Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/GwtE_rUPB4Ug_ywiHi1mgH2IspQ.roa
File: GwtE_rUPB4Ug_ywiHi1mgH2IspQ.roa (raw, json)
Hash identifier: PuuY1p2wmh223VqlFfjlg+smurQDNT/mhrJQCG3nnYw=
Subject key identifier: 1B:0B:44:FE:B5:0F:07:85:20:FF:2C:22:1E:2D:66:80:7D:88:B2:94
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4CAA
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/GwtE_rUPB4Ug_ywiHi1mgH2IspQ.roa
Signing time: Tue 30 Apr 2024 19:23:36 +0000
ROA not before: Tue 30 Apr 2024 19:23:36 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 19626 (0x4caa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 30 19:23:36 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=1B0B44FEB50F078520FF2C221E2D66807D88B294
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:91:3b:0e:97:8e:1c:fb:ce:1e:e4:80:20:5b:
6d:0d:e9:4e:cb:1b:ee:a6:12:19:0d:04:4b:eb:42:
cf:f9:85:3f:72:c8:15:88:76:a3:dd:59:60:f8:14:
d0:9c:3a:5e:a8:5e:f3:47:91:41:0b:20:aa:5e:e5:
ae:e9:a9:5f:28:7c:0d:af:d2:32:bc:b2:f6:2d:33:
b1:be:d6:4e:3d:3f:e5:ef:3d:e6:23:ba:24:2a:d5:
5d:1d:4b:40:8b:59:ad:1a:e9:21:1c:91:44:b7:c4:
0d:af:41:2d:1a:57:02:19:70:bb:f8:f6:9e:5c:d2:
0f:47:bd:d9:ac:c5:85:0d:df:46:7f:ae:50:38:1f:
19:5f:d9:6a:f4:3e:a6:51:ab:17:e3:20:11:75:b7:
2a:f1:49:af:f3:d3:89:17:ce:d3:b1:5d:7c:59:57:
3f:c0:43:29:ee:2c:9f:6e:4c:cd:a3:42:77:bf:27:
90:1f:22:44:8c:34:e1:16:37:a9:79:e0:a4:12:4e:
f5:79:2c:15:b2:f8:85:13:ae:3b:be:9b:b6:70:8f:
46:40:cb:0a:36:a6:66:a9:58:88:a8:a6:e2:e6:f8:
80:b1:f3:1a:38:39:54:20:e8:bc:73:e3:eb:6b:77:
45:9f:db:43:9b:0b:80:ff:86:2c:b5:f0:e3:f2:b0:
82:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:0B:44:FE:B5:0F:07:85:20:FF:2C:22:1E:2D:66:80:7D:88:B2:94
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/GwtE_rUPB4Ug_ywiHi1mgH2IspQ.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
a7:87:d2:47:03:a8:2d:78:98:b7:b2:81:2a:76:e4:28:f9:91:
aa:29:d5:d1:1b:81:77:94:45:55:b9:e9:0f:76:f4:9b:38:95:
e2:b4:17:7a:4f:17:2f:02:62:4f:e5:2c:89:5e:ec:51:1a:c9:
b1:fd:56:3c:82:b6:20:f5:64:33:64:2d:6a:62:d6:f4:aa:71:
59:36:e0:05:ef:d3:2d:bf:8a:2c:46:93:4a:8a:2d:7e:d3:0e:
df:9f:af:d7:e5:65:eb:a7:e2:93:f1:62:ea:81:4c:de:fa:35:
a4:52:f8:2d:90:8a:66:a0:f1:89:e0:67:59:2d:99:55:30:0b:
cd:eb:c7:97:89:ac:e9:6b:bb:97:c9:2d:42:59:20:bc:c3:d5:
7e:66:4e:d7:d1:7a:8a:94:90:a6:fa:75:c3:f3:30:f1:3c:2e:
cc:b5:12:2e:f9:08:74:e8:fa:2d:81:f4:7d:0a:cd:e8:29:d6:
b7:32:6d:6a:18:d4:8d:ba:67:47:7b:25:61:1e:46:29:81:dd:
f4:e0:af:bf:45:7a:32:b6:15:e1:c9:45:b5:cf:49:c2:1f:53:
65:00:08:c3:1b:d5:ad:26:f5:52:7f:a7:a2:58:15:4c:c1:c4:
12:f4:cb:b7:a3:6d:fb:2d:6d:bb:76:96:5d:85:02:33:86:cc:
f0:2e:93:cc
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICTKowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MzAx
OTIzMzZaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDFCMEI0NEZFQjUwRjA3
ODUyMEZGMkMyMjFFMkQ2NjgwN0Q4OEIyOTQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDkkTsOl44c+84e5IAgW20N6U7LG+6mEhkNBEvrQs/5hT9yyBWI
dqPdWWD4FNCcOl6oXvNHkUELIKpe5a7pqV8ofA2v0jK8svYtM7G+1k49P+XvPeYj
uiQq1V0dS0CLWa0a6SEckUS3xA2vQS0aVwIZcLv49p5c0g9HvdmsxYUN30Z/rlA4
Hxlf2Wr0PqZRqxfjIBF1tyrxSa/z04kXztOxXXxZVz/AQynuLJ9uTM2jQne/J5Af
IkSMNOEWN6l54KQSTvV5LBWy+IUTrju+m7Zwj0ZAywo2pmapWIiopuLm+ICx8xo4
OVQg6Lxz4+trd0Wf20ObC4D/hiy18OPysIJTAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUGwtE/rUPB4Ug/ywiHi1mgH2IspQwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0d3dEVfclVQQjRVZ195
d2lIaTFtZ0gySXNwUS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAp4fSRwOoLXiYt7KBKnbkKPmRqinV0RuB
d5RFVbnpD3b0mziV4rQXek8XLwJiT+UsiV7sURrJsf1WPIK2IPVkM2QtamLW9Kpx
WTbgBe/TLb+KLEaTSootftMO35+v1+Vl66fik/Fi6oFM3vo1pFL4LZCKZqDxieBn
WS2ZVTALzevHl4ms6Wu7l8ktQlkgvMPVfmZO19F6ipSQpvp1w/Mw8TwuzLUSLvkI
dOj6LYH0fQrN6CnWtzJtahjUjbpnR3slYR5GKYHd9OCvv0V6MrYV4clFtc9Jwh9T
ZQAIwxvVrSb1Un+nolgVTMHEEvTLt6Nt+y1tu3aWXYUCM4bM8C6TzA==
-----END CERTIFICATE-----
Generated at Wed May 1 00:37:56 2024 by rpki-client on console.sobornost.net