Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/9_iAm7nINMVrYO8OULH4Z2pBmEg.roa
File: 9_iAm7nINMVrYO8OULH4Z2pBmEg.roa (raw, json)
Hash identifier: Hq52FYcsouGQlFlfCLNGD5nVNW2L//lWKNrKO4g/dgU=
Subject key identifier: F7:F8:80:9B:B9:C8:34:C5:6B:60:EF:0E:50:B1:F8:67:6A:41:98:48
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3F8A
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/9_iAm7nINMVrYO8OULH4Z2pBmEg.roa
Signing time: Sat 13 Apr 2024 07:22:48 +0000
ROA not before: Sat 13 Apr 2024 07:22:48 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16266 (0x3f8a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 13 07:22:48 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=F7F8809BB9C834C56B60EF0E50B1F8676A419848
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:0e:bc:6e:5c:bf:31:cc:24:74:82:db:43:e1:
00:3a:02:08:c1:14:5c:ce:16:3b:1a:d2:c7:3c:01:
8c:79:65:bf:fd:56:25:30:44:4f:31:65:6c:24:b7:
4f:ae:c8:1e:41:1b:de:f4:54:6b:1b:aa:d8:6d:4c:
49:6e:d9:b3:6d:64:2c:62:fd:7a:d8:c5:91:15:e5:
e2:91:aa:9b:80:cd:ec:cc:ae:d4:c2:9b:13:b8:42:
bb:fc:60:2b:b7:99:87:c4:a7:5b:52:65:7f:03:a3:
f3:24:62:fd:2c:d8:db:7c:db:fc:b9:0d:27:93:e1:
62:37:ce:37:d3:b8:16:fe:8d:85:46:39:35:be:40:
4e:e5:a0:26:f1:df:aa:06:6d:30:07:ee:b6:c7:e1:
7b:de:3d:75:31:3a:1c:de:36:b1:44:9c:53:ea:99:
84:d1:a8:92:e0:af:68:0d:35:d2:f3:90:bb:16:44:
8e:43:8a:d8:88:12:16:cf:5a:51:b8:d8:16:8a:71:
ce:7c:a3:f4:26:65:bf:8c:93:67:f7:c6:09:54:99:
56:8e:20:3d:f7:7c:ed:58:53:09:3e:0f:65:28:ad:
ff:48:77:a0:7c:11:b0:82:d9:64:91:c4:7a:92:2a:
12:66:c7:62:65:c8:88:8d:6f:9b:b1:df:04:b4:8a:
af:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:F8:80:9B:B9:C8:34:C5:6B:60:EF:0E:50:B1:F8:67:6A:41:98:48
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/9_iAm7nINMVrYO8OULH4Z2pBmEg.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
88:2c:33:94:a5:83:a0:fa:8e:ca:8a:14:71:92:48:a6:4e:9c:
67:6a:1e:fa:51:79:29:e8:b5:90:37:b2:c8:61:8d:a3:db:83:
11:88:28:d0:59:e6:bf:26:41:c7:ec:f3:d3:dc:ee:c9:2f:fd:
0f:56:9c:be:f4:32:ea:af:b1:71:7d:e4:a0:30:72:5b:67:57:
31:88:ea:92:6b:c8:ac:24:f1:02:8f:97:81:a4:5d:ba:7b:37:
c9:7b:cd:d3:d5:9f:2e:7d:01:13:f1:30:ca:4a:c8:ed:52:7f:
fe:99:a1:c8:e2:51:1d:22:46:c9:99:97:34:31:64:ff:73:04:
a2:4a:06:41:a4:b5:9c:f0:ec:2f:42:9b:28:40:87:f8:76:d7:
f6:61:35:6b:27:8c:77:c1:b0:7f:6e:12:e5:07:b1:63:66:b0:
cb:d7:d4:5d:c0:af:67:ae:86:ea:b0:a5:f7:2f:f0:fd:41:82:
53:50:6c:92:d7:02:4b:84:58:a3:ae:c6:f7:db:61:db:37:33:
5d:7f:c8:19:13:02:17:2f:8f:04:57:32:b3:57:a7:1a:aa:04:
d6:78:9e:f3:86:72:80:00:1c:14:1d:e8:d9:aa:94:6e:e2:99:
15:ff:af:6f:d1:fb:20:62:c5:40:a6:db:46:63:ed:ae:3a:0b:
4d:32:2f:98
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICP4owDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTMw
NzIyNDhaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEY3Rjg4MDlCQjlDODM0
QzU2QjYwRUYwRTUwQjFGODY3NkE0MTk4NDgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDNDrxuXL8xzCR0gttD4QA6AgjBFFzOFjsa0sc8AYx5Zb/9ViUw
RE8xZWwkt0+uyB5BG970VGsbqthtTElu2bNtZCxi/XrYxZEV5eKRqpuAzezMrtTC
mxO4Qrv8YCu3mYfEp1tSZX8Do/MkYv0s2Nt82/y5DSeT4WI3zjfTuBb+jYVGOTW+
QE7loCbx36oGbTAH7rbH4XvePXUxOhzeNrFEnFPqmYTRqJLgr2gNNdLzkLsWRI5D
itiIEhbPWlG42BaKcc58o/QmZb+Mk2f3xglUmVaOID33fO1YUwk+D2Uorf9Id6B8
EbCC2WSRxHqSKhJmx2JlyIiNb5ux3wS0iq/vAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQU9/iAm7nINMVrYO8OULH4Z2pBmEgwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzlfaUFtN25JTk1WcllP
OE9VTEg0WjJwQm1FZy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAiCwzlKWDoPqOyooUcZJIpk6cZ2oe+lF5
Kei1kDeyyGGNo9uDEYgo0FnmvyZBx+zz09zuyS/9D1acvvQy6q+xcX3koDByW2dX
MYjqkmvIrCTxAo+XgaRduns3yXvN09WfLn0BE/EwykrI7VJ//pmhyOJRHSJGyZmX
NDFk/3MEokoGQaS1nPDsL0KbKECH+HbX9mE1ayeMd8Gwf24S5QexY2awy9fUXcCv
Z66G6rCl9y/w/UGCU1BsktcCS4RYo67G99th2zczXX/IGRMCFy+PBFcys1enGqoE
1nie84ZygAAcFB3o2aqUbuKZFf+vb9H7IGLFQKbbRmPtrjoLTTIvmA==
-----END CERTIFICATE-----
Generated at Sat Apr 13 13:47:28 2024 by rpki-client on console.sobornost.net