Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/8LRFYvGjBZtPGPL2no5uzxPeJwA.roa
File: 8LRFYvGjBZtPGPL2no5uzxPeJwA.roa (raw, json)
Hash identifier: H4rOaofhmNTni1ijECDAzQCEK0INb1dIK5dUQ+xxkts=
Subject key identifier: F0:B4:45:62:F1:A3:05:9B:4F:18:F2:F6:9E:8E:6E:CF:13:DE:27:00
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 34FD
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/8LRFYvGjBZtPGPL2no5uzxPeJwA.roa
Signing time: Sat 30 Mar 2024 05:52:09 +0000
ROA not before: Sat 30 Mar 2024 05:52:09 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13565 (0x34fd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Mar 30 05:52:09 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=F0B44562F1A3059B4F18F2F69E8E6ECF13DE2700
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:3c:ac:0f:d1:2d:13:e7:e3:b8:6f:97:de:3e:
3a:56:b8:3c:a7:b0:8a:d0:ea:e9:14:b3:1b:5c:69:
b3:fe:df:f6:2c:91:c3:a6:91:1a:fc:73:2c:34:20:
38:2d:2b:75:c8:9b:f5:b6:bc:76:47:51:b4:3f:c3:
49:cc:41:16:3f:7c:a7:82:84:48:4f:8d:07:4e:08:
18:b6:79:ae:fb:7c:e3:b1:72:12:7e:52:ec:0e:12:
03:68:e3:7e:a8:e2:5e:42:f8:72:11:c0:d1:cb:43:
d0:6a:8a:ad:d2:0b:b5:ba:bf:86:d9:85:b7:fb:ab:
a7:55:9c:c7:74:c9:33:d0:57:96:a9:e9:54:58:48:
28:f6:1e:ee:97:ac:94:b4:e4:77:17:5f:51:5e:7d:
f1:c2:5c:12:f8:70:a3:a0:b1:67:6c:1c:5b:60:03:
56:91:d0:04:80:5b:a6:3b:10:1c:98:60:f1:9d:0b:
1b:72:f1:4b:16:c3:29:72:d0:72:29:7b:39:09:6b:
f2:5e:a1:56:cc:99:cd:00:d9:d5:53:57:49:a1:69:
a5:71:e6:dd:04:ea:06:8f:d1:54:72:43:3a:16:90:
42:81:eb:09:d0:f7:68:e5:f1:51:29:44:b7:b7:9a:
05:37:ff:cd:41:42:66:26:b1:b7:42:1f:1c:ea:86:
81:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:B4:45:62:F1:A3:05:9B:4F:18:F2:F6:9E:8E:6E:CF:13:DE:27:00
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/8LRFYvGjBZtPGPL2no5uzxPeJwA.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
2a:71:fc:f5:83:27:30:06:b0:15:a1:72:92:d2:e6:51:ef:77:
5d:fd:db:e7:7f:fb:d7:d3:31:69:f3:1d:89:83:5e:12:66:46:
ab:bb:71:72:f3:c3:5b:bb:46:5d:b2:f5:07:84:96:61:b4:97:
16:b5:15:04:67:c9:87:68:8a:eb:2d:77:77:c1:74:cd:b4:ee:
bf:98:3c:42:88:5c:bf:6d:a1:c5:ae:95:8d:cb:6c:f0:6e:cc:
19:45:23:45:8f:8d:a0:1a:c3:8f:6e:45:c5:d9:78:12:92:18:
f3:05:66:91:fc:4a:27:e2:f1:ed:6c:1b:be:14:b4:44:f5:6a:
25:ce:ee:93:af:fa:44:7e:a5:76:fe:b1:09:3c:2b:cb:33:58:
52:c8:30:d3:1d:37:c7:4a:09:e3:af:b6:f0:fd:3a:b6:15:03:
7f:3c:ec:7f:f5:44:34:df:f4:18:52:4d:0b:62:a9:57:61:69:
95:55:cb:f6:0f:6d:72:23:db:4b:34:8d:b6:06:e8:a5:41:ba:
5a:86:9a:00:39:4f:d1:52:2b:33:2b:6f:12:89:af:e3:e1:1d:
ec:45:e5:db:43:99:94:9e:2c:b5:55:fb:88:5d:23:26:53:70:
6a:10:ed:73:22:65:5a:d3:13:f9:ed:9d:9c:4c:04:b3:9f:2d:
03:3a:aa:bd
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICNP0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDAzMzAw
NTUyMDlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEYwQjQ0NTYyRjFBMzA1
OUI0RjE4RjJGNjlFOEU2RUNGMTNERTI3MDAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCgPKwP0S0T5+O4b5fePjpWuDynsIrQ6ukUsxtcabP+3/YskcOm
kRr8cyw0IDgtK3XIm/W2vHZHUbQ/w0nMQRY/fKeChEhPjQdOCBi2ea77fOOxchJ+
UuwOEgNo436o4l5C+HIRwNHLQ9Bqiq3SC7W6v4bZhbf7q6dVnMd0yTPQV5ap6VRY
SCj2Hu6XrJS05HcXX1FeffHCXBL4cKOgsWdsHFtgA1aR0ASAW6Y7EByYYPGdCxty
8UsWwyly0HIpezkJa/JeoVbMmc0A2dVTV0mhaaVx5t0E6gaP0VRyQzoWkEKB6wnQ
92jl8VEpRLe3mgU3/81BQmYmsbdCHxzqhoH/AgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQU8LRFYvGjBZtPGPL2no5uzxPeJwAwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzhMUkZZdkdqQlp0UEdQ
TDJubzV1enhQZUp3QS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBACpx/PWDJzAGsBWh
cpLS5lHvd1392+d/+9fTMWnzHYmDXhJmRqu7cXLzw1u7Rl2y9QeElmG0lxa1FQRn
yYdoiustd3fBdM207r+YPEKIXL9tocWulY3LbPBuzBlFI0WPjaAaw49uRcXZeBKS
GPMFZpH8Sifi8e1sG74UtET1aiXO7pOv+kR+pXb+sQk8K8szWFLIMNMdN8dKCeOv
tvD9OrYVA3887H/1RDTf9BhSTQtiqVdhaZVVy/YPbXIj20s0jbYG6KVBulqGmgA5
T9FSKzMrbxKJr+PhHexF5dtDmZSeLLVV+4hdIyZTcGoQ7XMiZVrTE/ntnZxMBLOf
LQM6qr0=
-----END CERTIFICATE-----
Generated at Sat Mar 30 11:14:55 2024 by rpki-client on console.sobornost.net