Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/SZEdc1T7-yWSrFVNPxG5lAVgq7M.roa
File: SZEdc1T7-yWSrFVNPxG5lAVgq7M.roa (raw, json)
Hash identifier: yCCvkVqPVymJGjQsRDn2gqf26GPwfCURQ9K96ug14Xs=
Subject key identifier: 49:91:1D:73:54:FB:FB:25:92:AC:55:4D:3F:11:B9:94:05:60:AB:B3
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3ADA
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/SZEdc1T7-yWSrFVNPxG5lAVgq7M.roa
Signing time: Sun 07 Apr 2024 01:22:33 +0000
ROA not before: Sun 07 Apr 2024 01:22:33 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15066 (0x3ada)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 7 01:22:33 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=49911D7354FBFB2592AC554D3F11B9940560ABB3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:72:7e:fd:68:5f:79:49:97:63:04:24:17:a3:
2b:12:ce:92:49:41:2e:61:40:6c:de:9e:ec:a9:77:
5c:fa:3f:09:95:56:17:1b:d7:10:71:09:a8:9c:a1:
6d:fe:d3:9d:90:d9:d2:52:22:f2:be:bd:6c:44:c4:
94:c5:a9:fe:bd:93:66:2a:3e:19:e3:c6:5e:30:30:
00:79:db:11:62:53:09:87:03:50:3b:1e:42:ef:c7:
e4:e1:d9:f4:d2:54:51:86:4b:79:64:03:86:98:07:
67:fb:26:71:c9:86:fc:53:90:5e:8e:0d:3e:05:d9:
e1:b1:b4:c4:dd:30:74:a8:ad:0e:a2:7b:a8:ad:85:
31:a6:9a:7f:72:8e:fb:28:ee:d6:62:fb:0f:b9:70:
79:57:37:33:4e:39:57:e1:bb:9a:42:2c:cd:8c:fa:
0c:d5:72:16:c8:5b:8e:f1:09:ae:d7:ea:8c:41:69:
6a:32:df:75:e9:b9:cb:4a:e6:15:70:14:b9:00:ac:
4e:10:88:29:54:8b:04:6b:83:a0:c6:6c:42:0f:a8:
de:c3:ec:84:e3:d9:27:da:e4:84:1d:a7:22:95:15:
ff:d1:e6:ee:dc:d9:cf:a1:6d:dc:09:de:2f:11:16:
07:19:b8:4f:f9:6f:ae:6a:c8:c4:6e:06:78:c8:d2:
33:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:91:1D:73:54:FB:FB:25:92:AC:55:4D:3F:11:B9:94:05:60:AB:B3
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/SZEdc1T7-yWSrFVNPxG5lAVgq7M.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
8f:05:d0:1b:18:11:c0:a0:e0:5c:92:47:3c:6e:e4:1e:14:49:
db:fb:8f:ae:9a:60:77:47:4e:40:ad:fc:58:a2:ee:96:1b:8d:
68:35:b4:df:16:82:e4:2c:62:44:e4:aa:f9:34:70:23:68:26:
be:bc:34:09:8e:e3:0d:b5:fa:d5:a1:9c:99:2b:c9:92:68:73:
b5:67:db:b5:3f:53:80:58:4f:1f:a7:5a:ea:9e:a7:39:18:07:
72:04:b6:8a:e3:ed:cf:7b:73:a4:77:ce:ec:da:c0:c1:de:ef:
fd:5b:0d:a6:8b:57:50:ed:8b:18:96:31:03:07:e8:af:d7:7d:
31:84:b6:92:6f:d6:44:96:a7:fb:0c:da:91:09:65:ea:63:93:
1d:92:59:f9:14:04:f9:f9:ba:cf:56:3f:19:9c:c9:34:c7:15:
b9:77:79:3c:0b:8c:47:b1:08:ec:9b:72:73:a2:dc:41:06:74:
21:c8:c6:20:df:e4:8d:64:06:9b:3b:26:43:11:2b:a0:f9:d5:
06:ad:f6:85:4a:4f:13:2c:62:84:07:db:2e:72:8b:0f:24:96:
b8:4b:dc:3d:1b:2c:f9:8c:98:9a:84:e8:08:ed:7e:39:f0:f7:
4f:39:e0:bb:6e:6e:80:e2:c5:a3:f9:92:9a:1e:3c:52:3e:2a:
a6:19:fa:d2
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICOtowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDcw
MTIyMzNaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDQ5OTExRDczNTRGQkZC
MjU5MkFDNTU0RDNGMTFCOTk0MDU2MEFCQjMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDLcn79aF95SZdjBCQXoysSzpJJQS5hQGzenuypd1z6PwmVVhcb
1xBxCaicoW3+052Q2dJSIvK+vWxExJTFqf69k2YqPhnjxl4wMAB52xFiUwmHA1A7
HkLvx+Th2fTSVFGGS3lkA4aYB2f7JnHJhvxTkF6ODT4F2eGxtMTdMHSorQ6ie6it
hTGmmn9yjvso7tZi+w+5cHlXNzNOOVfhu5pCLM2M+gzVchbIW47xCa7X6oxBaWoy
33XpuctK5hVwFLkArE4QiClUiwRrg6DGbEIPqN7D7ITj2Sfa5IQdpyKVFf/R5u7c
2c+hbdwJ3i8RFgcZuE/5b65qyMRuBnjI0jNrAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUSZEdc1T7+yWSrFVNPxG5lAVgq7MwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1NaRWRjMVQ3LXlXU3JG
Vk5QeEc1bEFWZ3E3TS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAjwXQGxgRwKDgXJJHPG7kHhRJ2/uPrppg
d0dOQK38WKLulhuNaDW03xaC5CxiROSq+TRwI2gmvrw0CY7jDbX61aGcmSvJkmhz
tWfbtT9TgFhPH6da6p6nORgHcgS2iuPtz3tzpHfO7NrAwd7v/VsNpotXUO2LGJYx
Awfor9d9MYS2km/WRJan+wzakQll6mOTHZJZ+RQE+fm6z1Y/GZzJNMcVuXd5PAuM
R7EI7Jtyc6LcQQZ0IcjGIN/kjWQGmzsmQxEroPnVBq32hUpPEyxihAfbLnKLDySW
uEvcPRss+YyYmoToCO1+OfD3Tzngu25ugOLFo/mSmh48Uj4qphn60g==
-----END CERTIFICATE-----
Generated at Sun Apr 7 09:00:19 2024 by rpki-client on console.sobornost.net