Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/agYYdJVfVrkDN7Wr4mfQLJBH5Vc.roa
File: agYYdJVfVrkDN7Wr4mfQLJBH5Vc.roa (raw, json)
Hash identifier: /MUtAwaiHFaG4kzWW9ePDGh8QNDGMHd8IrP5jHQFF1s=
Subject key identifier: 6A:06:18:74:95:5F:56:B9:03:37:B5:AB:E2:67:D0:2C:90:47:E5:57
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 35F1
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/agYYdJVfVrkDN7Wr4mfQLJBH5Vc.roa
Signing time: Sun 31 Mar 2024 12:22:29 +0000
ROA not before: Sun 31 Mar 2024 12:22:29 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13809 (0x35f1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Mar 31 12:22:29 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=6A061874955F56B90337B5ABE267D02C9047E557
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:90:78:5e:da:1f:1d:db:2a:09:57:3e:bf:6a:
8d:10:d5:0f:0d:7e:5f:9a:c2:01:97:df:ba:70:24:
4b:60:b9:37:13:a8:f5:e4:e5:e9:52:51:80:42:c2:
61:4b:7f:b7:48:ea:d5:12:a4:fa:0a:8e:3e:81:5e:
0b:49:8d:a4:59:af:e5:d1:27:3b:92:39:0b:3b:54:
93:a7:c8:6b:2e:7d:d4:09:d8:e4:ff:42:e2:de:cd:
d0:01:78:49:b5:29:dc:1f:c5:ca:6a:24:ba:2a:fc:
13:1a:36:c6:9a:e9:3f:4a:70:82:f2:2f:e4:f6:32:
38:0c:0a:5e:5a:2a:f4:9a:01:44:74:c7:2e:b4:b5:
bd:03:7d:4b:dd:3d:0c:5f:ed:4b:91:9e:aa:0f:9f:
16:dc:e3:b1:56:a7:b3:04:73:0f:c9:be:e8:c1:83:
3e:1e:c6:25:48:b0:d4:29:6e:45:f1:32:b7:ee:6d:
cd:98:de:74:c1:f6:7f:34:32:12:88:c5:d9:13:cf:
3b:c2:b6:ac:fd:ea:58:51:14:78:1d:ba:15:93:da:
a0:37:c5:59:ca:03:98:b6:ee:36:09:b1:a5:73:c9:
2d:c1:24:2f:c6:12:d3:d7:bb:e9:88:0d:fb:f3:0c:
a3:b3:0a:71:cb:68:cd:8b:c7:07:18:25:3c:96:7d:
cd:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:06:18:74:95:5F:56:B9:03:37:B5:AB:E2:67:D0:2C:90:47:E5:57
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/agYYdJVfVrkDN7Wr4mfQLJBH5Vc.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
5a:04:9c:0d:63:38:ae:41:c6:3a:4c:5b:21:26:3b:e3:49:93:
19:6e:a5:ec:ea:15:91:54:bb:6c:bf:8f:31:e5:10:b1:c3:3a:
ed:bf:c4:b6:7e:f0:0a:0a:ac:90:1b:de:b2:4f:25:f3:97:cf:
7e:67:3e:cf:13:a8:75:28:4c:31:28:c8:3d:f8:a2:72:75:c5:
56:b0:2a:57:28:3a:a8:7c:f9:a3:47:8e:f1:b4:6b:bc:89:14:
fb:e8:bf:d8:ff:95:ab:89:63:e1:37:c0:f8:f6:62:06:0b:fd:
9e:ff:c2:f4:ee:be:66:6f:98:d1:e0:36:c0:ec:23:77:f2:35:
b7:3e:0e:da:88:47:fe:10:2d:2e:c3:1a:6e:94:c7:11:09:57:
3e:8f:f2:e7:cc:a7:58:be:37:2a:25:b4:06:b8:cb:86:d2:b4:
f1:99:93:6e:81:db:3b:17:95:ed:c2:4f:97:2d:c6:9b:3c:8e:
63:f8:dc:7e:4a:67:95:d2:99:0e:d3:f8:fe:cf:d4:65:bb:d9:
d8:c4:5c:af:22:5b:7e:57:4f:48:52:bb:69:b4:7a:f1:74:0c:
cd:83:40:a3:c2:5f:c5:02:ee:6b:ff:df:95:79:39:e7:9a:0f:
43:9b:58:dc:3c:f7:5a:cf:84:01:78:e0:0f:7f:6a:a4:af:80:
91:12:cc:c4
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICNfEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDAzMzEx
MjIyMjlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDZBMDYxODc0OTU1RjU2
QjkwMzM3QjVBQkUyNjdEMDJDOTA0N0U1NTcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDHkHhe2h8d2yoJVz6/ao0Q1Q8Nfl+awgGX37pwJEtguTcTqPXk
5elSUYBCwmFLf7dI6tUSpPoKjj6BXgtJjaRZr+XRJzuSOQs7VJOnyGsufdQJ2OT/
QuLezdABeEm1KdwfxcpqJLoq/BMaNsaa6T9KcILyL+T2MjgMCl5aKvSaAUR0xy60
tb0DfUvdPQxf7UuRnqoPnxbc47FWp7MEcw/JvujBgz4exiVIsNQpbkXxMrfubc2Y
3nTB9n80MhKIxdkTzzvCtqz96lhRFHgduhWT2qA3xVnKA5i27jYJsaVzyS3BJC/G
EtPXu+mIDfvzDKOzCnHLaM2LxwcYJTyWfc3NAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUagYYdJVfVrkDN7Wr4mfQLJBH5VcwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2FnWVlkSlZmVnJrRE43
V3I0bWZRTEpCSDVWYy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAFoEnA1jOK5BxjpM
WyEmO+NJkxlupezqFZFUu2y/jzHlELHDOu2/xLZ+8AoKrJAb3rJPJfOXz35nPs8T
qHUoTDEoyD34onJ1xVawKlcoOqh8+aNHjvG0a7yJFPvov9j/lauJY+E3wPj2YgYL
/Z7/wvTuvmZvmNHgNsDsI3fyNbc+DtqIR/4QLS7DGm6UxxEJVz6P8ufMp1i+Nyol
tAa4y4bStPGZk26B2zsXle3CT5ctxps8jmP43H5KZ5XSmQ7T+P7P1GW72djEXK8i
W35XT0hSu2m0evF0DM2DQKPCX8UC7mv/35V5OeeaD0ObWNw891rPhAF44A9/aqSv
gJESzMQ=
-----END CERTIFICATE-----
Generated at Sun Mar 31 16:50:14 2024 by rpki-client on console.sobornost.net