Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/DsEIDnlrC_yAHLTru8Gtcc0kjik.roa
File: DsEIDnlrC_yAHLTru8Gtcc0kjik.roa (raw, json)
Hash identifier: /ndPTpTEpjPtAVCPL9CTD9jWv83KHHQnG7I9QIzFwQU=
Subject key identifier: 0E:C1:08:0E:79:6B:0B:FC:80:1C:B4:EB:BB:C1:AD:71:CD:24:8E:29
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 32F9
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/DsEIDnlrC_yAHLTru8Gtcc0kjik.roa
Signing time: Wed 27 Mar 2024 13:22:02 +0000
ROA not before: Wed 27 Mar 2024 13:22:02 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13049 (0x32f9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Mar 27 13:22:02 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=0EC1080E796B0BFC801CB4EBBBC1AD71CD248E29
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:e0:ad:09:71:78:1b:96:bb:ee:b7:47:69:32:
b1:f3:3a:7d:1e:a8:d9:fd:cb:61:ed:e0:71:11:f3:
cf:5d:62:19:f5:92:46:db:e1:74:57:14:74:2e:ac:
1a:86:cc:d2:c2:fc:05:66:fb:17:5b:c2:bc:9e:47:
b7:f8:8d:fc:f2:40:d9:c3:98:47:cc:56:d5:af:b2:
45:0c:90:4b:a2:7a:34:ea:5e:5a:64:d3:f5:f2:b1:
ee:3b:e5:66:e6:c5:63:53:84:a7:8e:d0:3d:a3:db:
cb:81:bd:87:7e:4b:d9:2b:91:6a:c9:e1:c7:b6:a7:
53:7e:8d:f0:ac:65:fa:c5:fc:0b:99:92:5f:b8:70:
b7:74:dd:23:d2:21:96:de:32:ac:33:39:4e:e6:b5:
3b:da:76:8b:ff:d9:08:78:5c:6b:85:37:17:d2:44:
09:33:e6:14:ea:fd:a4:1d:6d:a0:94:7d:84:db:7a:
68:15:d6:f3:3b:a5:67:d7:1e:e2:ab:6a:d5:5d:1e:
76:32:5d:22:07:42:e6:83:35:28:1a:e9:0b:0d:44:
de:23:63:84:f5:59:63:57:af:66:bb:88:17:90:27:
8b:5d:f3:19:50:58:07:ea:ed:36:e5:ae:e5:71:70:
30:15:d2:e8:3e:84:6b:2a:7f:f9:76:ac:81:ea:d0:
95:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:C1:08:0E:79:6B:0B:FC:80:1C:B4:EB:BB:C1:AD:71:CD:24:8E:29
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/DsEIDnlrC_yAHLTru8Gtcc0kjik.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
72:da:4b:b2:ac:79:13:41:6a:49:1f:9b:ea:ab:dc:68:7b:33:
32:97:ca:1c:2f:57:3e:6e:07:83:eb:56:40:44:c7:39:88:6b:
4f:80:d4:a0:28:be:c0:15:7f:0d:21:28:23:03:5f:f0:1a:db:
75:46:d3:10:af:d8:92:6c:cf:23:46:d0:bb:27:a6:d2:1b:e7:
11:68:82:6e:3c:4c:38:d7:13:90:3c:ef:7c:d2:4a:e2:08:3b:
c6:37:be:bf:bc:3a:a6:0a:62:7a:a7:e6:d6:72:af:14:57:f2:
c8:a9:ce:e6:c9:2c:35:b8:19:ac:af:c4:4f:1a:79:54:8d:81:
aa:d4:ab:97:43:7e:a8:ce:29:bf:13:5f:0e:9a:ba:6f:fe:bc:
13:22:40:ac:99:c3:da:a8:ea:ae:85:79:48:7a:6d:49:aa:67:
1d:71:bb:5d:8c:97:52:e1:1f:0c:70:65:d2:f9:96:26:2a:90:
aa:c5:86:fe:fc:17:34:e8:db:57:d0:d7:65:69:cf:ba:28:cd:
1b:17:8a:9f:87:08:86:af:bf:ff:6e:c3:3a:76:79:e7:27:c1:
cf:1c:e3:89:90:3c:32:db:8e:33:22:62:b4:8e:04:9a:e7:d8:
07:44:6b:34:8d:27:8c:9c:21:8e:21:5b:93:00:21:9f:77:ea:
25:42:38:86
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICMvkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDAzMjcx
MzIyMDJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDBFQzEwODBFNzk2QjBC
RkM4MDFDQjRFQkJCQzFBRDcxQ0QyNDhFMjkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDG4K0JcXgblrvut0dpMrHzOn0eqNn9y2Ht4HER889dYhn1kkbb
4XRXFHQurBqGzNLC/AVm+xdbwryeR7f4jfzyQNnDmEfMVtWvskUMkEuiejTqXlpk
0/Xyse475WbmxWNThKeO0D2j28uBvYd+S9krkWrJ4ce2p1N+jfCsZfrF/AuZkl+4
cLd03SPSIZbeMqwzOU7mtTvadov/2Qh4XGuFNxfSRAkz5hTq/aQdbaCUfYTbemgV
1vM7pWfXHuKratVdHnYyXSIHQuaDNSga6QsNRN4jY4T1WWNXr2a7iBeQJ4td8xlQ
WAfq7TblruVxcDAV0ug+hGsqf/l2rIHq0JU/AgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUDsEIDnlrC/yAHLTru8Gtcc0kjikwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0RzRUlEbmxyQ195QUhM
VHJ1OEd0Y2Mwa2ppay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAHLaS7KseRNBakkf
m+qr3Gh7MzKXyhwvVz5uB4PrVkBExzmIa0+A1KAovsAVfw0hKCMDX/Aa23VG0xCv
2JJszyNG0LsnptIb5xFogm48TDjXE5A873zSSuIIO8Y3vr+8OqYKYnqn5tZyrxRX
8sipzubJLDW4GayvxE8aeVSNgarUq5dDfqjOKb8TXw6aum/+vBMiQKyZw9qo6q6F
eUh6bUmqZx1xu12Ml1LhHwxwZdL5liYqkKrFhv78FzTo21fQ12Vpz7oozRsXip+H
CIavv/9uwzp2eecnwc8c44mQPDLbjjMiYrSOBJrn2AdEazSNJ4ycIY4hW5MAIZ93
6iVCOIY=
-----END CERTIFICATE-----
Generated at Wed Mar 27 20:11:32 2024 by rpki-client on console.sobornost.net