Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/6nIerBhI8roOUMs8V4IdWXBC3Hk.roa
File: 6nIerBhI8roOUMs8V4IdWXBC3Hk.roa (raw, json)
Hash identifier: dqkIp5Tc9ge6HTXT6vI8gwyNXzdUoMWMxxyhhCVaAuA=
Subject key identifier: EA:72:1E:AC:18:48:F2:BA:0E:50:CB:3C:57:82:1D:59:70:42:DC:79
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 53E2
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/6nIerBhI8roOUMs8V4IdWXBC3Hk.roa
Signing time: Fri 10 May 2024 10:24:01 +0000
ROA not before: Fri 10 May 2024 10:24:01 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21474 (0x53e2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 10 10:24:01 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=EA721EAC1848F2BA0E50CB3C57821D597042DC79
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:30:20:e3:9f:3e:7c:2b:4b:65:82:3c:d8:9e:
d0:24:4f:42:74:03:47:95:da:cb:be:d0:7a:20:af:
03:1d:8d:70:cc:e2:33:6f:33:d9:94:11:a7:1d:83:
d0:20:4d:5e:dc:24:fc:c8:59:46:1b:3f:3f:50:1f:
e9:c3:36:4c:5e:28:c3:8b:4f:92:58:65:ed:11:c4:
77:21:1b:2b:94:1c:0d:3d:cf:54:54:8b:e4:d0:32:
9c:03:72:8b:49:b0:0a:32:11:5c:21:3e:c9:a9:19:
32:40:0f:e3:26:dc:0f:c2:0a:e2:d2:1a:44:96:2e:
dc:15:78:10:9f:3c:ca:45:b9:f5:f9:74:19:5d:d4:
8d:fd:bc:bc:6f:46:6b:c9:d5:5d:53:6e:8a:c1:78:
f0:7f:e4:e3:46:42:81:b8:de:56:62:3c:84:f5:7a:
04:8b:6e:d9:13:a7:42:60:71:5f:61:fd:d9:35:e7:
db:40:20:b2:37:60:fb:a4:2f:f0:80:1f:e0:80:29:
dd:66:81:b1:96:54:c7:a2:db:3b:15:5c:84:e6:91:
9f:bd:78:f0:28:0f:7f:40:87:68:b8:b2:25:6c:1a:
85:a0:fc:4c:9e:bc:0c:6e:43:ef:76:2d:0b:97:c5:
4d:2b:72:18:5a:60:0c:47:4b:7f:5a:f4:82:a8:06:
cc:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:72:1E:AC:18:48:F2:BA:0E:50:CB:3C:57:82:1D:59:70:42:DC:79
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/6nIerBhI8roOUMs8V4IdWXBC3Hk.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
09:57:4f:1e:0e:a5:7d:f8:cb:30:f5:a0:d4:db:3c:1e:4f:3b:
cb:3f:e4:2a:67:68:37:75:a9:97:42:c9:fd:01:f0:e6:d3:df:
e9:10:4b:a2:01:16:b3:fd:88:3b:71:4d:50:90:fd:85:27:50:
39:d7:b9:8f:c5:6f:58:ca:a7:78:d0:89:7d:2d:94:70:90:a8:
c6:8a:61:65:0d:9e:88:af:3b:b9:3a:2e:cc:76:b4:d0:35:12:
e9:0a:3b:39:6e:97:3a:57:c7:26:f9:b4:79:86:ad:1f:94:5e:
ba:73:a1:26:3e:7e:0b:48:3a:11:7b:9f:24:d2:ec:31:81:ae:
3d:1a:96:d3:c6:2e:10:a0:f1:ff:b9:ba:32:b8:68:56:07:ec:
e1:87:b7:9d:86:c8:4d:ba:92:01:c6:5a:57:72:1e:ee:a2:31:
e2:73:8c:34:b6:05:2a:b9:dc:a6:84:83:ba:20:e3:e5:18:68:
50:05:04:ff:4b:88:43:fb:f3:36:dc:5c:49:7e:a7:21:6f:ba:
54:b7:09:80:c4:7b:59:29:bd:3a:51:59:62:bc:a9:98:1c:4b:
06:b4:8e:00:eb:ca:f1:39:eb:84:7a:7f:82:34:c6:df:0b:26:
44:02:44:84:41:63:44:95:7e:c7:9c:44:48:cd:14:6d:1e:96:
37:3a:5b:00
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICU+IwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MTAx
MDI0MDFaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEVBNzIxRUFDMTg0OEYy
QkEwRTUwQ0IzQzU3ODIxRDU5NzA0MkRDNzkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC2MCDjnz58K0tlgjzYntAkT0J0A0eV2su+0HogrwMdjXDM4jNv
M9mUEacdg9AgTV7cJPzIWUYbPz9QH+nDNkxeKMOLT5JYZe0RxHchGyuUHA09z1RU
i+TQMpwDcotJsAoyEVwhPsmpGTJAD+Mm3A/CCuLSGkSWLtwVeBCfPMpFufX5dBld
1I39vLxvRmvJ1V1TborBePB/5ONGQoG43lZiPIT1egSLbtkTp0JgcV9h/dk159tA
ILI3YPukL/CAH+CAKd1mgbGWVMei2zsVXITmkZ+9ePAoD39Ah2i4siVsGoWg/Eye
vAxuQ+92LQuXxU0rchhaYAxHS39a9IKoBsxxAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQU6nIerBhI8roOUMs8V4IdWXBC3HkwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzZuSWVyQmhJOHJvT1VN
czhWNElkV1hCQzNIay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEACVdPHg6lffjLMPWg1Ns8Hk87yz/kKmdo
N3Wpl0LJ/QHw5tPf6RBLogEWs/2IO3FNUJD9hSdQOde5j8VvWMqneNCJfS2UcJCo
xophZQ2eiK87uTouzHa00DUS6Qo7OW6XOlfHJvm0eYatH5ReunOhJj5+C0g6EXuf
JNLsMYGuPRqW08YuEKDx/7m6MrhoVgfs4Ye3nYbITbqSAcZaV3Ie7qIx4nOMNLYF
KrncpoSDuiDj5RhoUAUE/0uIQ/vzNtxcSX6nIW+6VLcJgMR7WSm9OlFZYrypmBxL
BrSOAOvK8TnrhHp/gjTG3wsmRAJEhEFjRJV+x5xESM0UbR6WNzpbAA==
-----END CERTIFICATE-----
Generated at Fri May 10 16:33:18 2024 by rpki-client on console.sobornost.net