Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/e1CcrrKQhCxBOzG76k9Ff2scCC8.roa
File: e1CcrrKQhCxBOzG76k9Ff2scCC8.roa (raw, json)
Hash identifier: yfyio/Q0y5P0I/Z4tKe/rQgTRCC+KjuNh+3XrMOQI4w=
Subject key identifier: 7B:50:9C:AE:B2:90:84:2C:41:3B:31:BB:EA:4F:45:7F:6B:1C:08:2F
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 540A
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/e1CcrrKQhCxBOzG76k9Ff2scCC8.roa
Signing time: Fri 10 May 2024 15:24:01 +0000
ROA not before: Fri 10 May 2024 15:24:01 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21514 (0x540a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 10 15:24:01 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=7B509CAEB290842C413B31BBEA4F457F6B1C082F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:ca:88:c0:15:e9:f4:26:81:d5:d7:2d:47:67:
a8:78:f9:aa:b0:0d:57:8f:3f:e5:e5:51:16:ab:59:
70:18:32:4a:41:1e:c2:90:99:1e:94:42:a6:f2:ac:
91:f2:40:4d:6b:f1:f8:b5:49:3f:4f:c1:3c:4c:e1:
24:71:f0:ed:2e:85:68:11:8e:66:85:35:bc:87:9d:
31:b2:ac:13:23:42:ce:c6:24:71:24:c5:0c:c5:65:
c5:e3:95:f8:53:0b:3e:62:ad:31:2b:25:52:ef:1b:
04:e3:0d:b7:0c:6c:dd:00:40:9a:fd:cd:4e:80:9b:
67:6b:f1:5b:87:e7:ea:66:7f:6a:34:12:fd:0b:db:
41:5a:f1:8d:d8:75:0a:71:82:a2:8c:c8:9e:84:e0:
be:f8:24:ee:35:cd:a1:05:49:b7:ce:75:eb:23:f4:
66:0f:49:56:7b:a9:5b:c5:de:5c:be:2a:c6:12:88:
d1:fb:1d:67:d6:2a:71:77:b7:b4:52:46:c6:ad:ef:
4a:38:35:4e:a2:da:6c:55:61:e3:9a:3a:b1:87:96:
88:e8:03:09:14:e2:be:ff:cb:74:1d:b3:21:a0:7c:
56:0c:d8:f5:9e:6a:10:16:02:78:f5:20:cf:2c:e5:
13:1e:52:a6:1b:01:b4:f3:67:27:15:04:42:fc:e7:
11:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:50:9C:AE:B2:90:84:2C:41:3B:31:BB:EA:4F:45:7F:6B:1C:08:2F
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/e1CcrrKQhCxBOzG76k9Ff2scCC8.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
55:8a:81:d1:7d:78:98:92:c1:a3:57:b5:a9:61:50:05:40:16:
14:98:71:8e:34:e4:31:5f:64:7d:e9:b7:71:7c:20:70:36:cc:
49:29:d2:af:0e:3e:8a:38:fb:86:53:31:a0:31:e3:85:4a:ba:
05:f2:eb:2d:a4:8b:97:cc:44:87:e7:75:12:21:cf:ca:50:3e:
6e:8c:da:8e:2e:87:e9:e4:b2:5a:a9:d7:a1:18:c4:47:dd:36:
b7:ed:52:3a:2b:db:d4:63:32:10:2a:e3:75:af:95:78:b1:c7:
a6:fc:79:52:25:89:db:a5:02:71:a1:8f:a8:14:86:fa:fb:a1:
11:57:60:8a:ba:1d:ba:d6:15:dd:1d:98:6f:e3:b2:da:69:cd:
0a:a3:92:2f:66:a4:86:4a:69:61:fd:22:08:b6:cf:74:99:e1:
25:50:a7:ef:06:92:47:e4:70:c7:ba:b5:49:8b:12:25:ef:9a:
e0:f0:91:65:3b:6a:47:e1:d3:c6:0a:2d:af:ee:fe:39:68:78:
be:45:1e:b6:9a:79:59:01:42:86:84:4a:9b:45:34:93:74:20:
73:ad:39:3f:50:02:01:1b:2d:4d:b1:79:9b:19:c4:92:3f:6d:
ae:14:f9:f1:7b:37:20:c3:fc:e6:fe:a6:00:fa:fa:67:33:22:
cc:16:c9:33
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICVAowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MTAx
NTI0MDFaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDdCNTA5Q0FFQjI5MDg0
MkM0MTNCMzFCQkVBNEY0NTdGNkIxQzA4MkYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDPyojAFen0JoHV1y1HZ6h4+aqwDVePP+XlURarWXAYMkpBHsKQ
mR6UQqbyrJHyQE1r8fi1ST9PwTxM4SRx8O0uhWgRjmaFNbyHnTGyrBMjQs7GJHEk
xQzFZcXjlfhTCz5irTErJVLvGwTjDbcMbN0AQJr9zU6Am2dr8VuH5+pmf2o0Ev0L
20Fa8Y3YdQpxgqKMyJ6E4L74JO41zaEFSbfOdesj9GYPSVZ7qVvF3ly+KsYSiNH7
HWfWKnF3t7RSRsat70o4NU6i2mxVYeOaOrGHlojoAwkU4r7/y3QdsyGgfFYM2PWe
ahAWAnj1IM8s5RMeUqYbAbTzZycVBEL85xFJAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUe1CcrrKQhCxBOzG76k9Ff2scCC8wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2UxQ2NycktRaEN4Qk96
Rzc2azlGZjJzY0NDOC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAVYqB0X14mJLBo1e1qWFQBUAWFJhxjjTk
MV9kfem3cXwgcDbMSSnSrw4+ijj7hlMxoDHjhUq6BfLrLaSLl8xEh+d1EiHPylA+
bozaji6H6eSyWqnXoRjER902t+1SOivb1GMyECrjda+VeLHHpvx5UiWJ26UCcaGP
qBSG+vuhEVdgirodutYV3R2Yb+Oy2mnNCqOSL2akhkppYf0iCLbPdJnhJVCn7waS
R+Rwx7q1SYsSJe+a4PCRZTtqR+HTxgotr+7+OWh4vkUetpp5WQFChoRKm0U0k3Qg
c605P1ACARstTbF5mxnEkj9trhT58Xs3IMP85v6mAPr6ZzMizBbJMw==
-----END CERTIFICATE-----
Generated at Fri May 10 18:53:01 2024 by rpki-client on console.sobornost.net