Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/LL-RinEM1QAIcQToZPlYS_ZWmpo.roa
File: LL-RinEM1QAIcQToZPlYS_ZWmpo.roa (raw, json)
Hash identifier: Ff+07NZ+P7BH2efVP1F0Xb2JNe66K+4o2/hbB2KfLd0=
Subject key identifier: 2C:BF:91:8A:71:0C:D5:00:08:71:04:E8:64:F9:58:4B:F6:56:9A:9A
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 5626
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/LL-RinEM1QAIcQToZPlYS_ZWmpo.roa
Signing time: Mon 13 May 2024 10:54:12 +0000
ROA not before: Mon 13 May 2024 10:54:12 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 22054 (0x5626)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 13 10:54:12 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=2CBF918A710CD500087104E864F9584BF6569A9A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:31:ba:7f:4b:aa:67:71:37:58:3e:29:44:7d:
7d:3f:fb:cd:1d:d3:3f:f7:06:55:2b:5d:01:07:d5:
25:ce:3f:6e:2f:04:0d:64:bd:72:63:24:29:b7:be:
a0:25:05:e4:b7:a1:ac:32:e7:ca:51:1a:ed:94:5e:
f6:1b:ee:7a:6f:e6:14:bd:38:b0:ae:c7:bc:73:9a:
06:25:74:49:34:f5:88:1d:5c:c6:26:68:ad:fe:9a:
eb:6f:20:51:2c:8f:73:78:99:6e:4a:aa:e8:f5:9b:
6b:2f:ca:1c:d2:2b:47:e0:dd:5a:d0:22:36:87:51:
41:ff:38:7a:89:c6:53:ca:e8:49:a5:4d:b7:33:44:
77:36:f4:3a:f8:48:eb:71:3a:0d:29:0c:fb:39:d1:
3d:79:28:ab:2f:df:13:c5:36:a6:5d:6e:35:92:94:
8b:bb:2b:cd:92:ca:1d:5a:0c:52:7a:0a:96:05:78:
31:5b:ad:9a:b1:7e:ce:57:36:a4:65:37:99:48:3e:
8b:17:97:3f:ef:28:52:d9:a8:88:e9:26:2c:04:37:
2c:b9:0c:7a:d4:42:ef:51:76:91:53:7b:09:c6:f3:
99:be:79:c7:11:73:e3:7c:a7:47:11:42:81:25:00:
13:6a:0d:fe:8b:5f:4c:5e:6e:04:85:28:d8:c1:53:
ad:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:BF:91:8A:71:0C:D5:00:08:71:04:E8:64:F9:58:4B:F6:56:9A:9A
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/LL-RinEM1QAIcQToZPlYS_ZWmpo.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
05:2b:06:ab:b1:e3:eb:bc:27:67:16:26:ea:67:d5:68:b8:8d:
5b:17:be:fc:29:e0:89:b0:0c:ce:f7:59:d5:80:36:f0:11:83:
7b:22:ef:5e:ea:cc:aa:69:d1:d4:9d:76:42:04:ee:53:75:1f:
24:9a:2e:19:44:c6:22:72:d4:f2:45:0e:2a:1a:15:59:94:8c:
7f:2e:61:c2:ea:ad:b9:0b:f4:92:53:a4:f4:b0:78:7a:a9:97:
6a:2c:fc:14:50:aa:6e:c1:c4:0d:a8:7f:6b:bc:a7:05:90:36:
57:b1:fc:e6:a3:80:b1:37:d8:8d:54:a8:0b:91:ef:26:6d:a9:
cd:86:24:09:dc:9f:2b:56:7d:11:77:e4:0c:ab:a9:fa:89:75:
81:92:b4:e8:d2:ce:4a:e5:48:1c:dc:b2:76:4a:01:c6:89:05:
b0:c9:ce:2a:a6:0b:02:30:02:88:f3:d7:79:8f:9e:a1:6f:2f:
3a:3e:0f:d2:a9:48:f3:a3:f9:57:0b:87:34:d2:a3:4f:e8:a0:
f8:ee:9b:00:0f:9b:23:da:2a:8c:4d:1d:20:7d:85:b7:36:b4:
f2:2f:4b:1e:c2:b2:02:93:00:4d:f9:dd:76:05:bc:89:72:2e:
7e:21:25:8d:1e:76:9f:4d:0f:a8:bf:8b:b2:ea:00:62:5c:03:
f6:0c:c3:1e
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICViYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MTMx
MDU0MTJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDJDQkY5MThBNzEwQ0Q1
MDAwODcxMDRFODY0Rjk1ODRCRjY1NjlBOUEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCzMbp/S6pncTdYPilEfX0/+80d0z/3BlUrXQEH1SXOP24vBA1k
vXJjJCm3vqAlBeS3oawy58pRGu2UXvYb7npv5hS9OLCux7xzmgYldEk09YgdXMYm
aK3+mutvIFEsj3N4mW5Kquj1m2svyhzSK0fg3VrQIjaHUUH/OHqJxlPK6EmlTbcz
RHc29Dr4SOtxOg0pDPs50T15KKsv3xPFNqZdbjWSlIu7K82Syh1aDFJ6CpYFeDFb
rZqxfs5XNqRlN5lIPosXlz/vKFLZqIjpJiwENyy5DHrUQu9RdpFTewnG85m+eccR
c+N8p0cRQoElABNqDf6LX0xebgSFKNjBU61BAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQULL+RinEM1QAIcQToZPlYS/ZWmpowHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0xMLVJpbkVNMVFBSWNR
VG9aUGxZU19aV21wby5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEABSsGq7Hj67wnZxYm6mfVaLiNWxe+/Cng
ibAMzvdZ1YA28BGDeyLvXurMqmnR1J12QgTuU3UfJJouGUTGInLU8kUOKhoVWZSM
fy5hwuqtuQv0klOk9LB4eqmXaiz8FFCqbsHEDah/a7ynBZA2V7H85qOAsTfYjVSo
C5HvJm2pzYYkCdyfK1Z9EXfkDKup+ol1gZK06NLOSuVIHNyydkoBxokFsMnOKqYL
AjACiPPXeY+eoW8vOj4P0qlI86P5VwuHNNKjT+ig+O6bAA+bI9oqjE0dIH2Ftza0
8i9LHsKyApMATfnddgW8iXIufiEljR52n00PqL+LsuoAYlwD9gzDHg==
-----END CERTIFICATE-----
Generated at Mon May 13 15:18:23 2024 by rpki-client on console.sobornost.net