Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/WoF9nu4TqvCPoyN7o_qQQztLZRI.roa
File: WoF9nu4TqvCPoyN7o_qQQztLZRI.roa (raw, json)
Hash identifier: O40vRjmEhDsaJI4zNbw0K7WUOOf5hQfSPcMC7pwd7Co=
Subject key identifier: 5A:81:7D:9E:EE:13:AA:F0:8F:A3:23:7B:A3:FA:90:43:3B:4B:65:12
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 35C5
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/WoF9nu4TqvCPoyN7o_qQQztLZRI.roa
Signing time: Sun 31 Mar 2024 06:52:10 +0000
ROA not before: Sun 31 Mar 2024 06:52:10 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13765 (0x35c5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Mar 31 06:52:10 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=5A817D9EEE13AAF08FA3237BA3FA90433B4B6512
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:2b:ac:ca:d4:79:59:ae:78:d1:14:a6:34:13:
9c:7c:ef:3a:60:e7:79:4c:66:4e:e1:48:14:51:25:
b0:5b:5b:ac:6a:29:aa:58:a0:33:ec:c7:87:8a:48:
31:64:41:e0:1a:42:8c:2c:f6:b9:85:dd:c1:ec:71:
7b:e1:5a:ce:45:1d:83:02:41:20:1d:ca:ae:82:45:
62:46:75:01:22:00:df:80:9a:eb:90:7a:e5:32:f7:
cd:db:0e:d3:ac:94:72:c0:da:e6:6a:a2:7f:6e:36:
28:ce:e3:fb:bf:7b:e6:c1:1d:6c:ee:b3:20:90:4a:
e7:73:ef:f4:9b:cf:3b:d5:fe:ed:3e:10:19:54:96:
0d:3b:6e:44:72:e3:98:2e:67:be:18:31:f0:a6:7a:
31:b2:e2:47:3e:21:d5:72:54:76:b7:30:44:54:f9:
87:d1:f4:04:24:bc:09:56:2a:47:b8:7e:0d:9d:95:
35:f7:d8:64:05:06:ba:ba:8f:74:39:05:61:18:5b:
4c:bf:d9:a6:11:49:c4:97:0b:23:f0:6e:e7:dc:3a:
c0:b3:a7:1e:42:0c:70:69:70:6b:1b:bc:a7:51:32:
6b:a4:43:45:fb:8b:e1:19:35:a3:e5:55:5f:27:a0:
31:df:3a:8f:ab:6a:6c:9f:3a:e4:ea:4e:f9:f8:ea:
b6:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:81:7D:9E:EE:13:AA:F0:8F:A3:23:7B:A3:FA:90:43:3B:4B:65:12
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/WoF9nu4TqvCPoyN7o_qQQztLZRI.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
63:eb:0f:5c:27:fc:43:0b:7b:66:23:76:c4:45:57:ae:f0:92:
62:bc:8c:90:5d:15:58:ff:45:2c:56:e0:59:ad:2f:dc:f7:42:
fd:99:ff:1d:62:5c:88:42:48:4d:6c:5f:f5:f3:32:e7:c7:32:
e0:21:59:9d:aa:3b:1b:cf:c2:5b:f9:7f:59:59:35:fd:a2:1b:
0a:2c:39:53:08:54:b1:ca:69:95:ec:e1:53:0c:9c:94:a6:73:
38:ce:ca:c8:5a:6c:52:58:87:d4:9b:33:9a:38:0d:f7:0e:06:
dc:23:d1:a3:b1:db:9c:00:4e:5d:23:3e:a0:ca:b0:23:40:11:
ca:e3:d3:5e:28:57:17:12:59:36:6d:67:25:94:4a:b6:48:66:
4c:82:77:65:21:8c:2d:93:0a:5e:7c:42:9c:a6:03:eb:00:f4:
3d:60:79:12:06:4e:b3:aa:d0:d4:23:09:1c:0d:64:18:b7:d1:
ba:56:a6:59:6d:c3:8e:ea:ef:94:54:3b:03:84:2d:cb:c2:ad:
3e:51:90:e4:26:20:20:72:9c:86:3a:70:fe:e9:1d:bc:d3:61:
23:c0:cc:1a:70:10:eb:08:db:0f:e3:c2:91:3a:80:14:25:3d:
8e:d8:3d:e5:91:95:7b:d0:21:e6:94:23:bd:76:e7:ec:f7:40:
d1:e5:36:55
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICNcUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDAzMzEw
NjUyMTBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDVBODE3RDlFRUUxM0FB
RjA4RkEzMjM3QkEzRkE5MDQzM0I0QjY1MTIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC1K6zK1HlZrnjRFKY0E5x87zpg53lMZk7hSBRRJbBbW6xqKapY
oDPsx4eKSDFkQeAaQows9rmF3cHscXvhWs5FHYMCQSAdyq6CRWJGdQEiAN+AmuuQ
euUy983bDtOslHLA2uZqon9uNijO4/u/e+bBHWzusyCQSudz7/SbzzvV/u0+EBlU
lg07bkRy45guZ74YMfCmejGy4kc+IdVyVHa3MERU+YfR9AQkvAlWKke4fg2dlTX3
2GQFBrq6j3Q5BWEYW0y/2aYRScSXCyPwbufcOsCzpx5CDHBpcGsbvKdRMmukQ0X7
i+EZNaPlVV8noDHfOo+ramyfOuTqTvn46rY7AgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUWoF9nu4TqvCPoyN7o/qQQztLZRIwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1dvRjludTRUcXZDUG95
TjdvX3FRUXp0TFpSSS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAGPrD1wn/EMLe2Yj
dsRFV67wkmK8jJBdFVj/RSxW4FmtL9z3Qv2Z/x1iXIhCSE1sX/XzMufHMuAhWZ2q
OxvPwlv5f1lZNf2iGwosOVMIVLHKaZXs4VMMnJSmczjOyshabFJYh9SbM5o4DfcO
Btwj0aOx25wATl0jPqDKsCNAEcrj014oVxcSWTZtZyWUSrZIZkyCd2UhjC2TCl58
QpymA+sA9D1geRIGTrOq0NQjCRwNZBi30bpWplltw47q75RUOwOELcvCrT5RkOQm
ICBynIY6cP7pHbzTYSPAzBpwEOsI2w/jwpE6gBQlPY7YPeWRlXvQIeaUI7125+z3
QNHlNlU=
-----END CERTIFICATE-----
Generated at Sun Mar 31 12:03:00 2024 by rpki-client on console.sobornost.net