Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/A-9Ah_Yjh1R9O-079zl4SIKtu5w.roa
File: A-9Ah_Yjh1R9O-079zl4SIKtu5w.roa (raw, json)
Hash identifier: QMuuernfqwcZHjHMS7tANL3CuqAAXsQ/5ITbBkhOlB0=
Subject key identifier: 03:EF:40:87:F6:23:87:54:7D:3B:ED:3B:F7:39:78:48:82:AD:BB:9C
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 338A
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/A-9Ah_Yjh1R9O-079zl4SIKtu5w.roa
Signing time: Thu 28 Mar 2024 07:22:04 +0000
ROA not before: Thu 28 Mar 2024 07:22:04 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13194 (0x338a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Mar 28 07:22:04 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=03EF4087F62387547D3BED3BF739784882ADBB9C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:07:5c:4c:6d:82:cd:a7:86:9a:4e:6a:5b:9b:
8f:4f:0e:4c:ee:a6:b4:cd:e2:90:eb:86:a4:08:84:
4a:e1:52:d9:9b:dd:b3:ac:61:a9:4d:ed:c7:d1:89:
73:d7:60:14:ef:03:a0:f9:91:45:65:18:18:bc:b9:
31:84:9b:71:d3:c9:c1:d8:ea:33:13:66:e2:3a:9e:
96:29:ec:a8:c3:db:76:cf:10:88:f4:9f:dc:59:5f:
b6:49:f0:ea:94:2c:6a:ab:f0:6d:92:91:e1:72:57:
2f:d4:97:7f:9d:59:27:7a:ab:0e:9f:d2:79:e8:04:
d6:46:7b:2d:f4:fb:07:6a:38:16:b5:95:5c:80:65:
4b:ef:cd:8d:57:06:38:9e:cb:23:a4:81:c6:cc:02:
ac:22:54:1d:8b:a3:48:b2:d5:b4:bb:32:80:f6:f2:
58:fe:0d:59:71:ab:29:1a:7c:a8:ce:42:5a:44:a1:
f5:0b:85:3d:09:34:b1:d0:d5:41:3e:ca:20:95:2a:
32:16:68:70:1b:3d:f5:d6:57:84:0a:1e:68:b5:01:
a8:bf:25:ad:91:13:4c:ef:27:08:ae:bd:8d:ed:88:
ca:27:b2:ec:fa:fb:85:8d:ef:60:a6:55:6d:68:95:
b1:60:04:40:71:00:a0:5a:b0:12:87:fc:7a:1a:be:
43:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:EF:40:87:F6:23:87:54:7D:3B:ED:3B:F7:39:78:48:82:AD:BB:9C
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/A-9Ah_Yjh1R9O-079zl4SIKtu5w.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
3f:77:f2:1d:72:66:f3:83:85:49:c6:e0:ca:49:d4:ef:ad:75:
64:0a:08:b3:55:98:b6:54:e4:ae:a6:ab:42:b6:75:47:e3:b4:
e6:8f:6c:cb:3d:e1:71:1e:0a:a7:78:61:1c:d7:73:4f:fb:ad:
66:67:86:a7:18:cc:3f:36:20:39:fe:5d:2c:9a:34:e0:7c:ff:
1a:79:af:a8:c1:6a:51:cf:a8:73:95:54:4d:cb:e8:7c:b4:c7:
63:f8:72:04:8b:b4:93:bf:3b:b2:20:f2:60:71:7e:02:70:fa:
54:9a:24:e6:24:9b:6f:14:75:71:31:42:c5:e9:37:72:85:40:
99:4b:d5:c2:c0:c4:8f:f7:81:e5:7f:ad:a2:0d:0a:36:23:fb:
e5:9e:4b:29:84:57:e2:a6:f0:88:9c:b3:27:e3:8f:94:49:0e:
16:ae:88:66:6f:ab:72:38:20:58:5f:7a:8a:ae:86:8a:e3:46:
48:b6:90:84:3e:7b:76:89:48:94:56:25:cb:ad:f4:6a:05:4d:
12:91:eb:f1:2e:b0:42:e4:01:4c:30:19:36:24:80:e2:8f:b8:
d3:2b:f6:98:8d:a4:f5:93:75:af:94:15:dd:81:55:38:58:26:
52:c8:70:c0:af:6a:48:c9:f9:52:1f:85:27:e0:4f:8a:d9:a1:
ad:bd:fb:da
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICM4owDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDAzMjgw
NzIyMDRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDAzRUY0MDg3RjYyMzg3
NTQ3RDNCRUQzQkY3Mzk3ODQ4ODJBREJCOUMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDWB1xMbYLNp4aaTmpbm49PDkzuprTN4pDrhqQIhErhUtmb3bOs
YalN7cfRiXPXYBTvA6D5kUVlGBi8uTGEm3HTycHY6jMTZuI6npYp7KjD23bPEIj0
n9xZX7ZJ8OqULGqr8G2SkeFyVy/Ul3+dWSd6qw6f0nnoBNZGey30+wdqOBa1lVyA
ZUvvzY1XBjieyyOkgcbMAqwiVB2Lo0iy1bS7MoD28lj+DVlxqykafKjOQlpEofUL
hT0JNLHQ1UE+yiCVKjIWaHAbPfXWV4QKHmi1Aai/Ja2RE0zvJwiuvY3tiMonsuz6
+4WN72CmVW1olbFgBEBxAKBasBKH/HoavkOJAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUA+9Ah/Yjh1R9O+079zl4SIKtu5wwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0EtOUFoX1lqaDFSOU8t
MDc5emw0U0lLdHU1dy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAP3fyHXJm84OFScbgyknU7611ZAoIs1WY
tlTkrqarQrZ1R+O05o9syz3hcR4Kp3hhHNdzT/utZmeGpxjMPzYgOf5dLJo04Hz/
GnmvqMFqUc+oc5VUTcvofLTHY/hyBIu0k787siDyYHF+AnD6VJok5iSbbxR1cTFC
xek3coVAmUvVwsDEj/eB5X+tog0KNiP75Z5LKYRX4qbwiJyzJ+OPlEkOFq6IZm+r
cjggWF96iq6GiuNGSLaQhD57dolIlFYly630agVNEpHr8S6wQuQBTDAZNiSA4o+4
0yv2mI2k9ZN1r5QV3YFVOFgmUshwwK9qSMn5Uh+FJ+BPitmhrb372g==
-----END CERTIFICATE-----
Generated at Thu Mar 28 14:11:45 2024 by rpki-client on console.sobornost.net