Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/KSvpe7F1BDu_PtahYtyjzr9ImxI.roa
File: KSvpe7F1BDu_PtahYtyjzr9ImxI.roa (raw, json)
Hash identifier: LtoNwTphawQNHFaYSCqd0O9JU9lhNwqYTtyNH0qXcNI=
Subject key identifier: 29:2B:E9:7B:B1:75:04:3B:BF:3E:D6:A1:62:DC:A3:CE:BF:48:9B:12
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4C76
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/KSvpe7F1BDu_PtahYtyjzr9ImxI.roa
Signing time: Tue 30 Apr 2024 12:53:35 +0000
ROA not before: Tue 30 Apr 2024 12:53:35 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 19574 (0x4c76)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 30 12:53:35 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=292BE97BB175043BBF3ED6A162DCA3CEBF489B12
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:01:8a:24:c9:62:bc:2d:9d:64:8d:eb:77:47:
7d:b3:34:cd:2b:da:4e:15:47:e0:97:f3:07:ad:db:
ee:2f:62:7e:4c:6d:83:ca:84:eb:29:7b:a6:2a:06:
88:d5:82:b2:a8:51:a3:24:72:46:12:82:7f:d6:ec:
70:0e:07:5b:bd:0c:21:dc:56:bf:50:7a:af:54:ee:
3f:3c:d4:c8:ca:c6:09:45:40:24:2b:64:cc:68:a6:
45:43:57:d7:0d:c4:b6:99:02:01:20:82:8e:9a:f3:
c4:91:18:ce:78:b2:00:ca:42:d5:53:89:5f:9c:07:
ec:1c:5a:bd:d2:ed:9f:f5:30:27:8e:0e:9a:de:ca:
98:5f:e8:bb:b1:a6:1f:66:cb:82:84:4d:10:bf:d1:
91:dd:e2:1f:42:75:08:7f:6b:55:70:73:25:74:96:
8e:7d:5e:d5:b3:76:bf:e1:61:f8:25:99:3e:fa:ee:
ce:44:5d:bd:f3:84:07:84:89:7d:17:15:1f:cf:8c:
25:7d:d7:ae:5c:86:e9:9a:34:69:62:1c:71:9e:13:
8f:78:f3:47:62:af:ad:0e:d2:f6:15:56:77:1d:74:
eb:df:bf:33:54:2f:8c:f4:73:bf:b8:7d:bd:50:31:
c3:20:08:04:6c:77:d6:9b:44:be:2f:26:fa:d5:f9:
43:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:2B:E9:7B:B1:75:04:3B:BF:3E:D6:A1:62:DC:A3:CE:BF:48:9B:12
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/KSvpe7F1BDu_PtahYtyjzr9ImxI.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
b1:4c:28:86:f4:41:db:1a:db:4c:b5:55:44:84:1c:7e:bb:93:
14:66:91:da:fd:81:02:7e:98:5a:1b:bc:a0:db:49:66:9e:b5:
75:c6:91:39:2c:62:31:7f:94:2c:5c:b9:70:1a:bd:9e:39:d8:
1f:75:90:04:e1:75:bc:6b:b0:9e:3e:bc:8c:7f:09:60:e2:65:
ff:c6:a0:87:63:6c:86:ed:00:c2:95:b7:1c:d9:ab:99:61:08:
5e:67:70:cf:24:dd:89:53:dc:72:12:09:b0:de:d7:0b:13:6e:
3c:ed:11:10:d0:f1:31:fd:b3:2e:9c:e7:9a:d2:14:12:40:47:
8c:11:2f:3b:c6:d2:83:58:b5:98:d9:62:79:52:26:72:90:2b:
12:06:e1:5d:aa:d0:59:1d:b6:1b:b5:72:ac:17:70:2a:2c:1e:
d4:50:37:e1:0b:ed:21:84:3d:1f:6b:5b:20:ba:8b:70:73:09:
f4:ef:0d:fa:95:d2:62:61:47:c3:85:cb:6e:55:f6:e8:bd:ff:
dc:6b:d4:e4:21:db:c7:99:84:00:12:d3:55:fc:9c:48:96:ff:
5e:56:cb:14:d2:7e:28:64:59:71:5c:15:5b:a1:47:b7:a5:7a:
9c:93:80:be:f7:92:5d:0f:ff:f1:ea:fa:d9:d5:81:77:28:61:
1a:5a:05:d8
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICTHYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MzAx
MjUzMzVaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDI5MkJFOTdCQjE3NTA0
M0JCRjNFRDZBMTYyRENBM0NFQkY0ODlCMTIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDCAYokyWK8LZ1kjet3R32zNM0r2k4VR+CX8wet2+4vYn5MbYPK
hOspe6YqBojVgrKoUaMkckYSgn/W7HAOB1u9DCHcVr9Qeq9U7j881MjKxglFQCQr
ZMxopkVDV9cNxLaZAgEggo6a88SRGM54sgDKQtVTiV+cB+wcWr3S7Z/1MCeODpre
yphf6Luxph9my4KETRC/0ZHd4h9CdQh/a1VwcyV0lo59XtWzdr/hYfglmT767s5E
Xb3zhAeEiX0XFR/PjCV9165chumaNGliHHGeE49480dir60O0vYVVncddOvfvzNU
L4z0c7+4fb1QMcMgCARsd9abRL4vJvrV+UOrAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUKSvpe7F1BDu/PtahYtyjzr9ImxIwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0tTdnBlN0YxQkR1X1B0
YWhZdHlqenI5SW14SS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAsUwohvRB2xrbTLVVRIQcfruTFGaR2v2B
An6YWhu8oNtJZp61dcaROSxiMX+ULFy5cBq9njnYH3WQBOF1vGuwnj68jH8JYOJl
/8agh2Nshu0AwpW3HNmrmWEIXmdwzyTdiVPcchIJsN7XCxNuPO0RENDxMf2zLpzn
mtIUEkBHjBEvO8bSg1i1mNlieVImcpArEgbhXarQWR22G7VyrBdwKiwe1FA34Qvt
IYQ9H2tbILqLcHMJ9O8N+pXSYmFHw4XLblX26L3/3GvU5CHbx5mEABLTVfycSJb/
XlbLFNJ+KGRZcVwVW6FHt6V6nJOAvveSXQ//8er62dWBdyhhGloF2A==
-----END CERTIFICATE-----
Generated at Tue Apr 30 16:38:53 2024 by rpki-client on console.sobornost.net