Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/t8sJ8nNMwgJdNPkwyAMbD1EKFHg.roa
File: t8sJ8nNMwgJdNPkwyAMbD1EKFHg.roa (raw, json)
Hash identifier: 6jaK4hKpoqX4r872r3ia4NSIPZgp8QvJZ05yWrLcxyA=
Subject key identifier: B7:CB:09:F2:73:4C:C2:02:5D:34:F9:30:C8:03:1B:0F:51:0A:14:78
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3B99
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/t8sJ8nNMwgJdNPkwyAMbD1EKFHg.roa
Signing time: Mon 08 Apr 2024 01:22:32 +0000
ROA not before: Mon 08 Apr 2024 01:22:32 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15257 (0x3b99)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 8 01:22:32 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=B7CB09F2734CC2025D34F930C8031B0F510A1478
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:6e:74:11:e1:44:99:38:c2:b0:20:6f:bb:91:
a7:7c:e0:af:99:4e:43:92:89:ee:90:a3:7b:5d:85:
2a:92:07:25:ef:ee:db:a3:41:86:4e:2f:9d:55:20:
8c:92:27:7b:a4:a5:0a:61:62:a1:df:d7:2d:b5:03:
76:24:12:ea:43:66:aa:52:ad:49:de:7c:d9:26:0c:
19:7b:db:9d:81:08:56:9b:d6:94:38:7f:9d:07:16:
50:69:ca:11:b1:46:b1:5d:81:b6:c6:7d:3c:05:6a:
25:0d:e4:4a:c1:79:23:70:c1:86:1e:1e:b3:9f:bd:
f5:f6:63:a2:32:10:23:2d:18:48:f2:d3:7b:cd:d2:
88:63:f7:12:f7:3b:76:5c:83:f6:ee:8e:49:38:fa:
a4:af:3e:d2:02:45:8a:60:1d:26:ee:fa:71:f2:6e:
e5:c3:99:64:07:cb:e3:51:07:11:a3:e3:74:47:48:
f4:d0:09:e4:7c:03:b3:3d:3c:01:8f:34:8e:31:be:
f2:fc:19:82:c8:71:0c:13:c1:88:2e:a4:70:4e:f4:
fd:cf:d6:1f:d2:84:be:97:e0:06:8e:68:7a:56:2f:
87:82:78:66:82:19:c4:fc:9b:13:05:8b:f5:f1:2d:
f0:bb:a5:55:f3:86:f9:8c:f2:50:2b:fb:13:54:b9:
f1:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:CB:09:F2:73:4C:C2:02:5D:34:F9:30:C8:03:1B:0F:51:0A:14:78
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/t8sJ8nNMwgJdNPkwyAMbD1EKFHg.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
94:20:fe:78:ed:96:1c:07:2c:2e:c7:91:2e:47:96:40:cb:83:
3b:6f:b6:d6:39:63:77:5b:05:30:8f:37:f9:70:70:9f:4b:bc:
9c:4a:ca:1a:f9:60:c6:34:14:c9:a6:e7:33:19:bb:a7:65:0d:
f1:c8:7a:8c:b8:f3:d6:ee:cd:4b:56:5d:da:67:09:c4:c9:51:
42:56:ff:ff:78:cb:29:52:4e:82:72:58:e6:b3:66:d9:1d:50:
83:47:71:83:48:97:97:b8:13:4e:3b:65:34:b3:e9:4d:73:23:
c2:43:eb:b8:41:52:5a:ea:cc:c0:b9:c5:c9:d7:2a:41:91:a5:
24:ac:10:df:63:d0:cc:36:f6:fa:56:3c:53:0c:bf:54:88:20:
69:2e:09:e0:70:a5:de:81:a9:e2:76:82:aa:d1:5f:95:22:8c:
33:45:48:a7:ca:a4:7b:5c:4e:03:9b:42:b6:98:a9:4a:26:30:
4e:7e:08:0a:80:ea:b4:3e:ae:1d:fe:86:ac:1b:cf:fb:46:51:
a9:6b:e6:c9:f0:f8:d3:71:68:20:f9:74:29:e3:eb:d1:3c:bb:
a7:c1:4f:9e:31:64:71:0c:db:a6:43:c3:50:c0:25:85:35:08:
cb:bd:a3:18:bb:8f:8a:2f:29:63:99:8a:7f:60:ce:37:df:5b:
d8:d1:84:38
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICO5kwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDgw
MTIyMzJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEI3Q0IwOUYyNzM0Q0My
MDI1RDM0RjkzMEM4MDMxQjBGNTEwQTE0NzgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDYbnQR4USZOMKwIG+7kad84K+ZTkOSie6Qo3tdhSqSByXv7tuj
QYZOL51VIIySJ3ukpQphYqHf1y21A3YkEupDZqpSrUnefNkmDBl7252BCFab1pQ4
f50HFlBpyhGxRrFdgbbGfTwFaiUN5ErBeSNwwYYeHrOfvfX2Y6IyECMtGEjy03vN
0ohj9xL3O3Zcg/bujkk4+qSvPtICRYpgHSbu+nHybuXDmWQHy+NRBxGj43RHSPTQ
CeR8A7M9PAGPNI4xvvL8GYLIcQwTwYgupHBO9P3P1h/ShL6X4AaOaHpWL4eCeGaC
GcT8mxMFi/XxLfC7pVXzhvmM8lAr+xNUufFjAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUt8sJ8nNMwgJdNPkwyAMbD1EKFHgwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3Q4c0o4bk5Nd2dKZE5Q
a3d5QU1iRDFFS0ZIZy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAJQg/njtlhwHLC7H
kS5HlkDLgztvttY5Y3dbBTCPN/lwcJ9LvJxKyhr5YMY0FMmm5zMZu6dlDfHIeoy4
89buzUtWXdpnCcTJUUJW//94yylSToJyWOazZtkdUINHcYNIl5e4E047ZTSz6U1z
I8JD67hBUlrqzMC5xcnXKkGRpSSsEN9j0Mw29vpWPFMMv1SIIGkuCeBwpd6BqeJ2
gqrRX5UijDNFSKfKpHtcTgObQraYqUomME5+CAqA6rQ+rh3+hqwbz/tGUalr5snw
+NNxaCD5dCnj69E8u6fBT54xZHEM26ZDw1DAJYU1CMu9oxi7j4ovKWOZin9gzjff
W9jRhDg=
-----END CERTIFICATE-----
Generated at Mon Apr 8 09:30:09 2024 by rpki-client on console.sobornost.net