Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/PwZrh3BHYpa3FgunCiBlKBwCDow.roa
File: PwZrh3BHYpa3FgunCiBlKBwCDow.roa (raw, json)
Hash identifier: QJ9eutyiLmm7jV1EKWYDBqYAdrw4mE/h8U81K9JXo2E=
Subject key identifier: 3F:06:6B:87:70:47:62:96:B7:16:0B:A7:0A:20:65:28:1C:02:0E:8C
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3839
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/PwZrh3BHYpa3FgunCiBlKBwCDow.roa
Signing time: Wed 03 Apr 2024 13:22:18 +0000
ROA not before: Wed 03 Apr 2024 13:22:18 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14393 (0x3839)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 3 13:22:18 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=3F066B8770476296B7160BA70A2065281C020E8C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:f6:7b:cf:11:09:70:28:57:9e:3d:c8:98:42:
b3:7e:16:b1:73:c8:84:81:23:e6:1b:05:c3:02:43:
3f:a5:22:19:7e:56:ce:83:c5:96:4f:08:df:32:c0:
67:75:ea:40:9d:24:cb:9c:aa:7d:fb:1e:db:7c:d6:
ca:49:4d:81:4a:cd:83:6b:bf:6c:4d:cd:39:ce:4e:
b9:a8:8a:59:5b:64:19:28:e6:2d:64:a6:10:68:5e:
27:67:b7:8c:16:62:b2:5a:33:d8:d8:6d:48:55:fa:
f3:96:28:bd:42:0e:c7:27:5d:c6:87:f8:e1:87:5c:
2d:dc:ca:d4:f4:c1:e8:2c:08:c9:82:a1:9e:10:a2:
74:d3:16:50:e1:a2:84:6a:00:5e:8e:44:46:7f:6b:
ec:ab:c5:37:61:ad:00:56:d1:4f:81:8a:f7:b1:68:
3a:6a:bf:53:3e:2b:0c:77:c6:43:be:6a:45:1a:4f:
42:1a:77:9d:d1:32:be:31:ef:eb:63:2b:88:5e:fc:
1b:1f:51:28:a3:b4:df:72:fd:e2:1a:ce:45:d7:2c:
a3:36:1b:be:b1:4c:68:12:6d:10:75:04:d7:25:a5:
ac:c5:e7:0f:ff:36:37:6f:4b:40:0c:7b:87:14:ec:
2e:69:4e:f7:9e:19:26:ee:eb:5d:43:20:77:97:58:
e3:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:06:6B:87:70:47:62:96:B7:16:0B:A7:0A:20:65:28:1C:02:0E:8C
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/PwZrh3BHYpa3FgunCiBlKBwCDow.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
ae:5b:ca:b2:70:35:ac:e7:57:89:40:8a:5a:29:20:bf:2f:3d:
2e:9f:18:6d:84:b7:b1:fa:b1:66:93:e7:a8:a3:1b:8c:8c:85:
74:dc:46:0a:85:d5:0d:36:1e:98:4c:0c:a3:2b:7d:d9:a3:b3:
46:a3:ea:db:2b:9e:7d:82:fd:2d:a5:c0:29:7c:11:23:49:df:
4c:0e:9b:b7:12:fb:2b:05:97:4e:79:87:c1:ef:4f:aa:30:56:
6b:9d:23:7e:63:86:95:f5:66:c3:39:09:da:45:92:38:44:66:
e1:42:eb:71:a1:a3:c9:4d:79:c5:8d:66:42:08:e6:ec:f4:8c:
f2:00:e4:1a:ac:12:81:69:40:bc:55:27:d7:26:1f:6a:c6:3a:
12:a3:98:74:6f:92:64:80:01:19:be:fa:7a:45:3d:b4:74:0a:
4a:d0:bd:dd:74:d3:fa:63:b8:e9:9b:22:bd:cf:5e:07:c1:14:
bc:7f:17:5d:4b:60:e1:38:e9:b4:26:af:d1:8b:63:e7:1b:8f:
fe:9b:e7:d8:82:9c:e9:9a:1c:f5:e5:0a:10:08:ce:5e:55:8e:
54:12:91:cf:3f:e9:ca:17:bc:db:29:08:0a:57:aa:0e:0a:2c:
b7:24:f8:52:9b:9d:8c:a1:56:ba:32:b4:9d:51:57:c5:ab:86:
3a:da:61:30
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICODkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDMx
MzIyMThaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDNGMDY2Qjg3NzA0NzYy
OTZCNzE2MEJBNzBBMjA2NTI4MUMwMjBFOEMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDP9nvPEQlwKFeePciYQrN+FrFzyISBI+YbBcMCQz+lIhl+Vs6D
xZZPCN8ywGd16kCdJMucqn37Htt81spJTYFKzYNrv2xNzTnOTrmoillbZBko5i1k
phBoXidnt4wWYrJaM9jYbUhV+vOWKL1CDscnXcaH+OGHXC3cytT0wegsCMmCoZ4Q
onTTFlDhooRqAF6OREZ/a+yrxTdhrQBW0U+BivexaDpqv1M+Kwx3xkO+akUaT0Ia
d53RMr4x7+tjK4he/BsfUSijtN9y/eIazkXXLKM2G76xTGgSbRB1BNclpazF5w//
NjdvS0AMe4cU7C5pTveeGSbu611DIHeXWOMbAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUPwZrh3BHYpa3FgunCiBlKBwCDowwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1B3WnJoM0JIWXBhM0Zn
dW5DaUJsS0J3Q0Rvdy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAK5byrJwNaznV4lA
ilopIL8vPS6fGG2Et7H6sWaT56ijG4yMhXTcRgqF1Q02HphMDKMrfdmjs0aj6tsr
nn2C/S2lwCl8ESNJ30wOm7cS+ysFl055h8HvT6owVmudI35jhpX1ZsM5CdpFkjhE
ZuFC63Gho8lNecWNZkII5uz0jPIA5BqsEoFpQLxVJ9cmH2rGOhKjmHRvkmSAARm+
+npFPbR0CkrQvd100/pjuOmbIr3PXgfBFLx/F11LYOE46bQmr9GLY+cbj/6b59iC
nOmaHPXlChAIzl5VjlQSkc8/6coXvNspCApXqg4KLLck+FKbnYyhVroytJ1RV8Wr
hjraYTA=
-----END CERTIFICATE-----
Generated at Wed Apr 3 20:02:37 2024 by rpki-client on console.sobornost.net