Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/a__Qogfqu1E3sY8TDWkgNlQpAcQ.roa
File: a__Qogfqu1E3sY8TDWkgNlQpAcQ.roa (raw, json)
Hash identifier: bLI0SMGWT70GosWBI0MKcHuHrlXFqJJftNlo74uLv1A=
Subject key identifier: 6B:FF:D0:A2:07:EA:BB:51:37:B1:8F:13:0D:69:20:36:54:29:01:C4
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4299
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/a__Qogfqu1E3sY8TDWkgNlQpAcQ.roa
Signing time: Wed 17 Apr 2024 09:22:58 +0000
ROA not before: Wed 17 Apr 2024 09:22:58 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17049 (0x4299)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 17 09:22:58 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=6BFFD0A207EABB5137B18F130D692036542901C4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f8:11:b5:57:8b:1c:83:01:c6:6f:74:b1:03:2f:
b1:8e:f4:55:08:c3:57:e5:98:c7:e2:d2:96:56:05:
f5:72:56:e3:09:f1:ef:28:ea:af:2f:8e:05:e1:3c:
bd:95:aa:fc:13:b0:ed:a9:1f:c5:18:ce:d7:69:9e:
37:cf:f4:f5:ce:cc:28:e8:59:40:79:98:c7:ec:7d:
ea:4b:2f:8e:2e:3c:b2:9a:7f:a5:3d:90:0c:f9:7a:
42:1e:8d:fd:4b:f5:cc:7b:1d:5a:f4:9a:f3:c2:df:
69:d9:72:f6:cd:ad:d2:38:c5:ae:86:dd:ff:4f:4e:
01:50:16:f9:b5:b4:da:f5:d3:cc:d8:48:29:47:8d:
ab:3e:be:90:6d:70:56:e6:b2:65:b8:4f:69:10:16:
ae:29:01:d9:61:51:f9:bc:b0:25:39:cc:62:2a:ed:
3a:36:4a:06:6e:67:e3:41:3e:ed:e0:e4:24:59:fa:
98:91:e5:d5:3b:7a:d4:09:91:4f:3e:7b:f4:a7:c0:
2d:b4:05:a5:2d:67:90:e5:68:53:25:23:b7:43:09:
65:6c:89:b8:7d:91:a0:89:69:9a:98:65:8e:99:b2:
39:5a:60:b0:cc:7f:44:a7:77:ec:a8:2f:09:65:ed:
9f:ef:4a:21:cc:c7:cb:cf:26:3a:43:f2:9d:e2:cb:
c8:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:FF:D0:A2:07:EA:BB:51:37:B1:8F:13:0D:69:20:36:54:29:01:C4
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/a__Qogfqu1E3sY8TDWkgNlQpAcQ.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
69:0c:c0:2f:14:8c:49:67:b9:a6:d0:0e:81:0a:56:33:09:1b:
b9:aa:a4:c8:52:6e:1e:d3:3e:cd:d9:46:8e:e3:95:27:85:4f:
4c:b4:c0:c3:14:01:b0:92:28:b6:34:94:f1:ac:b6:e8:23:58:
f7:1f:d1:20:bb:d1:db:42:87:36:89:0a:55:3d:dd:97:4f:66:
93:0f:60:39:6b:9a:ad:92:a0:b8:ad:39:07:b7:de:ea:78:b6:
26:c7:5a:c7:2c:3d:39:8d:db:3a:fb:45:a8:33:e3:f8:d0:a9:
bb:b1:78:7f:c8:e8:31:78:61:94:eb:a1:71:ee:cc:6a:43:42:
27:d0:5b:01:24:5c:bc:ba:76:01:6d:12:ca:f8:89:9c:66:ab:
3c:54:7c:c1:02:aa:04:4c:49:47:c7:4f:ef:bb:d0:da:5e:37:
26:e5:66:33:53:39:92:9d:2f:37:b6:d0:88:2e:45:48:33:c0:
46:92:ab:51:2f:4b:e7:e2:79:8c:73:96:f1:4d:15:84:bb:44:
5b:56:9d:f0:ac:6e:e5:10:37:27:b6:a7:a4:8b:7d:95:7c:41:
9c:cc:6f:65:7b:54:a2:65:91:6c:28:9e:34:48:5c:0d:6b:3c:
63:5f:9e:6e:d6:ca:36:71:34:7f:d5:6c:4e:35:c3:8d:20:21:
7e:3b:e6:54
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICQpkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTcw
OTIyNThaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDZCRkZEMEEyMDdFQUJC
NTEzN0IxOEYxMzBENjkyMDM2NTQyOTAxQzQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQD4EbVXixyDAcZvdLEDL7GO9FUIw1flmMfi0pZWBfVyVuMJ8e8o
6q8vjgXhPL2VqvwTsO2pH8UYztdpnjfP9PXOzCjoWUB5mMfsfepLL44uPLKaf6U9
kAz5ekIejf1L9cx7HVr0mvPC32nZcvbNrdI4xa6G3f9PTgFQFvm1tNr108zYSClH
jas+vpBtcFbmsmW4T2kQFq4pAdlhUfm8sCU5zGIq7To2SgZuZ+NBPu3g5CRZ+piR
5dU7etQJkU8+e/SnwC20BaUtZ5DlaFMlI7dDCWVsibh9kaCJaZqYZY6ZsjlaYLDM
f0Snd+yoLwll7Z/vSiHMx8vPJjpD8p3iy8hvAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUa//Qogfqu1E3sY8TDWkgNlQpAcQwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2FfX1FvZ2ZxdTFFM3NZ
OFREV2tnTmxRcEFjUS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAGkMwC8UjElnuabQ
DoEKVjMJG7mqpMhSbh7TPs3ZRo7jlSeFT0y0wMMUAbCSKLY0lPGstugjWPcf0SC7
0dtChzaJClU93ZdPZpMPYDlrmq2SoLitOQe33up4tibHWscsPTmN2zr7Ragz4/jQ
qbuxeH/I6DF4YZTroXHuzGpDQifQWwEkXLy6dgFtEsr4iZxmqzxUfMECqgRMSUfH
T++70NpeNyblZjNTOZKdLze20IguRUgzwEaSq1EvS+fieYxzlvFNFYS7RFtWnfCs
buUQNye2p6SLfZV8QZzMb2V7VKJlkWwonjRIXA1rPGNfnm7WyjZxNH/VbE41w40g
IX475lQ=
-----END CERTIFICATE-----
Generated at Wed Apr 17 14:46:04 2024 by rpki-client on console.sobornost.net