Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/elQy6iTgPZ8LY8C9z72_-FcruY8.roa
File: elQy6iTgPZ8LY8C9z72_-FcruY8.roa (raw, json)
Hash identifier: luShQY12guvq8vg61m3yPdooavA6DKKlN0xTNq1o4xs=
Subject key identifier: 7A:54:32:EA:24:E0:3D:9F:0B:63:C0:BD:CF:BD:BF:F8:57:2B:B9:8F
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 44C2
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/elQy6iTgPZ8LY8C9z72_-FcruY8.roa
Signing time: Sat 20 Apr 2024 06:23:02 +0000
ROA not before: Sat 20 Apr 2024 06:23:02 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17602 (0x44c2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 20 06:23:02 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=7A5432EA24E03D9F0B63C0BDCFBDBFF8572BB98F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:69:f9:93:86:51:44:51:a2:74:3b:c5:d2:89:
a3:7e:8e:38:c5:1c:7c:67:4e:7a:5c:41:e0:31:b6:
2f:e5:c3:1a:98:05:df:76:34:b4:04:aa:f1:9f:ad:
0b:44:97:67:26:e2:d0:85:9f:0c:4a:e6:62:6d:78:
f3:54:9b:08:d4:60:fd:04:4e:34:29:e2:31:86:74:
72:f6:f2:ce:5e:d4:65:82:99:5b:2c:f0:c1:ac:30:
97:f8:71:3c:d8:7a:fd:c5:db:2f:3e:ba:62:6e:2d:
58:5e:62:4f:8f:8a:2a:cc:43:a7:c4:79:c4:1d:8c:
34:a7:e3:06:b4:f6:7a:69:b7:d3:57:7f:2f:77:a4:
69:4b:e2:aa:7a:48:da:79:ec:e8:8b:bc:3c:f3:06:
83:1f:c0:2b:1d:b2:d6:f3:11:1c:66:74:40:ca:b5:
33:83:b1:b7:f4:92:e6:24:66:d1:2e:68:c2:6b:91:
a3:1a:3f:cb:66:ff:9f:a3:79:51:ec:f7:0f:96:94:
ec:e8:51:ab:0c:23:bb:b2:9b:43:14:92:9f:ff:aa:
92:67:49:4d:3e:7b:51:8a:e3:8d:56:9c:52:16:12:
ec:1e:76:69:1e:bd:47:13:0f:c0:ef:98:a5:01:62:
a2:20:81:ef:a1:e3:10:56:ea:2a:0d:7c:23:17:19:
4e:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:54:32:EA:24:E0:3D:9F:0B:63:C0:BD:CF:BD:BF:F8:57:2B:B9:8F
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/elQy6iTgPZ8LY8C9z72_-FcruY8.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
27:cc:f6:62:62:b7:ea:07:6a:2e:10:5d:88:48:33:51:d7:65:
95:ab:55:4d:69:62:a8:7e:fc:dd:76:e9:d5:3c:ba:e1:f2:86:
17:7e:d6:4d:8f:8c:98:7f:e9:c4:a8:cf:ae:52:11:b4:b4:99:
0d:df:ec:9e:49:c5:1d:f6:8a:67:8a:fe:49:77:3c:24:14:91:
9a:39:d2:a6:7b:d2:d1:49:8d:55:41:f3:aa:af:97:dd:da:56:
7b:fb:21:2b:73:49:30:a8:c6:29:ee:c9:43:26:09:6d:af:68:
b9:f7:98:af:c5:dd:4d:92:91:db:7b:a7:0e:8f:cf:26:2c:ef:
e8:f4:02:d6:1d:40:4a:ea:6a:1c:65:50:2e:e8:dc:75:22:9c:
63:b3:5e:02:86:63:99:62:61:d3:1e:b4:90:e8:7d:91:09:9a:
01:e3:46:c3:85:16:6e:73:6e:e5:0c:71:23:f2:54:22:8b:93:
3e:42:c4:ae:42:f5:2c:af:ee:2a:8e:f5:5d:a6:40:9e:c9:0a:
5d:7e:1e:3a:0e:cf:13:e3:19:5c:c8:0b:3d:15:fb:b8:06:0d:
39:57:5e:53:2c:05:76:45:5d:be:4f:d5:13:6e:0b:64:dc:22:
60:87:13:e7:31:58:45:85:bb:97:4e:5c:02:7f:c5:8e:ae:9e:
14:23:c3:d8
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICRMIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MjAw
NjIzMDJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDdBNTQzMkVBMjRFMDNE
OUYwQjYzQzBCRENGQkRCRkY4NTcyQkI5OEYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDcafmThlFEUaJ0O8XSiaN+jjjFHHxnTnpcQeAxti/lwxqYBd92
NLQEqvGfrQtEl2cm4tCFnwxK5mJtePNUmwjUYP0ETjQp4jGGdHL28s5e1GWCmVss
8MGsMJf4cTzYev3F2y8+umJuLVheYk+PiirMQ6fEecQdjDSn4wa09nppt9NXfy93
pGlL4qp6SNp57OiLvDzzBoMfwCsdstbzERxmdEDKtTODsbf0kuYkZtEuaMJrkaMa
P8tm/5+jeVHs9w+WlOzoUasMI7uym0MUkp//qpJnSU0+e1GK441WnFIWEuwedmke
vUcTD8DvmKUBYqIgge+h4xBW6ioNfCMXGU5DAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUelQy6iTgPZ8LY8C9z72/+FcruY8wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2VsUXk2aVRnUFo4TFk4
Qzl6NzJfLUZjcnVZOC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAJ8z2YmK36gdqLhBdiEgzUddllatVTWli
qH783Xbp1Ty64fKGF37WTY+MmH/pxKjPrlIRtLSZDd/snknFHfaKZ4r+SXc8JBSR
mjnSpnvS0UmNVUHzqq+X3dpWe/shK3NJMKjGKe7JQyYJba9oufeYr8XdTZKR23un
Do/PJizv6PQC1h1ASupqHGVQLujcdSKcY7NeAoZjmWJh0x60kOh9kQmaAeNGw4UW
bnNu5QxxI/JUIouTPkLErkL1LK/uKo71XaZAnskKXX4eOg7PE+MZXMgLPRX7uAYN
OVdeUywFdkVdvk/VE24LZNwiYIcT5zFYRYW7l05cAn/Fjq6eFCPD2A==
-----END CERTIFICATE-----
Generated at Sat Apr 20 11:45:03 2024 by rpki-client on console.sobornost.net