Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/_P4dMLurzFZkGo_7QtDyoosO9wg.roa
File: _P4dMLurzFZkGo_7QtDyoosO9wg.roa (raw, json)
Hash identifier: 7fEjsas/E7zwOYsV1+VTtPyh4U16zFuX7ZCgKA9A1uo=
Subject key identifier: FC:FE:1D:30:BB:AB:CC:56:64:1A:8F:FB:42:D0:F2:A2:8B:0E:F7:08
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3AD9
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/_P4dMLurzFZkGo_7QtDyoosO9wg.roa
Signing time: Sun 07 Apr 2024 01:22:33 +0000
ROA not before: Sun 07 Apr 2024 01:22:33 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15065 (0x3ad9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 7 01:22:33 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=FCFE1D30BBABCC56641A8FFB42D0F2A28B0EF708
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:b5:fc:ff:ce:eb:e9:84:cc:5a:d7:0b:c1:e6:
10:2e:b6:e2:60:15:29:a5:c6:c0:b1:4e:29:2c:6e:
f4:4a:44:0e:03:a6:78:aa:4e:98:ee:cc:b4:45:63:
84:c2:3b:8c:28:b8:0b:b7:89:a5:0d:f6:2d:d7:f6:
c5:15:20:5c:31:5f:43:56:c0:b4:53:ef:21:02:99:
49:51:55:45:f0:5a:f6:90:72:77:e8:6b:f4:30:d9:
75:42:a3:60:4a:eb:3c:c0:1f:ac:5a:91:45:30:31:
5d:ce:e2:53:3f:bd:6b:f8:b6:f8:61:54:ed:57:95:
2f:d4:20:b2:04:be:ac:2d:3a:82:c8:5f:25:b5:44:
64:fe:e8:c9:61:69:68:c4:5f:25:a2:30:a1:40:18:
aa:23:ad:0b:73:e4:3a:ca:4a:22:75:78:c4:23:75:
ec:49:d6:5f:fb:91:75:1c:e9:69:5b:55:f1:a5:f4:
e8:5d:09:66:81:cd:ab:01:91:a8:fa:8c:57:75:f1:
1f:01:eb:86:3b:0f:66:3e:59:87:aa:1a:97:7e:be:
4a:7f:09:c3:a2:f6:aa:4a:da:3f:b3:8d:fc:59:16:
a1:48:61:9e:48:6e:7d:5e:d0:33:82:1a:18:f9:62:
91:7a:c2:c1:7e:10:31:1b:71:ac:89:c4:69:fe:80:
3e:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:FE:1D:30:BB:AB:CC:56:64:1A:8F:FB:42:D0:F2:A2:8B:0E:F7:08
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/_P4dMLurzFZkGo_7QtDyoosO9wg.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
08:52:49:a9:5d:f2:1f:55:7e:36:6a:cd:0e:8e:95:f9:0c:f7:
a4:14:3e:58:06:5c:8a:00:d7:35:32:2c:62:ec:2c:cb:e9:50:
e3:95:be:4e:2f:f5:30:38:96:07:cd:be:ce:da:a2:5b:c0:27:
85:34:4f:b9:a6:da:2d:02:a5:ed:a3:94:3d:98:ec:32:28:cc:
42:f2:69:53:3f:59:29:30:4c:35:9e:f4:67:fa:5b:fd:2b:6d:
0f:75:fb:6e:ec:35:eb:9c:e1:f3:42:5b:22:7c:d5:44:3d:b2:
da:23:77:bb:22:7b:9d:3e:18:ab:1d:1d:32:87:68:05:3d:38:
85:23:8d:36:8e:3a:67:b3:a3:de:24:3f:c9:72:d4:91:f6:c3:
87:59:0f:91:dd:50:b1:6f:fb:9a:3e:71:f6:71:9e:7b:a9:d7:
6c:bb:4e:ca:f3:8a:22:bf:81:b6:fc:dd:78:cb:d8:e4:d4:91:
c9:da:99:41:17:c0:0b:d5:69:6a:09:f6:1c:dd:39:54:2d:9f:
eb:4f:19:40:cc:41:93:45:90:09:49:21:5d:9f:40:78:88:2a:
33:b2:55:24:08:9d:6f:89:8d:5b:bd:b3:bd:f7:e8:a1:66:07:
45:b9:2b:02:70:d9:60:be:5d:00:e8:41:18:74:d7:cb:33:07:
9a:b8:95:81
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICOtkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDcw
MTIyMzNaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEZDRkUxRDMwQkJBQkND
NTY2NDFBOEZGQjQyRDBGMkEyOEIwRUY3MDgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDctfz/zuvphMxa1wvB5hAutuJgFSmlxsCxTiksbvRKRA4Dpniq
TpjuzLRFY4TCO4wouAu3iaUN9i3X9sUVIFwxX0NWwLRT7yECmUlRVUXwWvaQcnfo
a/Qw2XVCo2BK6zzAH6xakUUwMV3O4lM/vWv4tvhhVO1XlS/UILIEvqwtOoLIXyW1
RGT+6MlhaWjEXyWiMKFAGKojrQtz5DrKSiJ1eMQjdexJ1l/7kXUc6WlbVfGl9Ohd
CWaBzasBkaj6jFd18R8B64Y7D2Y+WYeqGpd+vkp/CcOi9qpK2j+zjfxZFqFIYZ5I
bn1e0DOCGhj5YpF6wsF+EDEbcayJxGn+gD5TAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQU/P4dMLurzFZkGo/7QtDyoosO9wgwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L19QNGRNTHVyekZaa0dv
XzdRdER5b29zTzl3Zy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAAhSSald8h9VfjZq
zQ6OlfkM96QUPlgGXIoA1zUyLGLsLMvpUOOVvk4v9TA4lgfNvs7aolvAJ4U0T7mm
2i0Cpe2jlD2Y7DIozELyaVM/WSkwTDWe9Gf6W/0rbQ91+27sNeuc4fNCWyJ81UQ9
stojd7sie50+GKsdHTKHaAU9OIUjjTaOOmezo94kP8ly1JH2w4dZD5HdULFv+5o+
cfZxnnup12y7TsrziiK/gbb83XjL2OTUkcnamUEXwAvVaWoJ9hzdOVQtn+tPGUDM
QZNFkAlJIV2fQHiIKjOyVSQInW+JjVu9s7336KFmB0W5KwJw2WC+XQDoQRh018sz
B5q4lYE=
-----END CERTIFICATE-----
Generated at Sun Apr 7 09:00:19 2024 by rpki-client on console.sobornost.net