Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/ElJckf1rXqN1c0BcMjn-I4YGjfs.roa
File: ElJckf1rXqN1c0BcMjn-I4YGjfs.roa (raw, json)
Hash identifier: HMUjlcVgw++OL2Wg4V+GxrA17CT367afcWUgH8nFH9g=
Subject key identifier: 12:52:5C:91:FD:6B:5E:A3:75:73:40:5C:32:39:FE:23:86:06:8D:FB
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 568D
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/ElJckf1rXqN1c0BcMjn-I4YGjfs.roa
Signing time: Mon 13 May 2024 23:54:18 +0000
ROA not before: Mon 13 May 2024 23:54:18 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 22157 (0x568d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 13 23:54:18 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=12525C91FD6B5EA37573405C3239FE2386068DFB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:d6:79:67:89:d8:e9:55:d5:17:07:49:23:82:
c5:82:41:c9:23:70:0f:45:91:96:48:db:a7:ff:8c:
c1:ff:c4:55:f7:f8:be:7b:20:0d:df:c5:39:a0:d6:
50:73:ce:b0:e6:3b:58:c5:f3:92:e3:7b:4d:48:61:
b5:17:a6:73:ed:04:d6:ad:c6:a7:d0:31:84:02:e8:
42:d8:fa:cf:47:1e:8b:8a:2d:cd:6f:9c:a4:06:61:
1e:3f:ec:18:dd:9e:f1:f6:f3:79:14:ba:fc:c6:a6:
32:8b:32:70:9a:15:c0:dd:59:5d:35:af:1c:32:62:
d3:ff:61:5d:38:74:61:4e:53:7b:1d:61:07:a8:47:
c4:e6:d3:68:32:2d:12:66:55:ac:1a:5c:dd:26:75:
62:00:bb:fd:2b:3c:93:a8:2d:3b:f8:ed:35:bf:20:
c9:a0:07:29:3c:34:6e:3c:dd:0a:7c:ce:88:77:6e:
37:2e:60:ca:32:f2:dc:40:be:01:96:aa:13:95:d9:
df:d4:96:69:db:8e:21:80:f9:e4:b8:5e:cd:68:bf:
43:87:44:4a:55:65:4f:be:9d:f3:ec:59:43:31:c6:
1a:5f:97:31:b4:fc:59:04:23:57:fb:65:43:7d:8c:
6f:7b:f8:83:c6:d7:c0:f5:3e:4d:03:c8:31:5b:48:
5b:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:52:5C:91:FD:6B:5E:A3:75:73:40:5C:32:39:FE:23:86:06:8D:FB
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/ElJckf1rXqN1c0BcMjn-I4YGjfs.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
39:25:8d:04:c6:04:e5:a4:7c:45:33:9b:f7:db:5d:1d:d8:c0:
76:8d:e1:9f:0b:b8:e0:53:94:46:ac:47:a1:d3:b9:45:e8:f7:
fc:de:4d:bc:bc:6c:ea:65:b8:ed:c6:e3:ad:cb:9c:5b:d8:c2:
1e:a5:bb:18:af:e1:ec:22:18:40:80:ab:00:69:2c:c8:87:3a:
8e:ec:9b:a9:3f:a1:bb:fb:e5:65:02:c8:d2:d0:c3:2c:af:1c:
0d:b6:b6:77:57:e3:97:6c:ee:d2:01:8c:1d:e5:ec:b9:39:60:
49:61:58:89:35:af:e9:1b:de:f8:4d:58:8a:92:69:ed:43:85:
51:1e:80:2f:51:eb:2a:51:de:78:e7:c0:03:75:09:d2:c4:e3:
8f:c8:f6:60:39:c5:50:a4:af:ae:0f:09:03:3a:be:54:83:fe:
45:88:89:48:87:5e:be:66:49:47:14:9b:69:26:e9:f0:54:9d:
29:e2:87:dc:39:d6:a7:b7:05:94:b7:13:5f:05:90:2a:af:da:
bb:b0:a0:67:86:d9:a2:46:07:70:0b:b3:9d:9e:d0:26:a2:ec:
80:a2:a1:fb:ab:03:a6:08:37:83:58:6b:af:87:c3:04:ca:85:
76:38:27:51:4b:e0:80:e0:d8:bb:5c:cf:cd:77:87:ba:af:de:
94:d9:ee:dc
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICVo0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MTMy
MzU0MThaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDEyNTI1QzkxRkQ2QjVF
QTM3NTczNDA1QzMyMzlGRTIzODYwNjhERkIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC11nlnidjpVdUXB0kjgsWCQckjcA9FkZZI26f/jMH/xFX3+L57
IA3fxTmg1lBzzrDmO1jF85Lje01IYbUXpnPtBNatxqfQMYQC6ELY+s9HHouKLc1v
nKQGYR4/7BjdnvH283kUuvzGpjKLMnCaFcDdWV01rxwyYtP/YV04dGFOU3sdYQeo
R8Tm02gyLRJmVawaXN0mdWIAu/0rPJOoLTv47TW/IMmgByk8NG483Qp8zoh3bjcu
YMoy8txAvgGWqhOV2d/UlmnbjiGA+eS4Xs1ov0OHREpVZU++nfPsWUMxxhpflzG0
/FkEI1f7ZUN9jG97+IPG18D1Pk0DyDFbSFubAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUElJckf1rXqN1c0BcMjn+I4YGjfswHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0VsSmNrZjFyWHFOMWMw
QmNNam4tSTRZR2pmcy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBADkljQTGBOWkfEUz
m/fbXR3YwHaN4Z8LuOBTlEasR6HTuUXo9/zeTby8bOpluO3G463LnFvYwh6luxiv
4ewiGECAqwBpLMiHOo7sm6k/obv75WUCyNLQwyyvHA22tndX45ds7tIBjB3l7Lk5
YElhWIk1r+kb3vhNWIqSae1DhVEegC9R6ypR3njnwAN1CdLE44/I9mA5xVCkr64P
CQM6vlSD/kWIiUiHXr5mSUcUm2km6fBUnSnih9w51qe3BZS3E18FkCqv2ruwoGeG
2aJGB3ALs52e0Cai7ICiofurA6YIN4NYa6+HwwTKhXY4J1FL4IDg2Ltcz813h7qv
3pTZ7tw=
-----END CERTIFICATE-----
Generated at Tue May 14 04:12:07 2024 by rpki-client on console.sobornost.net