Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/F4lGOPRKuz5bVxGPSLJqWcxkRew.roa
File: F4lGOPRKuz5bVxGPSLJqWcxkRew.roa (raw, json)
Hash identifier: XnqR4J1Iolrgs3IuN2sqFjklb3zY1qtPYx3T3TXucT0=
Subject key identifier: 17:89:46:38:F4:4A:BB:3E:5B:57:11:8F:48:B2:6A:59:CC:64:45:EC
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4E95
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/F4lGOPRKuz5bVxGPSLJqWcxkRew.roa
Signing time: Fri 03 May 2024 08:53:43 +0000
ROA not before: Fri 03 May 2024 08:53:43 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 20117 (0x4e95)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 3 08:53:43 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=17894638F44ABB3E5B57118F48B26A59CC6445EC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:5b:86:ae:21:ab:08:79:f6:36:d2:ac:a6:4e:
3f:8c:ea:c8:fb:8a:7d:12:a9:56:25:02:b3:d3:78:
3d:21:72:16:36:15:fc:9a:d5:91:63:95:37:4b:d1:
51:7c:d6:d0:0a:69:ce:e9:5c:ac:df:ac:d4:e1:79:
e1:11:a1:c5:91:b1:c8:30:8e:99:a4:ca:5e:09:37:
44:6a:bb:41:79:f2:e4:47:2c:21:7d:dd:c5:f5:6d:
98:ad:67:99:bf:d5:04:e5:9c:ff:df:ac:3f:ab:3d:
19:1e:60:64:93:64:56:f2:c9:92:6c:d1:a8:e9:4c:
ed:dd:97:81:4f:5c:4a:55:1d:e9:b5:6e:15:78:5a:
1d:8d:8f:4a:0b:b1:5d:7f:c1:32:d9:4c:91:08:82:
49:42:1e:9f:82:59:63:8f:b5:20:28:06:d9:0d:1a:
56:19:dd:cd:d3:84:29:09:54:49:b2:f8:d7:3e:e4:
e2:bc:f5:77:b6:aa:83:02:28:47:2f:85:88:d6:35:
3a:5b:19:1c:61:cb:cf:34:29:2f:a8:57:05:a7:1b:
1e:2b:1b:80:98:77:39:e2:88:20:97:4d:bd:93:88:
93:a9:b5:8e:28:3f:26:cc:54:d7:e2:96:ec:44:ee:
ca:e5:4f:8f:89:b9:1e:3a:80:91:5d:74:8f:88:15:
8c:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:89:46:38:F4:4A:BB:3E:5B:57:11:8F:48:B2:6A:59:CC:64:45:EC
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/F4lGOPRKuz5bVxGPSLJqWcxkRew.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
9a:48:25:8b:f9:d5:e5:af:26:17:c4:8a:71:dd:a7:fc:f8:c7:
b1:9f:a5:4a:59:80:85:1f:6c:95:a5:e5:5e:71:3e:35:b5:b1:
e7:46:87:29:ae:a3:1d:01:06:0c:b3:67:33:f5:fe:52:43:99:
91:45:d3:be:da:65:dd:e2:79:b0:43:35:91:c7:18:ad:ab:2f:
6b:53:0e:82:67:07:8d:34:8e:a0:38:24:19:51:67:df:32:52:
88:1d:f9:f9:e2:0d:29:80:93:32:b2:f4:bd:cf:04:b7:f1:65:
d1:37:5d:bd:18:f0:49:99:2e:a4:5b:f6:6b:1d:93:91:01:b4:
69:3c:0a:b9:d9:06:d2:ab:de:4a:1b:15:87:1f:b1:39:5b:0c:
35:75:54:aa:b0:28:f3:34:68:04:69:6f:a2:cf:e0:b8:0f:b3:
7b:9d:8a:dc:da:dd:62:ad:8f:59:da:23:bf:25:7a:67:92:fe:
bc:6d:b4:04:7c:ff:e8:85:4a:bd:8e:ca:d7:99:0c:f0:20:c1:
c2:d2:24:34:c3:d3:a4:8e:49:1b:1e:3b:62:ad:a4:58:98:0b:
18:9b:c0:b5:13:2a:a1:20:f2:b3:90:57:4c:2b:65:ea:bf:43:
f3:91:eb:b1:f8:44:9b:ac:2a:13:33:b0:86:af:33:e5:fa:d7:
0c:8a:c1:85
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICTpUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDMw
ODUzNDNaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDE3ODk0NjM4RjQ0QUJC
M0U1QjU3MTE4RjQ4QjI2QTU5Q0M2NDQ1RUMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC+W4auIasIefY20qymTj+M6sj7in0SqVYlArPTeD0hchY2Ffya
1ZFjlTdL0VF81tAKac7pXKzfrNTheeERocWRscgwjpmkyl4JN0Rqu0F58uRHLCF9
3cX1bZitZ5m/1QTlnP/frD+rPRkeYGSTZFbyyZJs0ajpTO3dl4FPXEpVHem1bhV4
Wh2Nj0oLsV1/wTLZTJEIgklCHp+CWWOPtSAoBtkNGlYZ3c3ThCkJVEmy+Nc+5OK8
9Xe2qoMCKEcvhYjWNTpbGRxhy880KS+oVwWnGx4rG4CYdzniiCCXTb2TiJOptY4o
PybMVNfiluxE7srlT4+JuR46gJFddI+IFYxBAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUF4lGOPRKuz5bVxGPSLJqWcxkRewwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0Y0bEdPUFJLdXo1YlZ4
R1BTTEpxV2N4a1Jldy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAJpIJYv51eWvJhfE
inHdp/z4x7GfpUpZgIUfbJWl5V5xPjW1sedGhymuox0BBgyzZzP1/lJDmZFF077a
Zd3iebBDNZHHGK2rL2tTDoJnB400jqA4JBlRZ98yUogd+fniDSmAkzKy9L3PBLfx
ZdE3Xb0Y8EmZLqRb9msdk5EBtGk8CrnZBtKr3kobFYcfsTlbDDV1VKqwKPM0aARp
b6LP4LgPs3uditza3WKtj1naI78lemeS/rxttAR8/+iFSr2OyteZDPAgwcLSJDTD
06SOSRseO2KtpFiYCxibwLUTKqEg8rOQV0wrZeq/Q/OR67H4RJusKhMzsIavM+X6
1wyKwYU=
-----END CERTIFICATE-----
Generated at Fri May 3 14:44:29 2024 by rpki-client on console.sobornost.net