Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/SAExywy9veSjSBJbo-7AEw9suTY.roa
File: SAExywy9veSjSBJbo-7AEw9suTY.roa (raw, json)
Hash identifier: 356iidx1mo0vXZDZ7s/lO9TZ3wXGK29SSathtvX7LIk=
Subject key identifier: 48:01:31:CB:0C:BD:BD:E4:A3:48:12:5B:A3:EE:C0:13:0F:6C:B9:36
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3AB2
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/SAExywy9veSjSBJbo-7AEw9suTY.roa
Signing time: Sat 06 Apr 2024 20:22:32 +0000
ROA not before: Sat 06 Apr 2024 20:22:32 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15026 (0x3ab2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 6 20:22:32 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=480131CB0CBDBDE4A348125BA3EEC0130F6CB936
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:49:0c:43:7b:5c:2d:a6:dc:9b:2b:3d:f2:91:
ef:78:41:11:ba:d0:1f:27:bf:7a:24:08:1f:50:25:
1f:74:ad:d6:e9:76:71:c0:f0:d9:fa:b5:16:20:b0:
54:83:ae:a8:cb:0a:a0:64:eb:3c:bb:9c:3e:f7:d7:
f3:09:f4:00:75:34:39:35:b3:45:20:91:f0:d8:3b:
08:7b:56:b8:5d:b8:a1:45:88:27:f7:e2:e6:1a:8b:
82:21:f6:26:76:47:08:84:af:a8:80:5b:90:05:65:
3b:14:9f:66:56:9f:20:fb:4c:77:49:d9:bc:74:3c:
b0:94:2c:51:0f:68:e9:ab:52:d9:d5:e1:8f:5f:7e:
66:c7:3c:63:7e:b9:af:ee:1e:07:2d:41:da:ff:f4:
d6:a7:89:a0:0b:9f:90:75:3a:14:af:51:0b:86:33:
fa:71:8a:58:6c:1d:70:f4:a1:2b:97:8e:56:14:04:
e0:36:c2:b5:2f:0b:c9:78:be:e0:23:0c:1f:ef:fc:
1a:78:a6:7a:8c:f4:35:99:f7:06:e2:11:76:bc:c6:
0a:c8:ce:b3:e6:a5:e2:59:c2:44:3d:24:8c:ab:8a:
0f:30:b9:bb:72:25:a8:6e:46:36:41:6a:28:0f:b6:
8e:02:ad:43:62:e7:c0:b8:58:0e:cb:70:c5:71:81:
67:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:01:31:CB:0C:BD:BD:E4:A3:48:12:5B:A3:EE:C0:13:0F:6C:B9:36
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/SAExywy9veSjSBJbo-7AEw9suTY.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
4c:a8:a7:e4:4d:f6:2e:2d:0b:7d:e8:a9:0e:c5:d3:e3:f6:10:
1f:84:6c:d4:1f:17:bc:ab:de:6e:7c:a3:0d:bc:03:c1:af:f5:
3f:f4:ac:0a:90:7e:00:2c:1a:b3:e8:56:be:ba:4b:4e:7e:1e:
df:ca:9f:c9:af:3c:e4:6a:6e:0b:02:dd:f4:42:42:25:2c:80:
fc:b1:93:8b:9a:89:ec:a1:1e:81:91:3d:7b:4d:5f:90:70:86:
7d:0f:38:b5:02:1e:d5:ce:25:a4:da:ee:1c:c6:ef:29:6e:74:
b9:82:07:1e:33:66:33:c9:bf:08:95:2c:0f:72:15:e7:2b:82:
64:9b:73:5a:f8:d9:80:fe:8a:21:6f:4a:e7:2a:ac:f9:db:f4:
ad:6a:99:c8:12:e0:85:26:0e:5f:c3:ec:b8:25:b3:1f:89:7e:
1d:02:ac:eb:46:fd:b6:ee:12:5e:03:07:62:16:b0:b4:e4:a9:
06:cc:a6:71:48:a0:4c:3e:c9:2d:39:4f:eb:d7:d9:6f:00:15:
3b:a0:52:64:90:8b:e8:7c:fd:e5:e9:6e:68:b9:9d:69:e5:99:
bf:dc:59:66:0e:2f:bd:5f:60:d9:16:83:bd:e5:9d:d0:27:8e:
ce:bc:29:b5:ef:c1:df:6d:02:02:f4:4c:56:75:b3:c8:18:c0:
1c:cb:f1:67
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICOrIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDYy
MDIyMzJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDQ4MDEzMUNCMENCREJE
RTRBMzQ4MTI1QkEzRUVDMDEzMEY2Q0I5MzYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDJSQxDe1wtptybKz3yke94QRG60B8nv3okCB9QJR90rdbpdnHA
8Nn6tRYgsFSDrqjLCqBk6zy7nD731/MJ9AB1NDk1s0UgkfDYOwh7VrhduKFFiCf3
4uYai4Ih9iZ2RwiEr6iAW5AFZTsUn2ZWnyD7THdJ2bx0PLCULFEPaOmrUtnV4Y9f
fmbHPGN+ua/uHgctQdr/9NaniaALn5B1OhSvUQuGM/pxilhsHXD0oSuXjlYUBOA2
wrUvC8l4vuAjDB/v/Bp4pnqM9DWZ9wbiEXa8xgrIzrPmpeJZwkQ9JIyrig8wubty
JahuRjZBaigPto4CrUNi58C4WA7LcMVxgWfFAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUSAExywy9veSjSBJbo+7AEw9suTYwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1NBRXh5d3k5dmVTalNC
SmJvLTdBRXc5c3VUWS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEATKin5E32Li0LfeipDsXT4/YQH4Rs1B8X
vKvebnyjDbwDwa/1P/SsCpB+ACwas+hWvrpLTn4e38qfya885GpuCwLd9EJCJSyA
/LGTi5qJ7KEegZE9e01fkHCGfQ84tQIe1c4lpNruHMbvKW50uYIHHjNmM8m/CJUs
D3IV5yuCZJtzWvjZgP6KIW9K5yqs+dv0rWqZyBLghSYOX8PsuCWzH4l+HQKs60b9
tu4SXgMHYhawtOSpBsymcUigTD7JLTlP69fZbwAVO6BSZJCL6Hz95eluaLmdaeWZ
v9xZZg4vvV9g2RaDveWd0CeOzrwpte/B320CAvRMVnWzyBjAHMvxZw==
-----END CERTIFICATE-----
Generated at Sun Apr 7 03:14:14 2024 by rpki-client on console.sobornost.net