Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/ojB0YD47B4V0GXF1SHpZyO3k23Y.roa
File: ojB0YD47B4V0GXF1SHpZyO3k23Y.roa (raw, json)
Hash identifier: 0bU2OkfYvq3TqirmRrS8wY6xrx0E1FInsXUPPWSkRAY=
Subject key identifier: A2:30:74:60:3E:3B:07:85:74:19:71:75:48:7A:59:C8:ED:E4:DB:76
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 36F6
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/ojB0YD47B4V0GXF1SHpZyO3k23Y.roa
Signing time: Mon 01 Apr 2024 20:52:15 +0000
ROA not before: Mon 01 Apr 2024 20:52:15 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14070 (0x36f6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 1 20:52:15 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=A23074603E3B078574197175487A59C8EDE4DB76
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:07:ef:b7:08:2c:a9:e8:af:de:15:67:71:06:
d8:af:6a:8f:67:e2:f2:8e:b9:38:7c:f9:0d:f1:4e:
f6:65:b1:b2:27:fc:6e:08:a3:ab:c6:43:04:1f:e6:
22:86:79:4c:bb:ed:04:d6:f7:39:df:14:a8:73:f0:
16:db:d2:4e:a4:bf:78:ef:93:5b:e3:32:98:55:8f:
fa:4e:4e:d6:e1:e0:5e:6b:67:54:4b:ff:bb:41:79:
00:a5:01:1d:f1:67:da:3e:3b:2d:09:15:52:ad:1c:
3e:ad:6e:42:7e:b9:f5:90:2a:58:dd:08:d2:ca:c0:
04:1f:20:91:a1:ec:2e:de:24:99:eb:f7:fa:c2:7b:
a3:41:42:d0:81:68:fc:01:c2:88:5e:85:cf:c2:b4:
a8:15:0e:de:3b:fd:2c:04:9e:a3:ee:a0:c1:97:df:
86:d6:c4:ed:9d:df:64:bc:8f:cd:26:a6:8c:86:1e:
f9:76:e0:7f:74:7b:5a:58:c7:74:8b:4c:4a:5a:94:
db:42:a9:4a:5f:16:a6:58:4d:35:c9:fb:43:4b:5a:
bf:ce:f1:68:a1:ec:98:61:fa:24:35:9a:74:4c:0a:
bd:fc:f5:f6:ff:a7:1c:18:d3:a1:cc:67:0a:50:8e:
ae:8a:dd:9c:0e:f4:59:e1:14:be:12:ca:ea:e5:ee:
2c:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:30:74:60:3E:3B:07:85:74:19:71:75:48:7A:59:C8:ED:E4:DB:76
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/ojB0YD47B4V0GXF1SHpZyO3k23Y.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
0e:cf:0c:1b:b9:ea:30:96:4d:de:3d:52:c4:83:6e:8f:b9:2e:
7b:5d:9e:ba:28:4e:16:82:9a:32:c0:80:36:5f:07:4e:ac:a3:
51:7d:37:6a:ac:55:19:30:93:dd:19:62:a2:6b:19:05:df:6c:
26:0a:58:aa:ba:05:7d:25:ed:61:1c:b4:85:b5:aa:31:20:13:
a9:5e:c4:c2:79:ad:86:54:08:dc:03:7d:e1:19:dc:01:ca:89:
6d:27:70:1a:78:39:6c:23:91:83:7b:42:f3:1a:1e:cc:d8:d3:
da:aa:17:b6:c0:d4:9e:72:76:7e:1c:0b:ef:28:d3:40:fb:86:
73:01:64:53:0b:d0:d5:eb:c1:74:ac:56:33:0e:7a:d0:ae:97:
a6:aa:5d:29:e2:69:0a:81:38:1b:05:f7:fa:45:80:7c:b7:84:
c1:78:be:ee:93:21:5a:99:b2:4d:14:b4:88:29:77:7f:4b:c4:
27:39:6e:5d:fc:09:00:2c:52:f7:9b:58:5c:ad:94:ed:84:c4:
17:a0:91:af:a1:eb:c1:3e:81:4b:07:03:f0:eb:17:eb:63:5b:
46:4a:55:82:e6:f5:3c:b0:dd:48:fc:22:13:51:da:14:7c:21:
68:52:19:2e:b7:2f:c3:8c:f1:a4:7b:1c:b5:11:a3:8e:0d:bc:
6d:eb:64:53
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICNvYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDEy
MDUyMTVaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEEyMzA3NDYwM0UzQjA3
ODU3NDE5NzE3NTQ4N0E1OUM4RURFNERCNzYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC5B++3CCyp6K/eFWdxBtivao9n4vKOuTh8+Q3xTvZlsbIn/G4I
o6vGQwQf5iKGeUy77QTW9znfFKhz8Bbb0k6kv3jvk1vjMphVj/pOTtbh4F5rZ1RL
/7tBeQClAR3xZ9o+Oy0JFVKtHD6tbkJ+ufWQKljdCNLKwAQfIJGh7C7eJJnr9/rC
e6NBQtCBaPwBwohehc/CtKgVDt47/SwEnqPuoMGX34bWxO2d32S8j80mpoyGHvl2
4H90e1pYx3SLTEpalNtCqUpfFqZYTTXJ+0NLWr/O8Wih7Jhh+iQ1mnRMCr389fb/
pxwY06HMZwpQjq6K3ZwO9FnhFL4Syurl7ixhAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUojB0YD47B4V0GXF1SHpZyO3k23YwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L29qQjBZRDQ3QjRWMEdY
RjFTSHBaeU8zazIzWS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEADs8MG7nqMJZN3j1SxINuj7kue12euihO
FoKaMsCANl8HTqyjUX03aqxVGTCT3RliomsZBd9sJgpYqroFfSXtYRy0hbWqMSAT
qV7EwnmthlQI3AN94RncAcqJbSdwGng5bCORg3tC8xoezNjT2qoXtsDUnnJ2fhwL
7yjTQPuGcwFkUwvQ1evBdKxWMw560K6XpqpdKeJpCoE4GwX3+kWAfLeEwXi+7pMh
WpmyTRS0iCl3f0vEJzluXfwJACxS95tYXK2U7YTEF6CRr6HrwT6BSwcD8OsX62Nb
RkpVgub1PLDdSPwiE1HaFHwhaFIZLrcvw4zxpHsctRGjjg28betkUw==
-----END CERTIFICATE-----
Generated at Tue Apr 2 02:40:47 2024 by rpki-client on console.sobornost.net