Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/R_5rqTG4tEIPHehDJDf1pFJ91ag.roa
File: R_5rqTG4tEIPHehDJDf1pFJ91ag.roa (raw, json)
Hash identifier: jfSTbCdEsU9R7nhPmohhy2uLmd3j6eJei3pxfGmx7pw=
Subject key identifier: 47:FE:6B:A9:31:B8:B4:42:0F:1D:E8:43:24:37:F5:A4:52:7D:D5:A8
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 47E5
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/R_5rqTG4tEIPHehDJDf1pFJ91ag.roa
Signing time: Wed 24 Apr 2024 10:53:13 +0000
ROA not before: Wed 24 Apr 2024 10:53:13 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18405 (0x47e5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 24 10:53:13 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=47FE6BA931B8B4420F1DE8432437F5A4527DD5A8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:0b:3e:3a:e1:69:61:0e:22:3d:90:ec:ee:0f:
b6:06:38:a7:3c:97:a2:db:36:d5:26:4f:1e:ef:e3:
3c:b2:dd:b2:69:70:3d:9b:26:90:0b:74:ab:17:a3:
28:d2:31:6b:96:a9:a8:43:a9:fa:9d:4c:2a:fc:62:
f8:03:04:ed:bd:20:1c:33:56:51:ab:e4:d0:02:cd:
18:60:9b:0b:8d:a1:20:4d:2f:4d:e9:97:bf:c0:14:
b2:c6:bd:23:69:a7:e3:1c:10:cb:3d:32:43:99:6a:
ce:83:8c:3b:f7:66:c7:de:7b:71:45:a6:fd:64:a8:
00:32:80:f4:c0:bf:2d:f1:76:03:25:1a:82:0d:5e:
68:db:80:0f:76:a2:18:34:7a:ae:0e:f1:c2:fc:3f:
28:f8:5a:95:c8:66:98:06:2a:d9:78:02:54:0a:66:
05:7a:57:ae:9a:ba:8f:14:3b:66:bc:5e:6b:3b:44:
0e:ff:ae:50:8c:ae:38:9e:53:e6:be:9c:8f:dd:02:
a0:b4:9a:0a:21:50:6f:fe:f8:a0:f8:44:b4:9d:a5:
2f:57:06:cc:e4:eb:83:81:58:0e:56:16:4b:22:18:
2a:8c:a6:14:fb:07:a9:1b:43:6b:6e:7d:79:73:28:
7f:fa:ff:44:1a:28:e5:12:cc:3f:fd:32:4e:2a:52:
9e:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:FE:6B:A9:31:B8:B4:42:0F:1D:E8:43:24:37:F5:A4:52:7D:D5:A8
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/R_5rqTG4tEIPHehDJDf1pFJ91ag.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
97:e8:96:e1:3d:14:a2:d7:ab:b3:27:2c:93:85:4a:fe:95:61:
0b:4b:69:a9:fc:ff:98:3a:3f:0b:01:28:21:55:c9:f0:8d:40:
de:95:bb:00:7f:8b:68:27:e1:2a:24:77:59:a7:dd:e1:42:a7:
e0:a0:a9:f1:48:8c:a9:c3:79:c1:e7:d3:48:a2:01:78:82:e2:
d3:47:63:2b:a9:9c:1c:03:7b:ef:e2:45:69:2f:e7:4a:d0:9d:
f2:09:f4:40:d6:ff:bc:70:f5:00:e7:d8:95:97:45:0b:86:9e:
31:65:db:61:53:d5:93:70:43:f3:9b:63:23:5e:6e:05:f8:00:
12:49:a6:5d:36:ff:8b:46:67:fa:23:35:2f:e6:b8:41:48:61:
e0:ec:84:8d:39:f8:59:57:39:b7:ce:ed:fa:1a:fd:74:d9:3e:
57:32:26:b1:af:eb:c6:3a:fc:96:04:18:a1:34:ad:08:d7:aa:
61:1e:d1:fb:dd:8a:22:35:06:9f:81:e5:59:b8:69:ac:9e:9e:
4d:24:9e:85:95:cb:ec:de:d3:5e:18:ea:7e:c6:61:59:05:86:
f6:94:67:1f:78:07:c6:0a:a6:b8:27:9f:4c:e1:8e:14:a3:ef:
b1:69:0f:a7:8b:d9:cb:b6:26:49:5a:24:97:12:90:ef:20:2e:
3b:85:ec:eb
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICR+UwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MjQx
MDUzMTNaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDQ3RkU2QkE5MzFCOEI0
NDIwRjFERTg0MzI0MzdGNUE0NTI3REQ1QTgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCfCz464WlhDiI9kOzuD7YGOKc8l6LbNtUmTx7v4zyy3bJpcD2b
JpALdKsXoyjSMWuWqahDqfqdTCr8YvgDBO29IBwzVlGr5NACzRhgmwuNoSBNL03p
l7/AFLLGvSNpp+McEMs9MkOZas6DjDv3Zsfee3FFpv1kqAAygPTAvy3xdgMlGoIN
XmjbgA92ohg0eq4O8cL8Pyj4WpXIZpgGKtl4AlQKZgV6V66auo8UO2a8Xms7RA7/
rlCMrjieU+a+nI/dAqC0mgohUG/++KD4RLSdpS9XBszk64OBWA5WFksiGCqMphT7
B6kbQ2tufXlzKH/6/0QaKOUSzD/9Mk4qUp7VAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUR/5rqTG4tEIPHehDJDf1pFJ91agwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1JfNXJxVEc0dEVJUEhl
aERKRGYxcEZKOTFhZy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAJfoluE9FKLXq7Mn
LJOFSv6VYQtLaan8/5g6PwsBKCFVyfCNQN6VuwB/i2gn4Sokd1mn3eFCp+CgqfFI
jKnDecHn00iiAXiC4tNHYyupnBwDe+/iRWkv50rQnfIJ9EDW/7xw9QDn2JWXRQuG
njFl22FT1ZNwQ/ObYyNebgX4ABJJpl02/4tGZ/ojNS/muEFIYeDshI05+FlXObfO
7foa/XTZPlcyJrGv68Y6/JYEGKE0rQjXqmEe0fvdiiI1Bp+B5Vm4aayenk0knoWV
y+ze014Y6n7GYVkFhvaUZx94B8YKprgnn0zhjhSj77FpD6eL2cu2JklaJJcSkO8g
LjuF7Os=
-----END CERTIFICATE-----
Generated at Wed Apr 24 17:55:40 2024 by rpki-client on console.sobornost.net