Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/GtX3CICexC2t7lp8jjHv_nfZKVw.roa
File: GtX3CICexC2t7lp8jjHv_nfZKVw.roa (raw, json)
Hash identifier: D9O5GKNtJMLIXFAmx029vg4NVizqqKN6YxRYwR7l/ZE=
Subject key identifier: 1A:D5:F7:08:80:9E:C4:2D:AD:EE:5A:7C:8E:31:EF:FE:77:D9:29:5C
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 44F1
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/GtX3CICexC2t7lp8jjHv_nfZKVw.roa
Signing time: Sat 20 Apr 2024 12:23:06 +0000
ROA not before: Sat 20 Apr 2024 12:23:06 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17649 (0x44f1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 20 12:23:06 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=1AD5F708809EC42DADEE5A7C8E31EFFE77D9295C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:06:92:79:e6:b5:f5:df:24:c5:8d:8a:9c:a1:
1b:d0:f0:1e:57:c2:fc:ec:19:d1:0c:a0:7b:d3:61:
4d:2b:71:42:ba:7f:78:73:56:7a:7a:8a:75:d3:8d:
fd:f8:de:c7:af:10:70:0d:20:c8:62:f4:b6:d5:8e:
95:2c:b0:d9:d4:ec:4d:b8:ee:06:5f:f5:88:28:90:
1a:45:48:e3:6b:bb:2c:fe:bc:7b:0b:d5:e1:ae:54:
0b:36:26:4c:64:0e:7d:0b:c4:c8:e6:89:26:a1:43:
3f:fd:9d:00:a4:24:c7:a6:cc:1c:7b:d7:af:22:75:
b8:f8:65:9b:a4:82:83:90:eb:80:b3:a9:93:fb:7b:
7c:64:2e:f3:43:84:ab:95:1f:58:cb:16:31:e5:7a:
81:be:c4:0d:47:c2:e6:01:b6:96:53:e2:50:1e:54:
41:ff:64:fc:0e:aa:0a:af:28:b5:6e:6f:b0:10:fb:
ec:41:2f:91:1a:73:28:52:af:76:8c:73:ce:cc:00:
d7:d1:e7:03:7f:96:83:06:e6:27:ab:5e:14:86:d6:
4f:2f:08:5d:28:9a:7a:da:c6:15:1f:93:e9:45:47:
69:33:b1:4b:53:2f:93:ad:b3:e3:ae:2f:43:ba:42:
b2:b3:45:35:ad:08:59:d6:8b:85:bc:49:fd:cf:26:
c1:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:D5:F7:08:80:9E:C4:2D:AD:EE:5A:7C:8E:31:EF:FE:77:D9:29:5C
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/GtX3CICexC2t7lp8jjHv_nfZKVw.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
7e:96:d8:54:1e:df:62:bf:6f:43:5a:09:35:ef:5c:60:bb:9b:
19:f8:bd:18:8d:fd:c0:cd:3e:34:b3:12:55:25:09:b1:fa:19:
c0:7e:ab:d7:7c:6e:9f:d0:b4:92:2f:1d:f8:2e:30:e7:9e:ad:
76:26:32:69:14:65:bc:b0:52:99:ac:79:ac:55:1d:a9:7a:9c:
a8:bd:cd:cc:76:51:b9:cd:82:2a:8a:66:c0:63:97:91:8e:54:
48:9a:96:3d:43:58:81:95:93:fc:34:c2:f1:11:30:cb:50:b8:
8e:29:95:49:d5:bf:1d:74:65:fd:a7:b5:88:2c:ab:39:7d:13:
a0:13:00:e9:18:d6:e9:12:3e:1e:34:29:27:00:bf:7f:a6:0a:
53:56:74:f9:c3:26:ef:f1:75:0b:dc:c6:1b:70:0e:6e:62:68:
6f:b9:f4:ba:c9:1e:42:56:94:c6:6e:94:25:25:19:e1:76:60:
0a:5c:ee:02:b7:c2:d6:43:ac:2a:cb:2d:6b:60:9a:5c:57:66:
6b:20:28:77:99:24:a2:87:49:88:2a:08:17:74:95:74:61:91:
a6:09:ef:e4:7a:b5:65:8c:2d:d4:75:5f:5e:d2:7e:a7:96:34:
3f:b7:ec:0b:a7:d3:58:02:4d:63:c6:d7:62:21:07:ea:5c:dc:
c1:7d:6a:ba
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICRPEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MjAx
MjIzMDZaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDFBRDVGNzA4ODA5RUM0
MkRBREVFNUE3QzhFMzFFRkZFNzdEOTI5NUMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDTBpJ55rX13yTFjYqcoRvQ8B5XwvzsGdEMoHvTYU0rcUK6f3hz
Vnp6inXTjf343sevEHANIMhi9LbVjpUssNnU7E247gZf9YgokBpFSONruyz+vHsL
1eGuVAs2JkxkDn0LxMjmiSahQz/9nQCkJMemzBx7168idbj4ZZukgoOQ64CzqZP7
e3xkLvNDhKuVH1jLFjHleoG+xA1HwuYBtpZT4lAeVEH/ZPwOqgqvKLVub7AQ++xB
L5EacyhSr3aMc87MANfR5wN/loMG5ierXhSG1k8vCF0omnraxhUfk+lFR2kzsUtT
L5Ots+OuL0O6QrKzRTWtCFnWi4W8Sf3PJsH3AgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUGtX3CICexC2t7lp8jjHv/nfZKVwwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0d0WDNDSUNleEMydDds
cDhqakh2X25mWktWdy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAH6W2FQe32K/b0Na
CTXvXGC7mxn4vRiN/cDNPjSzElUlCbH6GcB+q9d8bp/QtJIvHfguMOeerXYmMmkU
ZbywUpmseaxVHal6nKi9zcx2UbnNgiqKZsBjl5GOVEialj1DWIGVk/w0wvERMMtQ
uI4plUnVvx10Zf2ntYgsqzl9E6ATAOkY1ukSPh40KScAv3+mClNWdPnDJu/xdQvc
xhtwDm5iaG+59LrJHkJWlMZulCUlGeF2YApc7gK3wtZDrCrLLWtgmlxXZmsgKHeZ
JKKHSYgqCBd0lXRhkaYJ7+R6tWWMLdR1X17SfqeWND+37Aun01gCTWPG12IhB+pc
3MF9aro=
-----END CERTIFICATE-----
Generated at Sat Apr 20 17:31:01 2024 by rpki-client on console.sobornost.net