Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/UCA6P0ggeC2u45TrZa_X0BRXdIU.roa
File: UCA6P0ggeC2u45TrZa_X0BRXdIU.roa (raw, json)
Hash identifier: 7CvUBUZ9MCbTbc2aYfWjaJ1hAtxpBnFIFvC1bDZCWQs=
Subject key identifier: 50:20:3A:3F:48:20:78:2D:AE:E3:94:EB:65:AF:D7:D0:14:57:74:85
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 54A2
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/UCA6P0ggeC2u45TrZa_X0BRXdIU.roa
Signing time: Sat 11 May 2024 10:24:03 +0000
ROA not before: Sat 11 May 2024 10:24:03 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21666 (0x54a2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 11 10:24:03 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=50203A3F4820782DAEE394EB65AFD7D014577485
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:67:78:79:fd:02:59:e8:4b:9a:e7:4e:90:ca:
46:df:f6:60:67:5b:2e:7c:c7:29:fb:c5:c2:84:f3:
c7:d7:53:9c:d1:d1:13:5e:d0:85:2e:de:7e:04:68:
3a:a8:ea:79:10:fb:0c:dc:8c:a6:7f:48:68:35:f4:
30:ed:b7:0f:22:90:e5:0b:cd:8e:e5:c2:5c:0b:85:
78:83:98:93:67:d8:8f:91:f0:38:03:79:49:54:54:
6b:61:b7:18:38:e3:12:96:25:e3:e1:46:40:fa:7f:
c4:f4:f7:54:b9:cc:4b:a8:f2:43:00:45:86:e8:f5:
d1:32:c9:d4:e2:1b:7f:92:70:4b:ba:6d:57:5d:23:
8a:3b:05:64:39:c7:6d:a0:f0:2d:69:06:de:d6:66:
30:7d:f4:00:33:98:27:d8:15:2d:00:ab:3b:41:2c:
b4:fe:12:6b:be:fd:19:9f:4a:cf:71:0b:7a:e1:3e:
62:c1:9c:fa:54:39:fe:d8:51:26:06:5a:3b:44:a8:
67:a9:10:c3:75:29:5d:34:c0:bf:a3:75:62:53:5c:
ff:4c:a4:0b:f0:85:65:08:02:ef:ab:16:a8:32:a1:
7c:c4:29:76:60:46:14:23:c5:ae:4c:1e:0b:8e:99:
cd:17:a4:6b:f6:84:47:7c:ff:dd:4e:91:34:03:4c:
41:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:20:3A:3F:48:20:78:2D:AE:E3:94:EB:65:AF:D7:D0:14:57:74:85
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/UCA6P0ggeC2u45TrZa_X0BRXdIU.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
15:e4:4f:00:b5:d6:c5:30:88:5b:99:c2:e6:a5:7a:05:6d:f6:
7b:9b:d2:b9:57:26:5c:5a:ff:f7:40:24:a2:73:db:05:16:fc:
38:d6:0e:bb:b9:7c:8c:16:0d:28:8d:39:16:18:7f:8d:72:46:
eb:b8:55:ce:a8:da:69:50:a7:30:43:a2:d7:62:bf:dd:44:b2:
a0:49:7a:60:27:09:34:24:88:70:d7:10:95:4b:f8:a7:63:6a:
bd:fb:0c:2e:a5:54:4e:19:02:e8:c3:a0:80:00:b7:bb:1a:2f:
0a:b6:44:fe:ef:46:2b:b6:92:a9:68:c7:46:c4:90:59:4a:c9:
e2:57:44:01:c6:a2:75:62:53:ed:f9:f8:5b:75:5c:e9:f5:e2:
d7:36:2c:6e:60:be:a0:ea:ed:52:70:98:97:77:86:14:89:b0:
62:8f:22:0c:9a:c6:ff:05:81:91:21:01:e7:2b:25:1f:de:8e:
0c:e8:91:bf:72:60:d8:7d:f9:19:cd:19:12:43:11:b3:69:bd:
e9:24:61:70:62:98:8e:10:4e:cc:83:8f:89:9c:53:0b:1e:9b:
6e:6a:82:6f:35:d4:fb:ab:da:e3:32:92:e7:47:46:09:28:b9:
74:bb:15:eb:1b:6f:1a:71:b9:6b:05:99:88:8c:60:85:b3:47:
97:41:39:72
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICVKIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MTEx
MDI0MDNaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDUwMjAzQTNGNDgyMDc4
MkRBRUUzOTRFQjY1QUZEN0QwMTQ1Nzc0ODUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCbZ3h5/QJZ6Eua506Qykbf9mBnWy58xyn7xcKE88fXU5zR0RNe
0IUu3n4EaDqo6nkQ+wzcjKZ/SGg19DDttw8ikOULzY7lwlwLhXiDmJNn2I+R8DgD
eUlUVGthtxg44xKWJePhRkD6f8T091S5zEuo8kMARYbo9dEyydTiG3+ScEu6bVdd
I4o7BWQ5x22g8C1pBt7WZjB99AAzmCfYFS0AqztBLLT+Emu+/RmfSs9xC3rhPmLB
nPpUOf7YUSYGWjtEqGepEMN1KV00wL+jdWJTXP9MpAvwhWUIAu+rFqgyoXzEKXZg
RhQjxa5MHguOmc0XpGv2hEd8/91OkTQDTEEvAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUUCA6P0ggeC2u45TrZa/X0BRXdIUwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1VDQTZQMGdnZUMydTQ1
VHJaYV9YMEJSWGRJVS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAFeRPALXWxTCIW5nC5qV6BW32e5vSuVcm
XFr/90AkonPbBRb8ONYOu7l8jBYNKI05Fhh/jXJG67hVzqjaaVCnMEOi12K/3USy
oEl6YCcJNCSIcNcQlUv4p2NqvfsMLqVUThkC6MOggAC3uxovCrZE/u9GK7aSqWjH
RsSQWUrJ4ldEAcaidWJT7fn4W3Vc6fXi1zYsbmC+oOrtUnCYl3eGFImwYo8iDJrG
/wWBkSEB5yslH96ODOiRv3Jg2H35Gc0ZEkMRs2m96SRhcGKYjhBOzIOPiZxTCx6b
bmqCbzXU+6va4zKS50dGCSi5dLsV6xtvGnG5awWZiIxghbNHl0E5cg==
-----END CERTIFICATE-----
Generated at Sat May 11 14:26:45 2024 by rpki-client on console.sobornost.net