Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/Vd5V1lTnmH10IRkVCeq1q_bR0xg.roa
File: Vd5V1lTnmH10IRkVCeq1q_bR0xg.roa (raw, json)
Hash identifier: VdHemkw4V/pRq6AlBEoa/hBjynabhNeAiD7bMz9LcnQ=
Subject key identifier: 55:DE:55:D6:54:E7:98:7D:74:21:19:15:09:EA:B5:AB:F6:D1:D3:18
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 47AD
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/Vd5V1lTnmH10IRkVCeq1q_bR0xg.roa
Signing time: Wed 24 Apr 2024 03:53:13 +0000
ROA not before: Wed 24 Apr 2024 03:53:13 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18349 (0x47ad)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 24 03:53:13 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=55DE55D654E7987D7421191509EAB5ABF6D1D318
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:65:30:21:50:8c:c3:d5:b1:05:6c:f0:0d:57:
c7:28:2e:7b:bd:0c:c6:cf:38:e0:28:cb:f1:52:31:
98:33:ab:a7:41:74:0b:65:c7:fc:29:bb:4f:6a:fd:
9b:ff:7c:40:6c:83:4f:b4:49:f5:32:99:8e:ed:a9:
89:04:7e:4b:2a:4f:c9:ca:c2:e9:b8:8f:a9:5d:0e:
ac:6a:03:c2:1b:9f:f9:51:e2:5b:20:69:fd:ba:42:
1c:28:44:45:80:81:8b:3a:bd:2b:0e:c6:a6:9e:f5:
d5:97:9f:5d:23:a7:d8:ff:4b:a6:6c:d5:f3:61:4b:
08:f3:0a:8f:15:08:cd:b9:71:99:c5:97:cb:03:ce:
dc:dc:c3:45:97:44:7b:d5:4a:7b:e6:74:8c:26:6f:
01:a1:cf:77:1f:d6:b9:5c:6b:3a:5f:6a:c8:c6:43:
f4:62:63:61:12:72:12:bd:48:00:12:55:9f:11:f2:
1b:74:40:90:3c:11:e7:fc:9f:ca:bf:78:80:18:24:
08:c0:24:c7:65:6a:31:77:af:bf:a8:8d:c0:cb:e9:
61:85:51:b4:42:f3:84:30:70:c0:ab:a1:76:dd:dd:
28:e4:af:8c:b6:5c:af:4d:15:e6:f0:cb:ed:db:d8:
7c:9f:92:ae:06:15:fa:5d:1b:37:9c:56:95:1c:92:
16:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:DE:55:D6:54:E7:98:7D:74:21:19:15:09:EA:B5:AB:F6:D1:D3:18
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/Vd5V1lTnmH10IRkVCeq1q_bR0xg.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
41:2e:55:36:d9:39:fc:22:2e:08:b2:65:08:c9:ab:f2:00:d8:
33:47:0a:02:ca:50:d9:39:ae:ca:db:b3:de:d9:63:28:fb:c0:
d5:22:83:c1:c0:f1:f9:7b:4e:44:31:e5:5a:d9:c6:12:d5:0e:
6d:c0:59:f3:c1:69:c7:cf:e1:e8:9a:06:c6:ea:e7:91:ac:3f:
d0:a1:20:58:f9:4e:45:c2:dd:d7:b6:f9:94:82:4a:c8:e9:95:
13:2d:fe:60:f2:81:dc:9a:c3:39:c0:fc:19:ac:1c:49:9a:e2:
49:31:77:9e:e8:13:ff:e8:17:fb:04:7f:96:a4:0d:71:2a:5a:
f3:b4:81:93:f3:fc:a3:5b:99:a2:36:44:7f:a5:88:51:6d:16:
5d:5a:29:d9:73:5f:e1:13:73:d3:26:f9:d2:17:33:14:5f:6e:
32:a8:4e:52:ca:ef:f7:5e:df:57:be:6e:ea:eb:33:22:5d:68:
ac:ed:2e:c5:af:c8:e1:c4:35:42:34:b6:ba:57:a0:ba:2e:ac:
ee:ea:35:ef:51:a8:8d:2a:9b:82:5c:ca:11:23:a7:00:d6:c5:
6c:dd:4d:70:8a:cc:88:03:bd:a8:49:4d:14:70:ee:0b:fa:8c:
8f:15:c6:bf:41:63:2c:e0:07:74:8e:b5:0b:72:43:fd:ec:a6:
09:59:01:a8
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICR60wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MjQw
MzUzMTNaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDU1REU1NUQ2NTRFNzk4
N0Q3NDIxMTkxNTA5RUFCNUFCRjZEMUQzMTgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDoZTAhUIzD1bEFbPANV8coLnu9DMbPOOAoy/FSMZgzq6dBdAtl
x/wpu09q/Zv/fEBsg0+0SfUymY7tqYkEfksqT8nKwum4j6ldDqxqA8Ibn/lR4lsg
af26QhwoREWAgYs6vSsOxqae9dWXn10jp9j/S6Zs1fNhSwjzCo8VCM25cZnFl8sD
ztzcw0WXRHvVSnvmdIwmbwGhz3cf1rlcazpfasjGQ/RiY2ESchK9SAASVZ8R8ht0
QJA8Eef8n8q/eIAYJAjAJMdlajF3r7+ojcDL6WGFUbRC84QwcMCroXbd3Sjkr4y2
XK9NFebwy+3b2Hyfkq4GFfpdGzecVpUckhYvAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUVd5V1lTnmH10IRkVCeq1q/bR0xgwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1ZkNVYxbFRubUgxMElS
a1ZDZXExcV9iUjB4Zy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAEEuVTbZOfwiLgiy
ZQjJq/IA2DNHCgLKUNk5rsrbs97ZYyj7wNUig8HA8fl7TkQx5VrZxhLVDm3AWfPB
acfP4eiaBsbq55GsP9ChIFj5TkXC3de2+ZSCSsjplRMt/mDygdyawznA/BmsHEma
4kkxd57oE//oF/sEf5akDXEqWvO0gZPz/KNbmaI2RH+liFFtFl1aKdlzX+ETc9Mm
+dIXMxRfbjKoTlLK7/de31e+burrMyJdaKztLsWvyOHENUI0trpXoLourO7qNe9R
qI0qm4JcyhEjpwDWxWzdTXCKzIgDvahJTRRw7gv6jI8Vxr9BYyzgB3SOtQtyQ/3s
pglZAag=
-----END CERTIFICATE-----
Generated at Wed Apr 24 10:47:56 2024 by rpki-client on console.sobornost.net