Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/n8s56eyvdxy8SHvrzsQ55TrOYYs.roa
File: n8s56eyvdxy8SHvrzsQ55TrOYYs.roa (raw, json)
Hash identifier: 6M7t8UD2XShJVQHcoHP85H3rC26YtIl8vNdtHN/28W8=
Subject key identifier: 9F:CB:39:E9:EC:AF:77:1C:BC:48:7B:EB:CE:C4:39:E5:3A:CE:61:8B
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3F89
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/n8s56eyvdxy8SHvrzsQ55TrOYYs.roa
Signing time: Sat 13 Apr 2024 07:22:48 +0000
ROA not before: Sat 13 Apr 2024 07:22:48 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16265 (0x3f89)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 13 07:22:48 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=9FCB39E9ECAF771CBC487BEBCEC439E53ACE618B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:40:95:fa:94:55:79:f4:1f:e2:c6:ef:e0:91:
56:9e:b9:f8:3f:50:f0:ff:ba:38:43:76:eb:a4:be:
58:44:29:9a:5f:58:73:5c:6e:ba:69:0d:38:23:05:
22:36:27:f8:53:b3:97:79:f6:97:af:68:7e:be:16:
b4:cb:fa:6f:b7:46:ec:f4:d6:06:e4:95:c4:0b:0c:
a1:e9:07:fa:9e:be:db:07:f5:8a:79:50:b5:1c:68:
42:1e:e2:c1:87:58:50:dc:de:5c:fa:b0:8c:2a:e5:
31:df:53:c9:37:27:84:23:e7:7d:88:b3:96:fc:e7:
3c:14:f9:47:22:55:ae:1d:22:be:9c:97:88:ec:c1:
23:6b:20:9a:7d:83:1a:c0:e1:ec:90:bd:47:b2:d2:
c9:a2:aa:6b:c7:78:0d:04:be:46:f7:84:31:ba:86:
8a:72:3c:fd:f8:c3:82:09:1f:37:f9:9e:11:13:6c:
25:61:66:ca:a3:a3:2d:13:06:ed:3e:35:ee:b0:71:
9b:6c:9d:30:b6:6b:78:e0:4b:54:90:c7:38:93:9f:
d0:fa:68:41:79:fe:3b:7d:85:48:a9:4c:bd:e2:4c:
6c:06:62:39:e1:64:cd:7f:79:67:83:cf:59:d5:a0:
d0:cf:30:23:a6:74:93:e6:94:59:f6:02:e0:b0:bf:
56:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:CB:39:E9:EC:AF:77:1C:BC:48:7B:EB:CE:C4:39:E5:3A:CE:61:8B
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/n8s56eyvdxy8SHvrzsQ55TrOYYs.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
87:a8:f6:83:33:5c:36:11:5f:29:41:41:b4:57:7a:63:38:8e:
df:99:0c:57:a1:b4:e4:52:c3:6b:52:46:74:49:5a:6f:ce:3f:
1c:20:0a:a5:62:71:55:1a:ed:66:3f:ee:db:e7:27:bd:fe:0c:
83:ac:b0:22:af:15:0c:6f:a7:78:56:24:72:cc:d3:12:a3:44:
83:91:2f:89:c9:67:6b:27:62:c3:a9:f8:42:3e:f9:9d:3c:5c:
5f:1b:a6:54:eb:3c:c3:32:aa:cf:86:f1:ac:c6:30:02:ad:cd:
a7:35:19:74:84:80:69:c6:81:18:ad:e5:7b:b4:64:32:6d:dd:
bc:8e:14:64:c8:e9:59:d0:7e:90:d3:89:9c:0c:43:6a:ef:99:
4e:8b:da:9f:cd:1c:a2:19:2f:44:1c:af:ac:30:a4:e0:e9:ca:
b2:44:44:07:14:65:7c:0c:d2:85:8b:68:98:5a:33:76:d0:48:
91:5c:9a:f3:cf:43:32:14:95:ea:0c:99:96:d1:da:71:67:cc:
c2:30:d6:96:97:37:d2:9a:a4:7a:64:96:87:f6:a3:65:6c:66:
c7:cf:61:ab:16:c5:be:d6:d6:0e:d6:66:1e:d9:c8:88:a0:7e:
0f:d6:c5:1c:d5:eb:6a:79:12:94:48:21:8e:1b:0f:93:f6:2f:
83:21:6a:d1
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICP4kwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTMw
NzIyNDhaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDlGQ0IzOUU5RUNBRjc3
MUNCQzQ4N0JFQkNFQzQzOUU1M0FDRTYxOEIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQChQJX6lFV59B/ixu/gkVaeufg/UPD/ujhDduukvlhEKZpfWHNc
brppDTgjBSI2J/hTs5d59pevaH6+FrTL+m+3Ruz01gbklcQLDKHpB/qevtsH9Yp5
ULUcaEIe4sGHWFDc3lz6sIwq5THfU8k3J4Qj532Is5b85zwU+UciVa4dIr6cl4js
wSNrIJp9gxrA4eyQvUey0smiqmvHeA0Evkb3hDG6hopyPP34w4IJHzf5nhETbCVh
Zsqjoy0TBu0+Ne6wcZtsnTC2a3jgS1SQxziTn9D6aEF5/jt9hUipTL3iTGwGYjnh
ZM1/eWeDz1nVoNDPMCOmdJPmlFn2AuCwv1ZbAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUn8s56eyvdxy8SHvrzsQ55TrOYYswHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L244czU2ZXl2ZHh5OFNI
dnJ6c1E1NVRyT1lZcy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAIeo9oMzXDYRXylB
QbRXemM4jt+ZDFehtORSw2tSRnRJWm/OPxwgCqVicVUa7WY/7tvnJ73+DIOssCKv
FQxvp3hWJHLM0xKjRIORL4nJZ2snYsOp+EI++Z08XF8bplTrPMMyqs+G8azGMAKt
zac1GXSEgGnGgRit5Xu0ZDJt3byOFGTI6VnQfpDTiZwMQ2rvmU6L2p/NHKIZL0Qc
r6wwpODpyrJERAcUZXwM0oWLaJhaM3bQSJFcmvPPQzIUleoMmZbR2nFnzMIw1paX
N9KapHpklof2o2VsZsfPYasWxb7W1g7WZh7ZyIigfg/WxRzV62p5EpRIIY4bD5P2
L4MhatE=
-----END CERTIFICATE-----
Generated at Sat Apr 13 13:47:28 2024 by rpki-client on console.sobornost.net