Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/QAlBCduYwuVXI4bUcKIyBKpU7_E.roa
File: QAlBCduYwuVXI4bUcKIyBKpU7_E.roa (raw, json)
Hash identifier: tBLWMVq4bvIsgCW5C0O8j79UdXEaTZPhzIHpqfQzzL8=
Subject key identifier: 40:09:41:09:DB:98:C2:E5:57:23:86:D4:70:A2:32:04:AA:54:EF:F1
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4235
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/QAlBCduYwuVXI4bUcKIyBKpU7_E.roa
Signing time: Tue 16 Apr 2024 20:52:57 +0000
ROA not before: Tue 16 Apr 2024 20:52:57 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16949 (0x4235)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 16 20:52:57 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=40094109DB98C2E5572386D470A23204AA54EFF1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:31:83:d2:7f:3d:1d:30:93:05:89:de:cd:d6:
57:fb:7f:cc:45:69:42:60:4a:3e:9f:28:2f:81:13:
ea:37:34:4c:eb:97:78:2f:15:5a:0d:a5:71:5c:e2:
49:a1:d2:e6:36:8d:38:71:fc:c8:a6:33:54:5c:88:
52:96:a2:13:2b:52:b9:f8:99:09:59:86:88:8a:c9:
5e:d6:bc:75:f4:c2:68:9e:57:b7:02:aa:22:11:f1:
87:b9:f5:19:2d:a7:71:67:d5:ef:d4:6b:09:dd:41:
bc:f4:a5:33:1d:0e:ee:08:4a:e0:9c:21:b7:85:ac:
62:30:45:9c:c8:d8:8c:b1:81:40:e8:5c:1b:76:f8:
a3:12:21:e3:64:cf:14:c0:c1:89:94:52:ad:3c:9c:
14:32:0d:36:c5:37:66:0c:a6:32:7c:35:79:e0:2a:
f4:f1:d0:96:4d:b3:d5:07:cc:5e:01:f9:ec:e2:96:
9f:42:df:3a:6d:ad:b4:f3:82:8c:2d:67:af:f9:ff:
76:d4:07:d6:73:56:31:9b:24:01:ad:ee:86:58:c2:
f7:d1:3a:ce:43:38:26:e8:67:b0:f5:b0:2e:8a:c2:
19:bc:6f:95:05:92:10:08:6f:71:83:ff:d8:d5:1d:
87:c3:e9:af:b5:f8:74:7b:2b:4f:18:fc:0d:75:08:
53:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:09:41:09:DB:98:C2:E5:57:23:86:D4:70:A2:32:04:AA:54:EF:F1
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/QAlBCduYwuVXI4bUcKIyBKpU7_E.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
91:92:29:4c:ac:51:43:7e:f7:d6:85:c9:d5:c1:93:bf:d6:51:
b3:26:25:9d:71:4a:44:13:61:08:b2:2f:11:14:bc:d9:a9:ce:
c9:0a:b8:f5:74:d3:f5:86:2b:2c:03:85:dc:40:c0:15:18:5f:
58:51:c4:f0:86:9c:c9:f5:d5:40:ae:ce:80:2f:83:c4:ea:86:
36:8c:f0:37:92:be:9f:d4:9b:b0:6b:0f:47:0f:0c:3e:28:a4:
6f:11:5c:6e:67:16:08:4a:7d:10:0f:59:76:4c:12:3a:10:4c:
af:ba:38:c5:81:45:bf:be:cb:d3:b1:f1:b7:ab:e9:24:af:f1:
29:86:df:9c:a8:70:12:7d:42:24:51:c1:c7:3e:dc:97:4b:f2:
10:57:7b:56:bc:bc:46:08:b9:da:a2:df:7c:11:d7:9a:d9:5b:
47:3a:9f:76:ed:df:58:40:fe:0f:53:20:5f:a4:d0:78:b1:2a:
b6:3a:5e:4c:28:b7:23:36:47:95:5e:ec:4e:59:33:25:dc:60:
ce:a4:27:3e:6e:21:84:9c:5e:e5:be:be:ab:1b:fe:c1:69:46:
3f:3b:98:f1:21:c3:e7:f2:b0:e8:fe:a8:08:97:b9:14:98:14:
4e:42:97:3c:94:b6:75:68:2d:55:72:14:64:8b:29:90:fc:61:
4e:08:b0:0d
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICQjUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTYy
MDUyNTdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDQwMDk0MTA5REI5OEMy
RTU1NzIzODZENDcwQTIzMjA0QUE1NEVGRjEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC5MYPSfz0dMJMFid7N1lf7f8xFaUJgSj6fKC+BE+o3NEzrl3gv
FVoNpXFc4kmh0uY2jThx/MimM1RciFKWohMrUrn4mQlZhoiKyV7WvHX0wmieV7cC
qiIR8Ye59Rktp3Fn1e/UawndQbz0pTMdDu4ISuCcIbeFrGIwRZzI2IyxgUDoXBt2
+KMSIeNkzxTAwYmUUq08nBQyDTbFN2YMpjJ8NXngKvTx0JZNs9UHzF4B+ezilp9C
3zptrbTzgowtZ6/5/3bUB9ZzVjGbJAGt7oZYwvfROs5DOCboZ7D1sC6Kwhm8b5UF
khAIb3GD/9jVHYfD6a+1+HR7K08Y/A11CFMjAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUQAlBCduYwuVXI4bUcKIyBKpU7/EwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1FBbEJDZHVZd3VWWEk0
YlVjS0l5QktwVTdfRS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAJGSKUysUUN+99aF
ydXBk7/WUbMmJZ1xSkQTYQiyLxEUvNmpzskKuPV00/WGKywDhdxAwBUYX1hRxPCG
nMn11UCuzoAvg8TqhjaM8DeSvp/Um7BrD0cPDD4opG8RXG5nFghKfRAPWXZMEjoQ
TK+6OMWBRb++y9Ox8ber6SSv8SmG35yocBJ9QiRRwcc+3JdL8hBXe1a8vEYIudqi
33wR15rZW0c6n3bt31hA/g9TIF+k0HixKrY6XkwotyM2R5Ve7E5ZMyXcYM6kJz5u
IYScXuW+vqsb/sFpRj87mPEhw+fysOj+qAiXuRSYFE5ClzyUtnVoLVVyFGSLKZD8
YU4IsA0=
-----END CERTIFICATE-----
Generated at Wed Apr 17 04:19:29 2024 by rpki-client on console.sobornost.net