Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/EuQfc8org-1pEZ2Q09071TzLIro.roa
File: EuQfc8org-1pEZ2Q09071TzLIro.roa (raw, json)
Hash identifier: eFK5DMBNT4eh5BhV9NCB59ABc5LRZ/79Vy5/2sTW9K0=
Subject key identifier: 12:E4:1F:73:CA:2B:83:ED:69:11:9D:90:D3:DD:3B:D5:3C:CB:22:BA
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4E96
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/EuQfc8org-1pEZ2Q09071TzLIro.roa
Signing time: Fri 03 May 2024 08:53:43 +0000
ROA not before: Fri 03 May 2024 08:53:43 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 20118 (0x4e96)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 3 08:53:43 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=12E41F73CA2B83ED69119D90D3DD3BD53CCB22BA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:2e:f3:e8:cc:c6:82:7d:3c:66:6c:ab:e2:1e:
72:99:b0:eb:f7:7e:1b:1f:83:5d:4a:4f:61:06:09:
b4:92:03:7d:c1:59:02:52:06:1b:b7:f8:ec:d2:5f:
d7:71:76:b8:85:b1:61:36:a9:76:2a:28:6b:b6:c9:
c2:ad:0b:8d:f1:6c:cb:7e:18:ae:95:5b:8a:2d:f1:
fa:51:56:26:dd:10:53:70:87:f4:0d:91:c0:e1:77:
0a:d4:e1:2a:f4:d3:19:7f:7c:14:8a:1f:83:47:b6:
c1:5b:50:6d:be:91:d1:89:bb:01:f2:46:15:35:3f:
7a:78:b2:8d:56:b4:79:c4:0c:4c:9a:ea:8f:16:cd:
3d:85:e8:f0:fd:e4:43:5d:b9:1c:81:db:14:b3:c1:
0a:61:b5:58:28:de:9d:6c:fe:1a:e2:4f:a4:da:77:
cd:4e:f1:ac:47:20:26:e2:54:13:e7:59:a3:a7:02:
e2:0b:f6:6f:98:e7:f2:19:20:c4:db:88:9e:94:79:
d8:12:f8:83:8f:47:c0:3a:af:5b:f3:72:34:24:40:
83:8f:b6:f0:c8:df:50:db:68:16:a2:20:9f:94:98:
a3:ad:13:b3:db:13:0f:a6:40:86:03:8a:36:33:46:
8d:06:aa:8a:1b:31:e5:b2:c1:69:bf:06:3e:c1:0e:
02:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:E4:1F:73:CA:2B:83:ED:69:11:9D:90:D3:DD:3B:D5:3C:CB:22:BA
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/EuQfc8org-1pEZ2Q09071TzLIro.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
2b:78:70:73:35:20:7c:4d:4f:d7:44:52:af:e5:f5:1b:b2:ed:
08:d8:d3:c5:01:e2:08:48:4c:64:10:95:44:f1:69:2e:36:9f:
8c:bf:af:4d:78:0e:e0:f2:91:85:d9:75:35:ab:05:4d:b8:6f:
3f:62:5a:ed:b9:50:c5:a7:6e:bb:ce:d0:68:db:c7:c2:16:bc:
e3:fd:29:7a:18:f7:04:5c:9d:63:e0:12:bf:c1:c0:b7:40:95:
13:eb:54:b2:5c:b2:90:5a:b7:90:c5:e2:e0:7f:4b:48:6e:54:
9c:35:7b:76:88:01:c9:df:40:e4:58:3a:3c:34:11:d7:3c:79:
26:83:47:4c:a9:d5:21:0f:93:d1:09:c3:8c:85:bd:25:16:18:
82:95:00:a8:3a:96:99:b5:96:95:a1:f3:f1:3e:52:15:38:1b:
67:d2:b6:49:07:1d:c8:6f:de:79:c7:d6:cc:f8:3e:de:fb:4d:
59:79:81:e3:35:30:b3:2a:10:59:24:03:6f:e2:32:92:ca:1a:
cf:94:a7:86:69:d9:f3:0b:5c:4a:b4:ce:f7:d6:6a:2b:2b:5c:
0b:6f:e0:cd:81:de:3e:7f:a5:e5:69:1e:74:49:3a:a9:f6:45:
10:63:99:15:de:73:4e:0a:42:35:b1:e5:de:8d:56:74:e7:f9:
a6:e0:55:d2
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICTpYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDMw
ODUzNDNaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDEyRTQxRjczQ0EyQjgz
RUQ2OTExOUQ5MEQzREQzQkQ1M0NDQjIyQkEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDELvPozMaCfTxmbKviHnKZsOv3fhsfg11KT2EGCbSSA33BWQJS
Bhu3+OzSX9dxdriFsWE2qXYqKGu2ycKtC43xbMt+GK6VW4ot8fpRVibdEFNwh/QN
kcDhdwrU4Sr00xl/fBSKH4NHtsFbUG2+kdGJuwHyRhU1P3p4so1WtHnEDEya6o8W
zT2F6PD95ENduRyB2xSzwQphtVgo3p1s/hriT6Tad81O8axHICbiVBPnWaOnAuIL
9m+Y5/IZIMTbiJ6UedgS+IOPR8A6r1vzcjQkQIOPtvDI31DbaBaiIJ+UmKOtE7Pb
Ew+mQIYDijYzRo0GqoobMeWywWm/Bj7BDgJFAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUEuQfc8org+1pEZ2Q09071TzLIrowHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0V1UWZjOG9yZy0xcEVa
MlEwOTA3MVR6TElyby5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAK3hwczUgfE1P10RSr+X1G7LtCNjTxQHi
CEhMZBCVRPFpLjafjL+vTXgO4PKRhdl1NasFTbhvP2Ja7blQxaduu87QaNvHwha8
4/0pehj3BFydY+ASv8HAt0CVE+tUslyykFq3kMXi4H9LSG5UnDV7dogByd9A5Fg6
PDQR1zx5JoNHTKnVIQ+T0QnDjIW9JRYYgpUAqDqWmbWWlaHz8T5SFTgbZ9K2SQcd
yG/eecfWzPg+3vtNWXmB4zUwsyoQWSQDb+Iyksoaz5SnhmnZ8wtcSrTO99ZqKytc
C2/gzYHePn+l5WkedEk6qfZFEGOZFd5zTgpCNbHl3o1WdOf5puBV0g==
-----END CERTIFICATE-----
Generated at Fri May 3 14:44:29 2024 by rpki-client on console.sobornost.net