Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/_frXb7YSGiR-3-ct-BXt4VAelEI.roa
File: _frXb7YSGiR-3-ct-BXt4VAelEI.roa (raw, json)
Hash identifier: JW65wn+uqDXcx+pzwm5wyraZ1jiSGC9SrQk5DN2H9iY=
Subject key identifier: FD:FA:D7:6F:B6:12:1A:24:7E:DF:E7:2D:F8:15:ED:E1:50:1E:94:42
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 33F9
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/_frXb7YSGiR-3-ct-BXt4VAelEI.roa
Signing time: Thu 28 Mar 2024 21:22:06 +0000
ROA not before: Thu 28 Mar 2024 21:22:06 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13305 (0x33f9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Mar 28 21:22:06 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=FDFAD76FB6121A247EDFE72DF815EDE1501E9442
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:ea:39:a0:5d:ab:01:99:f9:c4:01:3f:3d:2c:
36:e4:1f:d9:b3:4e:dd:2f:b7:58:db:f7:87:2f:11:
3b:3d:ad:ee:b6:a0:d9:93:0e:f4:42:37:7f:ff:2f:
df:17:f8:85:32:6c:72:19:1c:e6:64:59:9e:4d:8a:
ab:a8:2f:34:31:00:fe:64:7c:f9:c8:b2:18:89:41:
b7:ec:06:39:cd:17:95:af:aa:9e:20:00:6b:8f:6a:
5b:5c:67:9c:11:1a:e0:2f:24:90:9b:17:31:c1:75:
8a:b9:cc:9e:6a:2d:2f:db:36:95:e1:69:5f:18:6d:
d8:c1:ac:4b:13:11:00:6f:10:da:b3:64:ef:30:a4:
91:06:f1:14:78:1a:52:fc:7f:de:02:b8:c1:23:f4:
59:77:ec:d4:4b:3c:89:ab:54:ed:29:61:57:3f:b8:
7f:e8:55:8c:34:7c:56:e4:30:54:1c:8b:ed:f4:76:
10:b2:78:16:42:7c:eb:d3:5e:11:19:72:95:9d:65:
a8:b6:31:50:aa:8d:34:40:59:9f:00:80:a5:a0:34:
d2:8b:53:70:64:6e:a0:ef:61:e3:5c:42:bf:0d:49:
e4:9a:4b:dd:f1:ba:98:d6:19:75:54:79:e2:1e:94:
8c:46:e9:ae:36:5f:c0:a8:47:58:ff:a0:c1:9d:58:
73:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:FA:D7:6F:B6:12:1A:24:7E:DF:E7:2D:F8:15:ED:E1:50:1E:94:42
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/_frXb7YSGiR-3-ct-BXt4VAelEI.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
19:9b:53:79:ba:e6:28:76:ee:f6:cf:7c:fb:7c:46:47:e7:8a:
de:0a:1f:26:b5:48:b9:e3:d1:62:e3:4f:7c:0b:1f:b3:69:1e:
21:9b:69:1e:f0:29:36:1f:1b:bc:33:9c:48:65:14:f0:43:99:
53:56:d3:f5:da:da:12:2d:c8:d2:ca:fc:f2:85:66:e4:28:b1:
1e:29:6e:d5:7e:1c:7a:36:2a:70:58:79:0d:ad:ea:b1:be:4d:
24:61:88:9e:f1:de:55:c0:35:5c:d8:e8:03:45:4f:46:23:05:
89:95:5c:02:f6:07:40:b3:4d:36:b0:2a:b5:fc:63:58:db:ec:
bd:7a:54:8d:e1:9d:93:a1:c1:c2:90:83:2d:f8:b1:0b:7d:a3:
f6:ca:de:73:6e:2d:8d:7e:bc:1f:78:51:e0:f7:08:d0:0d:f3:
55:48:a3:30:d8:f5:b4:c6:a4:a0:a0:cb:2f:2c:3f:69:08:db:
ff:1a:c4:f6:26:26:31:87:3b:b9:16:9d:97:fa:67:4c:34:57:
8b:30:7c:bb:e4:9b:99:78:c9:bf:78:0f:f1:22:38:95:da:d3:
f2:32:5d:09:50:75:aa:7f:59:0e:46:1a:80:7f:8e:34:9e:17:
8c:14:de:61:89:94:62:3f:21:15:b1:07:d1:de:b0:72:96:8d:
43:02:43:37
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICM/kwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDAzMjgy
MTIyMDZaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEZERkFENzZGQjYxMjFB
MjQ3RURGRTcyREY4MTVFREUxNTAxRTk0NDIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDF6jmgXasBmfnEAT89LDbkH9mzTt0vt1jb94cvETs9re62oNmT
DvRCN3//L98X+IUybHIZHOZkWZ5NiquoLzQxAP5kfPnIshiJQbfsBjnNF5Wvqp4g
AGuPaltcZ5wRGuAvJJCbFzHBdYq5zJ5qLS/bNpXhaV8YbdjBrEsTEQBvENqzZO8w
pJEG8RR4GlL8f94CuMEj9Fl37NRLPImrVO0pYVc/uH/oVYw0fFbkMFQci+30dhCy
eBZCfOvTXhEZcpWdZai2MVCqjTRAWZ8AgKWgNNKLU3BkbqDvYeNcQr8NSeSaS93x
upjWGXVUeeIelIxG6a42X8CoR1j/oMGdWHPZAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQU/frXb7YSGiR+3+ct+BXt4VAelEIwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L19mclhiN1lTR2lSLTMt
Y3QtQlh0NFZBZWxFSS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBABmbU3m65ih27vbP
fPt8Rkfnit4KHya1SLnj0WLjT3wLH7NpHiGbaR7wKTYfG7wznEhlFPBDmVNW0/Xa
2hItyNLK/PKFZuQosR4pbtV+HHo2KnBYeQ2t6rG+TSRhiJ7x3lXANVzY6ANFT0Yj
BYmVXAL2B0CzTTawKrX8Y1jb7L16VI3hnZOhwcKQgy34sQt9o/bK3nNuLY1+vB94
UeD3CNAN81VIozDY9bTGpKCgyy8sP2kI2/8axPYmJjGHO7kWnZf6Z0w0V4swfLvk
m5l4yb94D/EiOJXa0/IyXQlQdap/WQ5GGoB/jjSeF4wU3mGJlGI/IRWxB9HesHKW
jUMCQzc=
-----END CERTIFICATE-----
Generated at Fri Mar 29 05:42:23 2024 by rpki-client on console.sobornost.net