Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/7IFDllPjKCLehI_NfJAR8F0OUdQ.roa
File: 7IFDllPjKCLehI_NfJAR8F0OUdQ.roa (raw, json)
Hash identifier: n9vaXazL0hTbALfLVv2JAQ8T5qi9zwMFlgxFH/9nWXg=
Subject key identifier: EC:81:43:96:53:E3:28:22:DE:84:8F:CD:7C:90:11:F0:5D:0E:51:D4
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 5579
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/7IFDllPjKCLehI_NfJAR8F0OUdQ.roa
Signing time: Sun 12 May 2024 13:24:15 +0000
ROA not before: Sun 12 May 2024 13:24:15 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21881 (0x5579)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 12 13:24:15 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=EC81439653E32822DE848FCD7C9011F05D0E51D4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:5f:d1:77:38:52:b6:c8:ea:93:04:a9:76:0c:
fd:45:dc:0c:85:08:89:7b:61:b1:64:03:da:65:28:
58:d9:07:30:f0:ed:ad:0e:0b:93:bd:d2:a3:9f:37:
40:c6:23:68:70:33:de:92:43:67:3d:b3:01:3a:e1:
55:7d:dc:f7:e4:33:69:a1:3c:b8:e1:69:e6:09:60:
b8:b6:2a:33:30:a6:1f:24:b2:02:1e:c1:50:25:2f:
63:32:c0:79:1c:2e:e0:c2:e9:f3:c2:5b:a5:8f:f6:
3c:84:25:c1:ba:55:ea:41:ab:f4:20:07:ab:82:13:
6c:97:e9:c9:23:01:92:1f:99:5b:53:18:99:38:a2:
47:32:fa:c1:19:2a:48:78:04:61:13:80:99:72:8b:
44:50:9e:2b:1e:54:f9:b5:b6:fd:d6:6f:6f:88:50:
e4:9c:3f:4c:5a:30:4f:16:27:d5:28:4b:11:99:8f:
83:4d:de:e8:9e:16:e3:37:f0:75:9e:8e:eb:bb:83:
8a:12:0c:f7:8e:82:7d:cc:67:34:0a:7e:f1:f9:6e:
c2:5b:22:02:f2:1a:11:55:b0:93:98:fd:41:c5:41:
bc:50:88:0a:8f:bd:7b:13:4d:f7:de:70:8c:20:55:
05:d8:54:f9:60:9b:5b:9b:4a:ae:23:65:20:eb:bf:
ff:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:81:43:96:53:E3:28:22:DE:84:8F:CD:7C:90:11:F0:5D:0E:51:D4
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/7IFDllPjKCLehI_NfJAR8F0OUdQ.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
01:68:6f:fa:ab:6a:74:22:92:a6:40:3c:48:aa:f2:76:4c:b2:
d8:a5:41:8e:ac:b3:bb:aa:50:d6:7a:12:f6:fc:1c:c3:43:8e:
7d:ac:0f:30:c6:e2:fd:7a:64:b7:1c:cf:16:f6:e2:f0:ed:76:
bc:50:97:0d:68:70:97:6d:0b:46:1d:38:42:0f:15:7d:5b:2f:
4c:03:50:4e:7e:e4:62:56:54:c0:11:3c:ad:24:67:f1:a8:f9:
0c:8d:ee:c5:f4:18:6a:9b:aa:63:ce:97:4f:e9:b8:69:8f:fd:
c3:70:74:47:22:08:09:79:f5:4d:2c:74:dc:08:cc:7a:20:71:
2b:e0:d6:ff:3f:2d:5c:3e:9a:a9:a8:22:8a:cc:d7:c0:3a:21:
aa:e5:d1:3f:b8:af:de:1d:ad:74:c0:59:b7:09:1c:21:90:aa:
f5:69:f8:9d:ae:df:c2:10:c4:d9:e6:78:7e:29:93:4c:a3:39:
95:36:1a:78:d2:f0:39:9b:97:f5:cb:de:7c:00:60:d9:2e:cf:
55:19:85:15:f5:94:19:c1:d2:64:d1:dc:01:10:f7:d1:db:77:
2b:6b:15:8b:ff:92:af:75:ab:7e:a8:ed:3f:73:0a:cb:5a:5d:
3f:3e:74:75:79:ba:ca:30:ad:44:d5:7c:c6:3b:35:1a:3a:e0:
ee:7c:95:02
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICVXkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MTIx
MzI0MTVaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEVDODE0Mzk2NTNFMzI4
MjJERTg0OEZDRDdDOTAxMUYwNUQwRTUxRDQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCtX9F3OFK2yOqTBKl2DP1F3AyFCIl7YbFkA9plKFjZBzDw7a0O
C5O90qOfN0DGI2hwM96SQ2c9swE64VV93PfkM2mhPLjhaeYJYLi2KjMwph8ksgIe
wVAlL2MywHkcLuDC6fPCW6WP9jyEJcG6VepBq/QgB6uCE2yX6ckjAZIfmVtTGJk4
okcy+sEZKkh4BGETgJlyi0RQniseVPm1tv3Wb2+IUOScP0xaME8WJ9UoSxGZj4NN
3uieFuM38HWejuu7g4oSDPeOgn3MZzQKfvH5bsJbIgLyGhFVsJOY/UHFQbxQiAqP
vXsTTffecIwgVQXYVPlgm1ubSq4jZSDrv//7AgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQU7IFDllPjKCLehI/NfJAR8F0OUdQwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzdJRkRsbFBqS0NMZWhJ
X05mSkFSOEYwT1VkUS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAAFob/qranQikqZA
PEiq8nZMstilQY6ss7uqUNZ6Evb8HMNDjn2sDzDG4v16ZLcczxb24vDtdrxQlw1o
cJdtC0YdOEIPFX1bL0wDUE5+5GJWVMARPK0kZ/Go+QyN7sX0GGqbqmPOl0/puGmP
/cNwdEciCAl59U0sdNwIzHogcSvg1v8/LVw+mqmoIorM18A6Iarl0T+4r94drXTA
WbcJHCGQqvVp+J2u38IQxNnmeH4pk0yjOZU2GnjS8Dmbl/XL3nwAYNkuz1UZhRX1
lBnB0mTR3AEQ99HbdytrFYv/kq91q36o7T9zCstaXT8+dHV5usowrUTVfMY7NRo6
4O58lQI=
-----END CERTIFICATE-----
Generated at Sun May 12 16:26:51 2024 by rpki-client on console.sobornost.net