Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/dylDDTLt9AmQjXWIfZD6ncsyGvE.roa
File: dylDDTLt9AmQjXWIfZD6ncsyGvE.roa (raw, json)
Hash identifier: 3/zwyLEzUXoZ2cQfnKXa5vsMIwigRgbuLW6F2arqAgE=
Subject key identifier: 77:29:43:0D:32:ED:F4:09:90:8D:75:88:7D:90:FA:9D:CB:32:1A:F1
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4C09
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/dylDDTLt9AmQjXWIfZD6ncsyGvE.roa
Signing time: Mon 29 Apr 2024 23:23:53 +0000
ROA not before: Mon 29 Apr 2024 23:23:53 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 19465 (0x4c09)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 29 23:23:53 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=7729430D32EDF409908D75887D90FA9DCB321AF1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:2f:84:b3:a7:16:bb:c8:28:eb:a7:1c:34:b0:
b6:95:99:ec:29:01:30:58:46:a8:da:3b:9c:97:56:
84:a6:2e:a1:81:4f:5d:1a:0b:40:ac:ed:d7:7c:36:
11:38:03:cf:8a:42:29:2f:ac:91:ef:d9:5e:e8:da:
62:b3:c5:4e:83:af:db:3d:8d:42:0b:6f:91:7d:11:
e6:73:ef:06:f1:d5:62:60:82:87:78:e4:4c:7d:d9:
c1:d1:f1:30:67:64:08:03:d3:b3:70:cc:6a:7c:90:
8e:81:61:1a:96:c3:54:42:fd:0b:fd:64:b1:b8:8d:
f2:f5:b2:07:4c:f1:65:e8:b8:68:36:80:f7:be:e6:
76:54:42:0f:91:29:d1:b9:e9:f2:ab:9e:60:e4:ca:
2c:5d:7b:0d:3a:71:ed:b8:de:cc:4e:2e:63:46:c2:
66:61:1b:e1:cc:8b:1a:db:8c:fc:4e:29:20:98:2f:
a4:de:b5:2d:40:c7:e4:e1:f6:1e:3b:3d:90:24:9b:
18:3b:99:ea:d9:30:83:76:bc:28:fd:33:e2:7b:9c:
05:49:a6:96:f9:97:db:c8:77:dc:40:63:e3:e8:8e:
01:4b:2b:f2:f5:54:4a:9e:fb:6e:ec:9f:dc:34:1e:
a0:2b:88:7a:6e:0f:7f:4f:4a:9d:e5:95:6f:ff:ce:
a9:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:29:43:0D:32:ED:F4:09:90:8D:75:88:7D:90:FA:9D:CB:32:1A:F1
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/dylDDTLt9AmQjXWIfZD6ncsyGvE.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
ad:ac:04:22:8f:16:56:18:1c:b5:0a:34:dd:0b:f9:14:02:66:
14:fd:1b:39:54:4e:21:8d:cb:44:1e:4c:96:39:b2:91:aa:d1:
a3:0a:0e:83:52:1a:d1:42:1a:c2:6c:19:f8:e3:04:11:0e:36:
98:e4:c7:26:28:96:af:0f:5a:04:b7:6f:3e:b7:13:9b:31:de:
1f:64:21:6b:19:2d:fa:08:fc:be:81:da:df:09:c7:58:a1:c8:
98:42:32:49:ac:5a:53:08:58:e8:e7:8e:90:cf:05:e0:d1:c5:
fe:1e:c7:45:9e:b1:63:a6:9e:58:bb:dc:7e:ed:80:fe:5d:79:
ef:6e:99:75:48:14:81:d1:a1:70:9a:63:e4:2d:f8:3f:8f:56:
76:86:0a:9f:91:e0:71:0f:b5:d2:06:37:8e:de:f1:57:cb:45:
02:75:fe:42:52:d6:84:66:7a:0c:6f:cb:7c:80:3e:45:ee:ed:
e3:40:3b:2c:cd:f4:52:0b:98:23:64:7c:3e:e9:9b:7c:68:1e:
1e:4a:ba:10:c2:54:42:4a:bf:9c:09:16:48:50:7c:16:94:da:
d2:ba:60:63:98:1a:43:11:42:01:3e:b0:37:77:67:fb:08:bf:
e8:1c:44:18:6c:f9:41:90:32:ef:c2:4f:f9:15:2a:66:21:fe:
33:90:0d:8d
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICTAkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0Mjky
MzIzNTNaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDc3Mjk0MzBEMzJFREY0
MDk5MDhENzU4ODdEOTBGQTlEQ0IzMjFBRjEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC5L4Szpxa7yCjrpxw0sLaVmewpATBYRqjaO5yXVoSmLqGBT10a
C0Cs7dd8NhE4A8+KQikvrJHv2V7o2mKzxU6Dr9s9jUILb5F9EeZz7wbx1WJggod4
5Ex92cHR8TBnZAgD07NwzGp8kI6BYRqWw1RC/Qv9ZLG4jfL1sgdM8WXouGg2gPe+
5nZUQg+RKdG56fKrnmDkyixdew06ce243sxOLmNGwmZhG+HMixrbjPxOKSCYL6Te
tS1Ax+Th9h47PZAkmxg7merZMIN2vCj9M+J7nAVJppb5l9vId9xAY+PojgFLK/L1
VEqe+27sn9w0HqAriHpuD39PSp3llW//zqmLAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUdylDDTLt9AmQjXWIfZD6ncsyGvEwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2R5bEREVEx0OUFtUWpY
V0lmWkQ2bmNzeUd2RS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAK2sBCKPFlYYHLUK
NN0L+RQCZhT9GzlUTiGNy0QeTJY5spGq0aMKDoNSGtFCGsJsGfjjBBEONpjkxyYo
lq8PWgS3bz63E5sx3h9kIWsZLfoI/L6B2t8Jx1ihyJhCMkmsWlMIWOjnjpDPBeDR
xf4ex0WesWOmnli73H7tgP5dee9umXVIFIHRoXCaY+Qt+D+PVnaGCp+R4HEPtdIG
N47e8VfLRQJ1/kJS1oRmegxvy3yAPkXu7eNAOyzN9FILmCNkfD7pm3xoHh5KuhDC
VEJKv5wJFkhQfBaU2tK6YGOYGkMRQgE+sDd3Z/sIv+gcRBhs+UGQMu/CT/kVKmYh
/jOQDY0=
-----END CERTIFICATE-----
Generated at Tue Apr 30 04:46:15 2024 by rpki-client on console.sobornost.net