Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/tIK-4jRYFbPwXpO_mRLASQdIsFM.roa
File: tIK-4jRYFbPwXpO_mRLASQdIsFM.roa (raw, json)
Hash identifier: 5gCheYvlDKYRiDFR6Bpe/1+hUgPL0oXnb593oMuVRYU=
Subject key identifier: B4:82:BE:E2:34:58:15:B3:F0:5E:93:BF:99:12:C0:49:07:48:B0:53
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4D55
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/tIK-4jRYFbPwXpO_mRLASQdIsFM.roa
Signing time: Wed 01 May 2024 16:53:51 +0000
ROA not before: Wed 01 May 2024 16:53:51 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 19797 (0x4d55)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 1 16:53:51 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=B482BEE2345815B3F05E93BF9912C0490748B053
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:38:11:d6:dd:28:6f:a6:45:7d:a7:5f:fd:8f:
bb:df:26:27:35:6a:6d:f8:23:97:09:fc:e4:f2:cf:
c3:e0:51:db:d4:03:5c:00:a8:11:8f:81:0b:82:a9:
f1:36:fe:c4:b3:8c:9d:b9:de:ea:6e:56:fc:06:be:
1d:7e:70:d3:76:2e:40:cc:da:cd:83:f8:a1:d6:b9:
91:a9:5e:ff:b9:62:b6:5b:76:6b:5f:b3:04:1f:e4:
8d:cf:85:30:64:7d:8f:f1:54:05:cd:46:e1:4f:bd:
10:10:df:dd:f0:c6:51:b2:81:ef:94:86:9a:7b:65:
10:bc:84:c4:9e:c4:ef:a8:0c:b5:f8:91:f8:4c:6f:
85:d3:f1:05:d3:91:22:ed:b6:2d:d2:77:77:0b:0a:
03:b5:73:70:22:7c:72:bc:42:2e:7a:fa:78:dc:89:
21:bf:3d:e4:1b:0d:26:5c:96:68:bc:81:c4:88:5f:
67:0c:bb:71:54:c0:d0:d3:54:8c:9a:a0:2e:58:76:
de:1f:88:4a:cd:41:85:87:d0:10:11:97:89:f7:15:
02:23:dd:97:98:22:9c:ba:3e:6b:a4:74:b5:de:3f:
a0:77:2e:25:a2:55:01:2a:c0:94:6b:e0:88:7a:71:
4c:77:df:34:9b:75:2d:6d:c2:40:fb:fb:82:ab:d1:
d4:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:82:BE:E2:34:58:15:B3:F0:5E:93:BF:99:12:C0:49:07:48:B0:53
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/tIK-4jRYFbPwXpO_mRLASQdIsFM.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
30:c4:65:7d:e2:d3:fe:0e:47:a0:fa:29:c6:93:1d:d1:74:80:
06:53:16:63:ac:53:5b:0e:ee:14:39:fc:72:fb:98:21:6b:e0:
30:8d:84:3a:a0:a5:54:17:99:0e:94:74:1f:bb:06:ae:73:ef:
87:48:be:ff:b1:61:c4:18:99:69:06:ce:37:3a:21:4c:8a:6d:
5a:2a:b3:eb:a7:87:95:38:c6:66:5d:ee:e9:e5:99:db:a7:bf:
8f:9c:3f:8a:28:58:6a:bb:17:9d:1e:71:9e:1f:54:da:bd:d9:
7e:c4:ae:cc:a5:89:6b:79:e4:88:91:2f:c1:d3:9e:ab:67:fb:
52:80:62:53:53:6c:3b:b8:66:97:0a:2b:90:c1:cd:6f:cc:34:
06:d4:d3:dc:fa:cf:e5:8a:ff:35:14:62:aa:af:72:f8:a8:30:
45:73:ad:52:ed:c9:5a:37:12:e4:34:40:2d:c1:83:33:69:17:
32:12:31:ab:41:4c:bc:f8:f1:cd:d2:1f:5f:59:c6:34:34:e6:
b7:53:d9:9e:c0:1e:fa:6c:e2:9c:6f:61:32:3c:76:5c:80:08:
e8:bf:27:ef:ed:06:c2:a4:02:52:df:73:77:f3:35:c4:37:b8:
e9:16:0b:fd:d4:0d:33:df:62:36:9d:bb:c4:e7:23:75:e4:81:
9a:e9:35:8b
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICTVUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDEx
NjUzNTFaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEI0ODJCRUUyMzQ1ODE1
QjNGMDVFOTNCRjk5MTJDMDQ5MDc0OEIwNTMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCTOBHW3ShvpkV9p1/9j7vfJic1am34I5cJ/OTyz8PgUdvUA1wA
qBGPgQuCqfE2/sSzjJ253upuVvwGvh1+cNN2LkDM2s2D+KHWuZGpXv+5YrZbdmtf
swQf5I3PhTBkfY/xVAXNRuFPvRAQ393wxlGyge+Uhpp7ZRC8hMSexO+oDLX4kfhM
b4XT8QXTkSLtti3Sd3cLCgO1c3AifHK8Qi56+njciSG/PeQbDSZclmi8gcSIX2cM
u3FUwNDTVIyaoC5Ydt4fiErNQYWH0BARl4n3FQIj3ZeYIpy6PmukdLXeP6B3LiWi
VQEqwJRr4Ih6cUx33zSbdS1twkD7+4Kr0dT7AgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUtIK+4jRYFbPwXpO/mRLASQdIsFMwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3RJSy00alJZRmJQd1hw
T19tUkxBU1FkSXNGTS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBADDEZX3i0/4OR6D6
KcaTHdF0gAZTFmOsU1sO7hQ5/HL7mCFr4DCNhDqgpVQXmQ6UdB+7Bq5z74dIvv+x
YcQYmWkGzjc6IUyKbVoqs+unh5U4xmZd7unlmdunv4+cP4ooWGq7F50ecZ4fVNq9
2X7ErsyliWt55IiRL8HTnqtn+1KAYlNTbDu4ZpcKK5DBzW/MNAbU09z6z+WK/zUU
YqqvcvioMEVzrVLtyVo3EuQ0QC3BgzNpFzISMatBTLz48c3SH19ZxjQ05rdT2Z7A
Hvps4pxvYTI8dlyACOi/J+/tBsKkAlLfc3fzNcQ3uOkWC/3UDTPfYjadu8TnI3Xk
gZrpNYs=
-----END CERTIFICATE-----
Generated at Thu May 2 00:08:41 2024 by rpki-client on console.sobornost.net