Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/boEU-5pxVuM0WT2-KSWS64Da0iI.roa
File: boEU-5pxVuM0WT2-KSWS64Da0iI.roa (raw, json)
Hash identifier: ZVx4+jfz1AzzMyubi1mXYqH6ZGCRUeNr5lN3a9GsBkM=
Subject key identifier: 6E:81:14:FB:9A:71:56:E3:34:59:3D:BE:29:25:92:EB:80:DA:D2:22
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 451D
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/boEU-5pxVuM0WT2-KSWS64Da0iI.roa
Signing time: Sat 20 Apr 2024 17:53:12 +0000
ROA not before: Sat 20 Apr 2024 17:53:12 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17693 (0x451d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 20 17:53:12 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=6E8114FB9A7156E334593DBE292592EB80DAD222
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:3f:b3:0e:cb:67:f1:05:37:48:c5:65:2d:16:
8f:17:a0:b1:ac:03:e0:0f:77:6a:ac:ad:81:f0:84:
2d:7a:1f:27:af:c3:4a:57:f4:37:22:fb:b5:c9:5c:
1b:17:c0:95:15:49:9e:7c:52:d0:01:e7:22:31:23:
27:ed:df:97:d7:56:a1:0f:19:18:0d:cd:2b:16:18:
34:63:ad:ff:de:bb:8b:01:0f:a9:00:2a:00:15:48:
06:d4:ca:c9:1c:95:bf:a1:52:9f:56:e0:0b:9b:5a:
19:a3:5f:b7:45:a2:4d:7d:09:cf:85:b6:91:9b:be:
3b:3c:57:f3:ad:cf:34:0b:55:61:3d:cc:0c:e2:1d:
1a:de:e9:69:0d:97:ee:d8:61:0d:ca:49:cf:fe:81:
e2:8f:e7:46:87:19:74:7c:ea:44:f9:b6:8b:23:be:
c8:2b:20:b3:18:87:cf:23:d0:1f:0f:71:ed:a3:ad:
19:e3:60:a3:82:0f:12:a4:a4:3f:98:83:67:5d:9d:
60:18:55:7a:f3:a8:01:a1:72:a3:bf:04:88:4f:8a:
32:8c:ff:92:58:85:1a:68:91:00:a1:fe:52:3e:aa:
8f:18:e0:84:fb:91:a3:e3:96:67:d0:37:d3:e8:04:
4a:c5:66:52:99:e8:df:40:13:23:3b:51:74:1b:a6:
0e:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:81:14:FB:9A:71:56:E3:34:59:3D:BE:29:25:92:EB:80:DA:D2:22
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/boEU-5pxVuM0WT2-KSWS64Da0iI.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
40:f5:79:69:b7:8e:e2:31:62:b8:65:1e:48:2c:44:88:1f:0f:
56:59:d8:9e:fc:d5:55:52:df:98:00:a7:1e:df:aa:b6:44:f4:
c1:f0:5a:51:74:04:50:47:b9:e8:47:6f:aa:77:64:74:c3:97:
e8:05:42:a3:d4:7b:1e:3b:c4:2d:8b:cf:46:2a:2a:57:a9:92:
fa:e9:ac:08:82:b8:ef:0d:4d:46:14:c5:ad:32:a2:31:fa:04:
5e:30:48:a2:54:70:4a:88:68:45:41:01:4f:34:ed:9c:97:52:
48:bc:03:9b:fd:89:27:65:5a:4a:9c:4c:05:c3:c9:cb:31:28:
77:62:c7:e0:4e:c2:e1:9f:63:ea:b3:d1:1b:d6:07:93:a5:ab:
78:75:d7:85:7f:91:24:9c:8d:8f:fc:14:66:d5:ba:bc:b8:ca:
b7:8a:1f:13:33:05:eb:9c:8b:8e:38:bf:6b:9e:ba:40:21:b6:
14:fe:b9:71:e0:28:f0:72:12:60:17:16:bb:6b:73:1b:da:54:
50:73:ce:b3:0b:fd:bb:d5:3f:71:92:7e:33:cc:89:39:47:e8:
5f:62:9a:55:f5:ba:19:83:a8:3a:61:c0:f7:c4:19:ad:78:b7:
79:ce:5b:8b:d1:ef:1d:29:3d:03:00:b9:27:3c:07:97:01:f1:
bc:72:55:38
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICRR0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MjAx
NzUzMTJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDZFODExNEZCOUE3MTU2
RTMzNDU5M0RCRTI5MjU5MkVCODBEQUQyMjIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCoP7MOy2fxBTdIxWUtFo8XoLGsA+APd2qsrYHwhC16Hyevw0pX
9Dci+7XJXBsXwJUVSZ58UtAB5yIxIyft35fXVqEPGRgNzSsWGDRjrf/eu4sBD6kA
KgAVSAbUyskclb+hUp9W4AubWhmjX7dFok19Cc+FtpGbvjs8V/OtzzQLVWE9zAzi
HRre6WkNl+7YYQ3KSc/+geKP50aHGXR86kT5tosjvsgrILMYh88j0B8Pce2jrRnj
YKOCDxKkpD+Yg2ddnWAYVXrzqAGhcqO/BIhPijKM/5JYhRpokQCh/lI+qo8Y4IT7
kaPjlmfQN9PoBErFZlKZ6N9AEyM7UXQbpg7FAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUboEU+5pxVuM0WT2+KSWS64Da0iIwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2JvRVUtNXB4VnVNMFdU
Mi1LU1dTNjREYTBpSS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAED1eWm3juIxYrhl
HkgsRIgfD1ZZ2J781VVS35gApx7fqrZE9MHwWlF0BFBHuehHb6p3ZHTDl+gFQqPU
ex47xC2Lz0YqKlepkvrprAiCuO8NTUYUxa0yojH6BF4wSKJUcEqIaEVBAU807ZyX
Uki8A5v9iSdlWkqcTAXDycsxKHdix+BOwuGfY+qz0RvWB5Olq3h114V/kSScjY/8
FGbVury4yreKHxMzBeuci444v2ueukAhthT+uXHgKPByEmAXFrtrcxvaVFBzzrML
/bvVP3GSfjPMiTlH6F9imlX1uhmDqDphwPfEGa14t3nOW4vR7x0pPQMAuSc8B5cB
8bxyVTg=
-----END CERTIFICATE-----
Generated at Sun Apr 21 00:35:22 2024 by rpki-client on console.sobornost.net