Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/rP5iv67bgiKq--yNZMlhRYQzQUY.roa
File: rP5iv67bgiKq--yNZMlhRYQzQUY.roa (raw, json)
Hash identifier: 9bdjow3mXAELpoEi/6RnkzVRS/RJA/DSg5xW/sgtz9I=
Subject key identifier: AC:FE:62:BF:AE:DB:82:22:AA:FB:EC:8D:64:C9:61:45:84:33:41:46
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4361
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/rP5iv67bgiKq--yNZMlhRYQzQUY.roa
Signing time: Thu 18 Apr 2024 10:23:01 +0000
ROA not before: Thu 18 Apr 2024 10:23:01 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17249 (0x4361)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 18 10:23:01 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=ACFE62BFAEDB8222AAFBEC8D64C9614584334146
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:a7:40:89:03:08:4b:66:52:62:8e:03:39:9e:
7d:c9:ce:ab:99:44:21:71:4c:8e:18:a4:77:6c:b7:
5f:72:44:18:78:ea:ad:2f:85:8f:06:18:a4:cc:6d:
73:fb:80:c0:f0:84:6b:f6:51:31:b5:b6:04:9a:d6:
70:30:f1:52:1f:5e:94:5a:98:db:a3:f0:8d:15:06:
a8:f4:f0:4e:06:9f:ca:b8:68:b0:bb:ad:9a:b6:4b:
ed:46:86:27:97:27:36:ef:5e:65:d8:ee:e7:17:36:
eb:6f:91:85:33:e6:80:a8:4f:4a:0c:ab:3d:1f:7f:
16:f5:45:f4:ca:eb:77:59:9f:87:b9:0a:fc:aa:85:
92:17:20:2d:5a:8e:0f:f8:03:c2:fd:e2:c2:b0:be:
4b:fc:99:49:2a:29:32:a7:91:cd:5f:5e:06:33:2f:
f3:98:0d:43:f9:7b:10:a3:17:79:b7:21:44:b7:42:
34:0b:c7:f6:5a:00:3f:f7:0a:55:3a:ea:5e:e8:90:
b6:c9:f5:27:58:8a:44:06:84:e2:24:72:d9:54:b6:
4f:74:f5:7d:8f:7b:80:86:c1:93:c8:c0:b0:ec:46:
5d:69:28:17:86:b9:38:56:4b:fc:97:8a:8d:1c:b2:
cf:6c:1f:35:3b:6e:7f:17:ac:1c:d8:83:5a:b3:b3:
39:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:FE:62:BF:AE:DB:82:22:AA:FB:EC:8D:64:C9:61:45:84:33:41:46
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/rP5iv67bgiKq--yNZMlhRYQzQUY.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
49:c9:c9:19:97:13:02:73:13:07:4a:29:74:dc:e1:29:58:1e:
0e:c6:67:87:f4:ac:f1:73:c2:65:04:33:e0:31:d0:93:88:f9:
5d:80:1f:04:39:5a:1a:d7:66:cf:bb:91:90:ce:10:2c:86:fe:
f1:e6:41:e7:9f:0a:de:19:11:62:f2:64:5c:61:c1:0d:c8:dd:
75:09:25:7c:eb:b2:a1:bd:56:9f:f8:ee:24:0b:cc:22:e8:60:
80:2b:19:0f:d0:b8:3d:a8:2a:07:c3:88:03:04:c8:49:05:52:
66:ac:11:19:09:ca:5b:27:50:19:43:f1:23:44:ab:13:ea:0d:
51:9d:a4:ff:ba:01:10:8e:b2:01:98:3e:fc:f8:d5:5f:0d:1c:
2d:87:e0:2e:30:aa:e7:4b:4a:4b:6b:17:54:a8:53:d5:6d:65:
36:25:b8:bd:e6:5b:a8:ab:48:35:5c:d6:cc:ca:9b:a9:fb:2f:
17:77:6f:d8:82:e6:bd:f5:e3:c3:3f:03:ae:68:a6:b1:38:71:
8e:b3:1e:bc:37:43:dc:d5:0a:72:65:e1:60:09:5e:cb:72:b5:
b6:5f:3d:9e:47:51:8a:0a:0d:6d:1f:a5:ea:84:78:c1:c4:19:
07:72:de:56:df:c0:92:de:2a:f4:b0:25:0a:eb:ca:18:95:a0:
43:32:d6:53
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICQ2EwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTgx
MDIzMDFaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEFDRkU2MkJGQUVEQjgy
MjJBQUZCRUM4RDY0Qzk2MTQ1ODQzMzQxNDYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDgp0CJAwhLZlJijgM5nn3JzquZRCFxTI4YpHdst19yRBh46q0v
hY8GGKTMbXP7gMDwhGv2UTG1tgSa1nAw8VIfXpRamNuj8I0VBqj08E4Gn8q4aLC7
rZq2S+1GhieXJzbvXmXY7ucXNutvkYUz5oCoT0oMqz0ffxb1RfTK63dZn4e5Cvyq
hZIXIC1ajg/4A8L94sKwvkv8mUkqKTKnkc1fXgYzL/OYDUP5exCjF3m3IUS3QjQL
x/ZaAD/3ClU66l7okLbJ9SdYikQGhOIkctlUtk909X2Pe4CGwZPIwLDsRl1pKBeG
uThWS/yXio0css9sHzU7bn8XrBzYg1qzszm7AgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUrP5iv67bgiKq++yNZMlhRYQzQUYwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3JQNWl2NjdiZ2lLcS0t
eU5aTWxoUllRelFVWS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAEnJyRmXEwJzEwdK
KXTc4SlYHg7GZ4f0rPFzwmUEM+Ax0JOI+V2AHwQ5WhrXZs+7kZDOECyG/vHmQeef
Ct4ZEWLyZFxhwQ3I3XUJJXzrsqG9Vp/47iQLzCLoYIArGQ/QuD2oKgfDiAMEyEkF
UmasERkJylsnUBlD8SNEqxPqDVGdpP+6ARCOsgGYPvz41V8NHC2H4C4wqudLSktr
F1SoU9VtZTYluL3mW6irSDVc1szKm6n7Lxd3b9iC5r3148M/A65oprE4cY6zHrw3
Q9zVCnJl4WAJXstytbZfPZ5HUYoKDW0fpeqEeMHEGQdy3lbfwJLeKvSwJQrryhiV
oEMy1lM=
-----END CERTIFICATE-----
Generated at Thu Apr 18 18:13:36 2024 by rpki-client on console.sobornost.net