:d3:ed:d4:4e:7a:c4:18:40:
36:9d:82:5a:62:31:d4:55:ca:92:3e:bb:89:02:4c:d4:e3:9c:
c4:5e:0e:d8:72:41:b9:f5:6e:25:fb:b5:08:34:92:e2:4e:ff:
8d:81:41:a6:fd:91:01:2c:ae:c5:a6:8f:d6:da:be:fa:88:bd:
1d:59:cf:29:d8:af:ad:46:e0:a7:46:68:e7:a2:0b:9a:38:1b:
dd:cf:ea:61:1b:9b:ce:89:e3:90:63:24:38:11:1a:5a:f4:40:
96:05:7c:e8:29:34:9d:b9:6d:b9:f1:f1:08:1a:d9:bd:39:2e:
49:9d:cd:8e
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICVBowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MTAx
NzI0MjhaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEVBM0FEQkNBMzExQUJE
MEE2NDkzN0ZGQTY1OTRBM0QyQ0NGRjQ4NDMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC19VdhturPpqvvxx79SQpZzYJJbWMsW1WZ/e8fWI8clrhFztcZ
nWkAsBQ2eq+USC7E3IXJjM9DSeng7Mru+knNT4GzMIiDfCxDrioZJihjBfy/h0n9
K3lf9NdO3a8qUM8YNcNRJIIqK6y5sbxVehH9wNSXqWZJtkwlh/tm3pL90gxYEj62
Uk31cKhGu9S5dSyfCgNl3HtWlYdaUHTVNwE87Af6jADkHW+zgSVNk1T4t6+fx6ON
pALqu/rsID+Ei/QASqZbQi4pAkXVmhAT69pQ2tB+StsHqdo2vpRL1irZMH29yfxe
OdS3lGDLszPmyId2eYcboXV4/WIGsJlxiagZAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQU6jrbyjEavQpkk3/6ZZSj0sz/SEMwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzZqcmJ5akVhdlFwa2sz
XzZaWlNqMHN6X1NFTS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAfv9dfEXefBfdtlS0U77ggb7Cwkn3vFVd
60I6Ev7BlM1gCekdNhe+0M6Lz1Y3kVKcD+V/NSNbNGoUX4N92VvpUMIjTFuyaGCw
eKIZAef67vEe1bvf74mJZDIU369oiMAMeW1QJm8/ZW0joCFeaKJyQKzsg4HqQSGH
a56pZHIdppEftD+3GORX4dPt1E56xBhANp2CWmIx1FXKkj67iQJM1OOcxF4O2HJB
ufVuJfu1CDSS4k7/jYFBpv2RASyuxaaP1tq++oi9HVnPKdivrUbgp0Zo56ILmjgb
3c/qYRubzonjkGMkOBEaWvRAlgV86Ck0nbltufHxCBrZvTkuSZ3Njg==
-----END CERTIFICATE-----
Generated at Fri May 10 21:04:12 2024 by rpki-client on console.sobornost.net