Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/Y2ydeUwSBqnzlZEhu7kbC8A2AjA.roa
File: Y2ydeUwSBqnzlZEhu7kbC8A2AjA.roa (raw, json)
Hash identifier: S8ZfJvGfvWD3Z/p6AyaWUmDcyes4EUCVznKF4hx8QK0=
Subject key identifier: 63:6C:9D:79:4C:12:06:A9:F3:95:91:21:BB:B9:1B:0B:C0:36:02:30
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4931
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/Y2ydeUwSBqnzlZEhu7kbC8A2AjA.roa
Signing time: Fri 26 Apr 2024 04:23:32 +0000
ROA not before: Fri 26 Apr 2024 04:23:32 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18737 (0x4931)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 26 04:23:32 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=636C9D794C1206A9F3959121BBB91B0BC0360230
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:7b:95:de:c6:b1:7d:62:9d:9b:24:43:5f:4f:
ab:20:71:62:64:92:11:ba:3a:a8:d5:04:50:67:62:
cb:67:f3:d9:fa:e6:a5:1c:bb:33:42:d9:31:2d:68:
6e:47:8f:03:8a:19:40:a3:7d:0e:7a:ea:27:8c:e2:
fb:c7:05:15:0e:ac:8c:96:2e:14:78:33:ef:c1:6b:
18:61:a3:b2:a8:0c:ea:0a:2f:fe:5a:c3:ef:cc:68:
a7:bc:97:2d:a0:52:1c:56:3d:76:d8:ab:9b:ff:8d:
1e:52:fe:62:50:1b:d9:88:c6:14:3c:66:27:cf:6d:
b3:da:6d:9c:da:5a:24:10:c4:6b:c1:21:cb:0e:8a:
88:25:bb:3a:f1:b1:3b:47:b3:86:0c:56:3a:58:3b:
cd:c4:1f:ea:df:7f:00:89:e5:87:69:72:bd:51:c6:
54:aa:a0:fc:fb:a2:67:58:f9:69:66:47:5d:c7:29:
12:59:90:ed:f9:d2:fa:bc:2a:2f:81:b5:91:d4:54:
af:2f:f9:8b:d7:4f:77:01:a5:2a:eb:8d:17:80:41:
90:de:67:76:03:a1:02:b3:46:6f:59:63:e2:61:f8:
f4:eb:d2:e8:c5:0a:44:f8:ea:3e:7a:35:f7:4d:2d:
69:3f:c0:2d:91:f0:d5:1f:b2:db:b9:bf:5c:7d:67:
f8:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:6C:9D:79:4C:12:06:A9:F3:95:91:21:BB:B9:1B:0B:C0:36:02:30
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/Y2ydeUwSBqnzlZEhu7kbC8A2AjA.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
60:b1:30:94:8d:41:f2:cf:e6:86:8e:3d:54:71:64:16:cd:93:
69:08:33:a1:77:0e:73:9c:29:ee:e9:75:ee:bb:f4:88:18:1c:
18:66:95:e4:a4:f9:b5:63:81:c9:04:64:5c:c7:95:d3:a5:05:
3d:24:7b:12:4a:7f:e3:f6:ec:75:a4:7b:6d:15:af:20:e8:6c:
4b:4d:06:a8:71:cd:00:a0:26:50:cf:9a:41:43:9e:b6:08:24:
c2:66:91:9c:e6:0b:96:11:e2:a9:52:b0:02:b7:d9:6d:5a:10:
d8:22:69:80:86:92:22:3c:52:99:b0:69:87:8c:a3:fd:a5:34:
91:9a:95:25:54:d9:94:aa:c5:30:f1:a7:c0:66:11:7b:a9:92:
b4:18:2d:b9:85:e1:fa:6a:c8:92:d0:75:f7:66:2e:6f:3f:5d:
bf:88:75:57:15:0b:53:3a:65:14:69:72:04:44:13:86:cf:7e:
af:11:0c:06:31:0f:ea:dd:4e:d2:f8:ab:bd:56:d5:9c:7a:3a:
94:59:aa:0e:8d:c1:63:3d:39:56:73:84:a2:aa:49:f2:07:c5:
27:25:86:5b:ab:8d:d8:dc:bc:05:e0:6f:91:e4:7a:3b:09:80:
5b:d3:02:d9:65:fd:45:1d:60:7c:95:03:1a:5f:7a:15:70:a0:
bb:df:16:1b
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICSTEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MjYw
NDIzMzJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDYzNkM5RDc5NEMxMjA2
QTlGMzk1OTEyMUJCQjkxQjBCQzAzNjAyMzAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDhe5XexrF9Yp2bJENfT6sgcWJkkhG6OqjVBFBnYstn89n65qUc
uzNC2TEtaG5HjwOKGUCjfQ566ieM4vvHBRUOrIyWLhR4M+/Baxhho7KoDOoKL/5a
w+/MaKe8ly2gUhxWPXbYq5v/jR5S/mJQG9mIxhQ8ZifPbbPabZzaWiQQxGvBIcsO
iogluzrxsTtHs4YMVjpYO83EH+rffwCJ5Ydpcr1RxlSqoPz7omdY+WlmR13HKRJZ
kO350vq8Ki+BtZHUVK8v+YvXT3cBpSrrjReAQZDeZ3YDoQKzRm9ZY+Jh+PTr0ujF
CkT46j56NfdNLWk/wC2R8NUfstu5v1x9Z/hhAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUY2ydeUwSBqnzlZEhu7kbC8A2AjAwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1kyeWRlVXdTQnFuemxa
RWh1N2tiQzhBMkFqQS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAGCxMJSNQfLP5oaO
PVRxZBbNk2kIM6F3DnOcKe7pde679IgYHBhmleSk+bVjgckEZFzHldOlBT0kexJK
f+P27HWke20VryDobEtNBqhxzQCgJlDPmkFDnrYIJMJmkZzmC5YR4qlSsAK32W1a
ENgiaYCGkiI8UpmwaYeMo/2lNJGalSVU2ZSqxTDxp8BmEXupkrQYLbmF4fpqyJLQ
dfdmLm8/Xb+IdVcVC1M6ZRRpcgREE4bPfq8RDAYxD+rdTtL4q71W1Zx6OpRZqg6N
wWM9OVZzhKKqSfIHxSclhlurjdjcvAXgb5HkejsJgFvTAtll/UUdYHyVAxpfehVw
oLvfFhs=
-----END CERTIFICATE-----
Generated at Fri Apr 26 11:11:40 2024 by rpki-client on console.sobornost.net