Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/pjtf30Z6bsc18OQWTJW94nH_aFg.roa
File: pjtf30Z6bsc18OQWTJW94nH_aFg.roa (raw, json)
Hash identifier: oVcJZAgwCrBROBl6fQ6Ik56uPrQMAlHRkpGRwZgQiXY=
Subject key identifier: A6:3B:5F:DF:46:7A:6E:C7:35:F0:E4:16:4C:95:BD:E2:71:FF:68:58
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 55D5
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/pjtf30Z6bsc18OQWTJW94nH_aFg.roa
Signing time: Mon 13 May 2024 00:54:12 +0000
ROA not before: Mon 13 May 2024 00:54:12 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21973 (0x55d5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 13 00:54:12 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=A63B5FDF467A6EC735F0E4164C95BDE271FF6858
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:eb:cc:01:0b:85:3d:48:32:1f:ce:26:67:84:
5b:24:c0:3c:c5:85:3e:8d:dd:d6:80:54:5b:22:9a:
47:93:4f:2c:00:e2:1b:7d:62:0d:6d:d9:ef:27:34:
50:07:7e:1b:a2:45:79:a9:ef:f0:d0:63:98:ff:72:
03:5c:ce:5b:2e:0c:04:66:e2:f6:38:e4:75:31:bc:
36:ee:8f:f5:15:ce:98:20:53:bf:21:14:a2:c1:60:
1d:2b:8c:f8:50:32:dd:54:4a:1a:93:bb:de:25:e1:
75:66:cd:12:08:6a:d5:2f:ed:d3:d0:bc:91:40:ea:
fc:05:19:9f:34:32:21:b4:e7:96:4c:d5:b3:66:9e:
e9:a0:f3:ac:ac:62:7a:a0:99:4d:8a:61:09:b0:e6:
59:13:64:94:62:79:c6:7a:47:ab:44:8e:ce:d5:c4:
6d:9a:94:d3:57:3d:aa:b0:f8:6b:19:01:aa:61:e1:
66:d6:8c:15:87:c2:47:a6:f5:ff:46:12:59:88:fa:
17:db:ba:44:9d:04:86:61:62:a2:80:65:e0:52:d8:
ab:64:95:a3:29:c3:a4:3f:64:97:b5:84:89:21:64:
37:77:25:58:b9:a4:92:83:40:27:6c:fb:d0:66:21:
53:9f:b3:d7:24:43:1f:f7:1f:8d:36:9d:0b:a4:f5:
df:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:3B:5F:DF:46:7A:6E:C7:35:F0:E4:16:4C:95:BD:E2:71:FF:68:58
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/pjtf30Z6bsc18OQWTJW94nH_aFg.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
79:64:68:8c:4b:a2:b9:cd:dc:4f:93:54:9e:c9:7e:41:41:d1:
36:b1:db:d7:8e:51:05:e5:40:4e:98:06:98:a4:ba:2b:39:49:
58:0f:b3:0f:b8:78:82:0f:76:ab:af:a0:af:1c:dc:5f:80:43:
79:fb:0c:b2:f3:e1:4a:f7:57:7c:ad:a6:45:e0:79:c5:a2:13:
e3:a9:56:ea:d7:b8:96:fe:a6:a7:08:e9:81:ab:aa:f9:24:1c:
14:7e:12:a0:dd:b8:9e:b9:11:c3:75:6d:1d:72:9e:81:56:b5:
aa:13:de:2d:5c:94:49:74:3d:5a:22:42:74:3a:89:2e:a6:22:
01:db:46:a0:98:d2:d5:6a:b8:57:8b:60:d2:25:39:f2:3d:de:
07:95:cc:6d:ea:a8:fb:b0:f6:ed:ea:7c:53:7d:92:73:86:06:
55:c2:9f:0b:ad:6c:f5:da:75:75:79:6d:44:af:44:62:6c:af:
38:c2:db:28:4b:c3:f7:51:8e:25:52:cc:c7:cb:b4:2f:7a:63:
23:60:a9:33:57:38:96:01:a7:85:31:81:82:36:4b:cd:51:cd:
71:d8:b2:44:20:ca:e7:23:6b:9e:d8:a0:37:43:42:40:bb:35:
d3:d4:59:b6:7c:8e:0c:c7:35:0d:c7:42:77:0e:86:73:43:77:
4d:47:05:2c
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICVdUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MTMw
MDU0MTJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEE2M0I1RkRGNDY3QTZF
QzczNUYwRTQxNjRDOTVCREUyNzFGRjY4NTgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC668wBC4U9SDIfziZnhFskwDzFhT6N3daAVFsimkeTTywA4ht9
Yg1t2e8nNFAHfhuiRXmp7/DQY5j/cgNczlsuDARm4vY45HUxvDbuj/UVzpggU78h
FKLBYB0rjPhQMt1UShqTu94l4XVmzRIIatUv7dPQvJFA6vwFGZ80MiG055ZM1bNm
numg86ysYnqgmU2KYQmw5lkTZJRiecZ6R6tEjs7VxG2alNNXPaqw+GsZAaph4WbW
jBWHwkem9f9GElmI+hfbukSdBIZhYqKAZeBS2KtklaMpw6Q/ZJe1hIkhZDd3JVi5
pJKDQCds+9BmIVOfs9ckQx/3H402nQuk9d9vAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUpjtf30Z6bsc18OQWTJW94nH/aFgwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3BqdGYzMFo2YnNjMThP
UVdUSlc5NG5IX2FGZy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAHlkaIxLornN3E+T
VJ7JfkFB0Tax29eOUQXlQE6YBpikuis5SVgPsw+4eIIPdquvoK8c3F+AQ3n7DLLz
4Ur3V3ytpkXgecWiE+OpVurXuJb+pqcI6YGrqvkkHBR+EqDduJ65EcN1bR1ynoFW
taoT3i1clEl0PVoiQnQ6iS6mIgHbRqCY0tVquFeLYNIlOfI93geVzG3qqPuw9u3q
fFN9knOGBlXCnwutbPXadXV5bUSvRGJsrzjC2yhLw/dRjiVSzMfLtC96YyNgqTNX
OJYBp4UxgYI2S81RzXHYskQgyucja57YoDdDQkC7NdPUWbZ8jgzHNQ3HQncOhnND
d01HBSw=
-----END CERTIFICATE-----
Generated at Mon May 13 05:09:51 2024 by rpki-client on console.sobornost.net