Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/eACq4-BAz3_7q8rvRPDF_K9TwnU.roa
File: eACq4-BAz3_7q8rvRPDF_K9TwnU.roa (raw, json)
Hash identifier: yOHVLFZ7ZpzeuZWiGwvBUKyNwU0dpjErQQpMMegX2bo=
Subject key identifier: 78:00:AA:E3:E0:40:CF:7F:FB:AB:CA:EF:44:F0:C5:FC:AF:53:C2:75
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4E16
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/eACq4-BAz3_7q8rvRPDF_K9TwnU.roa
Signing time: Thu 02 May 2024 16:53:42 +0000
ROA not before: Thu 02 May 2024 16:53:42 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 19990 (0x4e16)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 2 16:53:42 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=7800AAE3E040CF7FFBABCAEF44F0C5FCAF53C275
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:bb:59:e7:c5:94:a9:fa:e8:29:ab:d0:13:e9:
fa:0e:56:1d:dd:0c:ce:4b:60:4a:ba:22:e6:28:55:
ea:62:59:8e:e2:59:c9:1c:ae:d9:98:f5:8f:74:3c:
11:2e:b1:08:03:b4:3e:0c:2d:03:09:30:ec:c9:24:
10:b8:1a:ef:1f:03:58:f5:9e:da:e0:cf:86:ca:d1:
6d:f1:db:77:3c:c5:ac:88:3d:f6:e7:2f:3d:cd:8e:
72:a8:aa:c7:e4:a9:56:4e:28:62:b9:df:66:72:60:
5a:e0:9a:75:13:e2:e4:df:67:94:87:e9:ee:61:28:
91:3a:92:1c:2d:b2:d4:89:a2:35:bc:5d:4d:fe:be:
c1:cd:61:d2:e1:13:4d:92:7f:ee:fe:c0:25:f4:81:
3e:56:46:74:7e:27:15:96:ec:af:e7:04:b2:00:d8:
6b:ab:50:19:c0:e1:6c:b1:55:18:10:14:91:78:95:
92:17:2a:35:ed:a2:23:ec:b2:05:e5:91:75:58:7a:
70:a2:60:1f:d0:7b:62:38:5d:41:7a:b6:c0:e3:81:
c0:f3:28:32:ce:a9:38:66:26:5b:ed:08:45:47:69:
c4:83:33:07:c2:2d:70:1d:a0:28:e6:8b:9b:1e:91:
86:17:c1:56:1f:15:e4:3f:3b:25:ae:d1:0b:60:02:
0d:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:00:AA:E3:E0:40:CF:7F:FB:AB:CA:EF:44:F0:C5:FC:AF:53:C2:75
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/eACq4-BAz3_7q8rvRPDF_K9TwnU.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
06:f6:93:23:e5:ee:2b:76:42:9b:70:bc:84:c1:35:d5:fe:e7:
d2:24:0c:23:25:31:75:9b:8a:73:c3:16:6d:6a:bd:1c:1d:e7:
61:32:ff:f0:e1:82:0e:24:9f:53:b7:fc:0b:11:6f:be:4d:e2:
9b:0d:2d:02:06:d1:2d:88:dd:5d:64:2f:6d:6c:37:31:56:9b:
11:62:06:cd:64:69:34:ce:b6:6e:c8:a7:ab:5f:8d:0e:ea:a6:
1e:d8:cb:97:8b:da:29:9b:70:8a:46:09:a3:58:47:43:c0:0a:
f3:c1:b4:df:1a:bf:36:5c:c0:d0:4f:fa:7b:2d:35:26:08:d0:
5d:b9:55:1b:14:3c:96:87:d2:77:7d:51:64:d6:f0:44:d7:0c:
69:ca:d0:67:17:02:23:42:de:00:cb:94:00:d9:a6:04:ef:e7:
03:e2:40:f0:81:55:ca:bc:b7:33:6b:19:f1:74:f3:d2:24:8b:
ee:54:1c:bc:28:9f:ec:bd:66:35:52:f9:7c:ab:af:ae:3c:18:
b0:69:d3:8c:b9:92:e5:9a:30:ab:3d:dc:69:e2:8d:cb:6c:6c:
20:af:62:04:4b:f6:bc:76:30:8d:c5:4c:1f:00:7c:50:0b:70:
7e:3e:48:e6:cc:dc:49:1d:b6:c5:1d:32:0b:b8:38:35:8e:94:
28:2a:bc:5c
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICThYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDIx
NjUzNDJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDc4MDBBQUUzRTA0MENG
N0ZGQkFCQ0FFRjQ0RjBDNUZDQUY1M0MyNzUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDAu1nnxZSp+ugpq9AT6foOVh3dDM5LYEq6IuYoVepiWY7iWckc
rtmY9Y90PBEusQgDtD4MLQMJMOzJJBC4Gu8fA1j1ntrgz4bK0W3x23c8xayIPfbn
Lz3NjnKoqsfkqVZOKGK532ZyYFrgmnUT4uTfZ5SH6e5hKJE6khwtstSJojW8XU3+
vsHNYdLhE02Sf+7+wCX0gT5WRnR+JxWW7K/nBLIA2GurUBnA4WyxVRgQFJF4lZIX
KjXtoiPssgXlkXVYenCiYB/Qe2I4XUF6tsDjgcDzKDLOqThmJlvtCEVHacSDMwfC
LXAdoCjmi5sekYYXwVYfFeQ/OyWu0QtgAg1ZAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUeACq4+BAz3/7q8rvRPDF/K9TwnUwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2VBQ3E0LUJBejNfN3E4
cnZSUERGX0s5VHduVS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEABvaTI+XuK3ZCm3C8hME11f7n0iQMIyUx
dZuKc8MWbWq9HB3nYTL/8OGCDiSfU7f8CxFvvk3imw0tAgbRLYjdXWQvbWw3MVab
EWIGzWRpNM62bsinq1+NDuqmHtjLl4vaKZtwikYJo1hHQ8AK88G03xq/NlzA0E/6
ey01JgjQXblVGxQ8lofSd31RZNbwRNcMacrQZxcCI0LeAMuUANmmBO/nA+JA8IFV
yry3M2sZ8XTz0iSL7lQcvCif7L1mNVL5fKuvrjwYsGnTjLmS5Zowqz3caeKNy2xs
IK9iBEv2vHYwjcVMHwB8UAtwfj5I5szcSR22xR0yC7g4NY6UKCq8XA==
-----END CERTIFICATE-----
Generated at Fri May 3 00:05:49 2024 by rpki-client on console.sobornost.net