Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/vJmJwKLISGaQ-6uImHqk3-M7tT4.roa
File: vJmJwKLISGaQ-6uImHqk3-M7tT4.roa (raw, json)
Hash identifier: c3mHlMzae9eToYih5HOVGRT1NrWnfu35YVP8qUofuwc=
Subject key identifier: BC:99:89:C0:A2:C8:48:66:90:FB:AB:88:98:7A:A4:DF:E3:3B:B5:3E
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 544D
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vJmJwKLISGaQ-6uImHqk3-M7tT4.roa
Signing time: Fri 10 May 2024 23:54:07 +0000
ROA not before: Fri 10 May 2024 23:54:07 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21581 (0x544d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 10 23:54:07 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=BC9989C0A2C8486690FBAB88987AA4DFE33BB53E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:d6:aa:f5:ff:58:7b:ce:b3:1b:eb:01:a9:3b:
4e:51:41:5d:0c:26:75:59:ea:7f:a8:6a:cf:bd:14:
7e:af:41:79:ec:4b:79:1c:04:79:07:c2:fc:f1:70:
d8:4e:ef:0f:bf:05:f4:10:f1:8c:e5:0a:ba:7b:47:
34:53:23:6c:6c:eb:34:f9:43:18:08:83:43:3e:7c:
aa:2f:30:46:5f:57:4d:9c:22:77:19:09:ef:2a:39:
01:0f:1e:6d:c3:7a:e4:a5:54:61:ca:a3:b3:fb:3d:
aa:1e:c6:e7:ae:76:1e:b3:16:03:b5:d6:11:15:74:
7e:8b:8e:15:73:50:5e:ab:e4:79:14:58:54:8a:74:
59:c1:dd:48:58:a1:d5:31:48:7a:6c:c3:16:18:21:
23:5f:fa:d6:3d:c8:b3:5a:d3:cf:8b:6d:12:0c:97:
89:02:fe:1c:7d:ab:55:6b:84:e0:98:67:be:e4:42:
90:a9:9b:e1:0d:b0:40:82:f1:2b:c2:89:a8:4d:28:
eb:b5:21:bb:8c:92:ce:49:8e:b1:12:32:96:3b:39:
76:01:12:b9:65:76:28:97:12:b2:e5:3f:9d:32:ea:
fb:12:41:a5:fc:1f:63:04:63:8a:31:05:1f:c9:ae:
07:2b:a0:33:bf:7c:01:ee:a7:2d:27:af:86:46:6f:
ac:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:99:89:C0:A2:C8:48:66:90:FB:AB:88:98:7A:A4:DF:E3:3B:B5:3E
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vJmJwKLISGaQ-6uImHqk3-M7tT4.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
72:67:10:77:d0:ff:05:a6:61:71:f9:aa:96:39:a3:f9:cc:72:
6b:95:a1:a9:66:3b:58:04:25:8c:29:a9:84:a1:39:0c:c9:ba:
37:2a:bf:19:52:78:ea:b0:56:1c:12:23:f2:8b:92:eb:e5:ca:
4e:1d:3b:f4:e1:1c:39:2a:f3:3a:dd:23:0f:b1:71:4b:6a:1c:
e7:12:d6:75:32:ea:e6:ac:07:f0:0d:8a:a7:fa:99:77:d7:ec:
7f:50:24:25:66:00:bb:a2:93:0f:b8:30:81:18:fd:8c:f0:c8:
03:4d:23:97:78:c1:e0:08:47:08:3c:e7:76:57:60:a6:f5:66:
68:58:0a:bd:be:4f:dc:ce:29:dd:68:bd:ba:8d:1b:10:bb:1d:
4f:86:47:50:02:ce:4b:28:9c:f5:ca:ca:ae:68:50:91:50:ab:
c1:5b:7a:cb:9e:b8:d5:cb:cf:5f:00:80:cb:67:41:f2:28:3e:
0e:6e:22:3a:8d:3a:5d:13:1d:0c:58:4e:d7:1e:aa:a9:7a:b4:
ea:c8:0a:51:aa:09:10:cf:ba:e8:8a:f8:7d:4e:a8:60:44:26:
de:6b:68:03:13:3b:5d:52:05:81:4a:57:55:db:5a:65:0b:09:
12:79:f4:58:f2:50:4b:30:ab:4b:0a:03:b5:c6:6f:8c:c7:0f:
59:d4:6b:ff
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICVE0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MTAy
MzU0MDdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEJDOTk4OUMwQTJDODQ4
NjY5MEZCQUI4ODk4N0FBNERGRTMzQkI1M0UwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDj1qr1/1h7zrMb6wGpO05RQV0MJnVZ6n+oas+9FH6vQXnsS3kc
BHkHwvzxcNhO7w+/BfQQ8YzlCrp7RzRTI2xs6zT5QxgIg0M+fKovMEZfV02cIncZ
Ce8qOQEPHm3DeuSlVGHKo7P7Paoexueudh6zFgO11hEVdH6LjhVzUF6r5HkUWFSK
dFnB3UhYodUxSHpswxYYISNf+tY9yLNa08+LbRIMl4kC/hx9q1VrhOCYZ77kQpCp
m+ENsECC8SvCiahNKOu1IbuMks5JjrESMpY7OXYBErlldiiXErLlP50y6vsSQaX8
H2MEY4oxBR/JrgcroDO/fAHupy0nr4ZGb6xVAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUvJmJwKLISGaQ+6uImHqk3+M7tT4wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3ZKbUp3S0xJU0dhUS02
dUltSHFrMy1NN3RUNC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAHJnEHfQ/wWmYXH5
qpY5o/nMcmuVoalmO1gEJYwpqYShOQzJujcqvxlSeOqwVhwSI/KLkuvlyk4dO/Th
HDkq8zrdIw+xcUtqHOcS1nUy6uasB/ANiqf6mXfX7H9QJCVmALuikw+4MIEY/Yzw
yANNI5d4weAIRwg853ZXYKb1ZmhYCr2+T9zOKd1ovbqNGxC7HU+GR1ACzksonPXK
yq5oUJFQq8FbesueuNXLz18AgMtnQfIoPg5uIjqNOl0THQxYTtceqql6tOrIClGq
CRDPuuiK+H1OqGBEJt5raAMTO11SBYFKV1XbWmULCRJ59FjyUEswq0sKA7XGb4zH
D1nUa/8=
-----END CERTIFICATE-----
Generated at Sat May 11 14:26:45 2024 by rpki-client on console.sobornost.net