Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/Nh94AVjWqjFY4Zl09SHuhwMi52s.roa
File: Nh94AVjWqjFY4Zl09SHuhwMi52s.roa (raw, json)
Hash identifier: vf58Ulq+ulBzkX662rVx1hsimPo6cV15NwLjq1sDLTs=
Subject key identifier: 36:1F:78:01:58:D6:AA:31:58:E1:99:74:F5:21:EE:87:03:22:E7:6B
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3C89
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/Nh94AVjWqjFY4Zl09SHuhwMi52s.roa
Signing time: Tue 09 Apr 2024 07:22:35 +0000
ROA not before: Tue 09 Apr 2024 07:22:35 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15497 (0x3c89)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 9 07:22:35 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=361F780158D6AA3158E19974F521EE870322E76B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:c4:68:ea:23:62:77:76:2a:d6:15:d8:b2:71:
9a:01:44:1f:02:50:c3:2e:6f:30:d4:6a:d6:c2:2c:
13:a6:7f:b8:87:12:42:55:e8:11:1d:ba:66:8a:4e:
89:d3:6e:fc:73:59:ae:49:4b:1a:72:31:39:fa:be:
0c:0e:b8:d2:b3:1d:6f:97:1d:b8:f7:ee:5f:e9:88:
4f:29:e7:ad:7c:27:ae:e9:26:8d:0f:06:75:82:4a:
d5:e7:f0:ac:f3:1d:fd:60:65:52:66:e1:48:56:3d:
0c:70:b1:10:35:9e:d6:4f:22:65:a2:29:15:b5:e1:
c0:83:56:cd:d2:6e:e0:e5:92:95:88:87:90:af:1e:
db:1f:65:52:16:84:52:aa:f6:55:3a:fc:ea:20:c9:
bc:71:12:a0:10:4c:35:24:3f:10:eb:d7:a3:c4:33:
a1:d6:76:e8:b2:d7:20:15:e0:01:95:cc:98:51:6e:
c6:f6:c3:47:ac:94:a3:13:44:16:ad:13:18:09:1c:
20:7a:e0:23:b1:2b:f0:b4:f9:d6:36:82:d1:62:1e:
ea:db:8d:24:28:d1:02:73:f8:67:85:cd:60:3c:a9:
f3:77:57:20:cd:42:82:27:ac:32:7a:98:1e:d7:0a:
c0:29:75:b4:2b:3c:fa:c7:f7:1a:be:bc:5c:3b:8c:
95:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:1F:78:01:58:D6:AA:31:58:E1:99:74:F5:21:EE:87:03:22:E7:6B
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/Nh94AVjWqjFY4Zl09SHuhwMi52s.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
69:1c:d0:81:39:35:33:aa:bc:ee:ca:5b:4d:a7:1a:3c:ea:55:
3e:37:31:dc:6b:8e:4a:99:00:ab:49:d3:b4:5e:11:24:3d:57:
45:ea:fa:c9:e6:28:b7:89:ef:c9:b9:4e:92:80:c6:1b:e3:42:
ac:82:2f:d0:9a:05:a1:a4:2b:7d:33:0a:e1:4f:82:b1:84:6d:
f6:66:fc:f2:b4:ff:73:02:27:83:21:fa:e8:ef:96:0f:69:01:
a6:02:86:e5:c3:66:86:64:3e:7d:b4:19:e3:88:81:dd:4e:f8:
c8:3c:f8:84:f3:ae:be:d2:17:30:84:5c:e2:84:6d:75:13:18:
4b:5f:8c:16:5f:87:27:68:17:d0:2c:e7:af:d6:b5:47:45:e1:
d4:71:24:94:b5:de:a3:20:55:5a:17:b5:be:e0:4d:d7:ff:98:
19:dd:39:02:c6:8e:14:af:15:bb:4e:21:e5:21:b5:53:88:34:
cc:4c:9d:e6:33:e9:f7:50:16:77:60:8d:bc:4a:9e:86:a1:30:
1e:b9:f5:3e:60:42:eb:fb:b8:d5:20:b1:d3:2e:a6:eb:6e:0a:
e1:c7:10:b9:55:c1:78:d1:aa:84:b1:57:ef:ac:d1:8f:68:e7:
ab:5e:23:d4:2a:63:8e:3a:a4:3b:7a:58:a7:7f:70:a5:a4:77:
92:6e:d6:0f
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICPIkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDkw
NzIyMzVaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDM2MUY3ODAxNThENkFB
MzE1OEUxOTk3NEY1MjFFRTg3MDMyMkU3NkIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC1xGjqI2J3dirWFdiycZoBRB8CUMMubzDUatbCLBOmf7iHEkJV
6BEdumaKTonTbvxzWa5JSxpyMTn6vgwOuNKzHW+XHbj37l/piE8p5618J67pJo0P
BnWCStXn8KzzHf1gZVJm4UhWPQxwsRA1ntZPImWiKRW14cCDVs3SbuDlkpWIh5Cv
HtsfZVIWhFKq9lU6/OogybxxEqAQTDUkPxDr16PEM6HWduiy1yAV4AGVzJhRbsb2
w0eslKMTRBatExgJHCB64COxK/C0+dY2gtFiHurbjSQo0QJz+GeFzWA8qfN3VyDN
QoInrDJ6mB7XCsApdbQrPPrH9xq+vFw7jJXTAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUNh94AVjWqjFY4Zl09SHuhwMi52swHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L05oOTRBVmpXcWpGWTRa
bDA5U0h1aHdNaTUycy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAGkc0IE5NTOqvO7K
W02nGjzqVT43MdxrjkqZAKtJ07ReESQ9V0Xq+snmKLeJ78m5TpKAxhvjQqyCL9Ca
BaGkK30zCuFPgrGEbfZm/PK0/3MCJ4Mh+ujvlg9pAaYChuXDZoZkPn20GeOIgd1O
+Mg8+ITzrr7SFzCEXOKEbXUTGEtfjBZfhydoF9As56/WtUdF4dRxJJS13qMgVVoX
tb7gTdf/mBndOQLGjhSvFbtOIeUhtVOINMxMneYz6fdQFndgjbxKnoahMB659T5g
Quv7uNUgsdMuputuCuHHELlVwXjRqoSxV++s0Y9o56teI9QqY446pDt6WKd/cKWk
d5Ju1g8=
-----END CERTIFICATE-----
Generated at Tue Apr 9 13:37:39 2024 by rpki-client on console.sobornost.net