Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/pNESAnDrMY7u5XfduQTfsxYDGDc.roa
File: pNESAnDrMY7u5XfduQTfsxYDGDc.roa (raw, json)
Hash identifier: hMdA1/qGxryMEZwj3MCSJNXAQERlXxAOk9S4zd4Wl3s=
Subject key identifier: A4:D1:12:02:70:EB:31:8E:EE:E5:77:DD:B9:04:DF:B3:16:03:18:37
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 552E
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/pNESAnDrMY7u5XfduQTfsxYDGDc.roa
Signing time: Sun 12 May 2024 03:54:25 +0000
ROA not before: Sun 12 May 2024 03:54:25 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21806 (0x552e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 12 03:54:25 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=A4D1120270EB318EEEE577DDB904DFB316031837
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:b7:49:5e:88:9f:81:d1:3e:09:dd:03:a7:37:
7b:4f:7b:6e:b9:df:79:d5:28:57:c4:3b:88:75:d6:
d6:9f:6b:e3:d5:4a:05:59:be:b9:fa:54:63:01:41:
37:71:dd:aa:73:cf:d2:df:98:f9:c5:ce:a1:22:15:
e3:ef:10:14:4d:c8:23:c6:75:86:6c:16:46:ea:15:
91:85:7b:15:ae:17:0c:ca:6f:29:e9:5c:cd:fa:5d:
60:c4:90:b9:9c:1e:5c:28:03:a6:48:c0:9e:c6:3b:
b2:32:22:5b:a8:fe:dd:32:07:9a:67:8e:4e:bd:7d:
90:6b:82:e4:a6:70:6e:fd:16:20:98:4c:28:be:e6:
0c:4e:cb:1d:82:57:83:50:65:04:f5:f2:76:65:e6:
dd:95:9c:b6:ba:3b:ac:06:02:1f:6f:e7:05:9c:35:
ec:1c:a1:ca:1a:55:0e:4a:6b:c6:03:0f:04:e6:32:
21:b1:78:23:0a:6d:ab:a3:4a:eb:22:ee:3e:eb:3a:
ce:84:b8:e3:ea:04:b0:81:42:25:8b:9e:54:2a:cd:
5d:95:9e:d4:0f:c1:41:89:5e:a0:e5:d7:39:10:d6:
46:d0:bd:92:81:45:68:5a:93:30:d5:29:d7:fd:9b:
7c:65:d5:b7:5d:63:28:6b:0d:a4:89:39:9c:08:06:
ec:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:D1:12:02:70:EB:31:8E:EE:E5:77:DD:B9:04:DF:B3:16:03:18:37
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/pNESAnDrMY7u5XfduQTfsxYDGDc.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
8b:b5:7a:f9:c7:75:8d:be:31:2f:3f:e3:02:72:2d:c9:80:0b:
c3:14:c7:ce:70:7b:b4:eb:21:10:24:08:d2:ec:60:43:11:f5:
35:f4:f9:a0:76:70:55:43:b9:ad:1f:ae:2e:e7:18:48:b7:97:
80:64:0b:ec:35:47:6d:c5:93:46:5b:42:65:f4:00:eb:d2:d2:
08:0e:89:49:2b:fd:8c:16:73:d4:05:4a:c0:18:67:be:e3:4d:
0f:bc:b2:82:33:2e:af:b9:66:43:0f:40:e1:23:1c:ec:5e:37:
a5:cf:4f:a1:0c:d2:90:ef:96:b6:f2:bd:28:63:c0:25:57:ac:
81:08:47:f9:41:84:48:0c:8c:d5:2f:40:be:ab:32:ec:e7:17:
d3:a8:00:9d:79:80:08:60:95:75:22:d1:eb:92:5d:86:cb:aa:
e5:9c:0b:90:2d:d6:9a:bd:3b:4a:bd:9e:5b:ca:f2:97:92:f7:
57:52:6d:ff:b5:89:83:e8:81:8c:a0:5e:80:3e:0b:e2:0b:1a:
02:00:22:44:24:63:67:b8:3a:6b:0d:86:c4:0a:d5:25:b5:c7:
43:09:f1:89:b4:cc:d7:f3:f8:7a:f6:0e:3e:40:1b:a4:5f:b7:
7f:ee:b0:9c:d0:a4:b2:21:a5:97:cf:5c:eb:aa:e8:e2:0c:44:
2e:f1:5f:b5
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICVS4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MTIw
MzU0MjVaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEE0RDExMjAyNzBFQjMx
OEVFRUU1NzdEREI5MDRERkIzMTYwMzE4MzcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCxt0leiJ+B0T4J3QOnN3tPe26533nVKFfEO4h11tafa+PVSgVZ
vrn6VGMBQTdx3apzz9LfmPnFzqEiFePvEBRNyCPGdYZsFkbqFZGFexWuFwzKbynp
XM36XWDEkLmcHlwoA6ZIwJ7GO7IyIluo/t0yB5pnjk69fZBrguSmcG79FiCYTCi+
5gxOyx2CV4NQZQT18nZl5t2VnLa6O6wGAh9v5wWcNewcocoaVQ5Ka8YDDwTmMiGx
eCMKbaujSusi7j7rOs6EuOPqBLCBQiWLnlQqzV2VntQPwUGJXqDl1zkQ1kbQvZKB
RWhakzDVKdf9m3xl1bddYyhrDaSJOZwIBuzxAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUpNESAnDrMY7u5XfduQTfsxYDGDcwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3BORVNBbkRyTVk3dTVY
ZmR1UVRmc3hZREdEYy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAi7V6+cd1jb4xLz/jAnItyYALwxTHznB7
tOshECQI0uxgQxH1NfT5oHZwVUO5rR+uLucYSLeXgGQL7DVHbcWTRltCZfQA69LS
CA6JSSv9jBZz1AVKwBhnvuNND7yygjMur7lmQw9A4SMc7F43pc9PoQzSkO+WtvK9
KGPAJVesgQhH+UGESAyM1S9Avqsy7OcX06gAnXmACGCVdSLR65Jdhsuq5ZwLkC3W
mr07Sr2eW8ryl5L3V1Jt/7WJg+iBjKBegD4L4gsaAgAiRCRjZ7g6aw2GxArVJbXH
QwnxibTM1/P4evYOPkAbpF+3f+6wnNCksiGll89c66ro4gxELvFftQ==
-----END CERTIFICATE-----
Generated at Sun May 12 11:51:32 2024 by rpki-client on console.sobornost.net