Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/vK5YwlrmvLF7TQWOhWGUO5C2SVE.roa
File: vK5YwlrmvLF7TQWOhWGUO5C2SVE.roa (raw, json)
Hash identifier: fGo2AMbUqgDGiXDFYLhMRMcAKkS3MRW2BiMj2a/RlwU=
Subject key identifier: BC:AE:58:C2:5A:E6:BC:B1:7B:4D:05:8E:85:61:94:3B:90:B6:49:51
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4262
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vK5YwlrmvLF7TQWOhWGUO5C2SVE.roa
Signing time: Wed 17 Apr 2024 02:23:25 +0000
ROA not before: Wed 17 Apr 2024 02:23:25 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16994 (0x4262)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 17 02:23:25 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=BCAE58C25AE6BCB17B4D058E8561943B90B64951
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:85:4b:81:03:57:61:ec:82:f3:10:a9:c8:47:
22:0c:92:84:27:2f:b9:6a:8c:9a:e9:73:52:79:5e:
ae:10:ca:60:d7:36:c6:8b:31:32:ad:0c:8a:60:eb:
0e:4c:3a:f4:dc:be:fb:8b:ad:e5:91:6d:0a:ba:66:
3b:74:df:2f:8c:82:65:47:54:43:de:f2:bd:de:ab:
4c:90:ac:89:61:23:a7:b6:bc:02:d3:53:ef:8b:93:
f4:1a:4d:fd:0e:22:b0:10:61:2f:e3:cd:75:9f:8f:
af:ee:51:9c:67:87:a6:44:92:14:e7:e7:31:64:8c:
c8:c0:e6:f6:b8:52:d5:c9:eb:f5:fe:3d:a6:c4:b3:
8c:6d:8c:14:57:d4:dd:ae:40:73:0f:f8:6f:8b:17:
80:9e:03:91:34:9d:c8:aa:fc:2e:55:65:de:49:cd:
6b:bc:24:be:0c:6a:be:cb:2f:c0:b1:e0:b6:b5:c8:
4a:fb:d9:84:ec:08:9c:ef:4e:72:cd:5f:d4:b2:59:
fd:fb:bd:a9:fd:63:c6:44:40:9b:ae:fe:d4:06:64:
9c:e2:6b:1c:5f:de:2b:06:5e:14:f9:50:58:fa:f2:
86:ae:a7:75:10:65:7e:9a:46:5d:a0:4d:d5:34:55:
a8:7b:a8:23:d0:d1:f5:95:a8:90:7e:a4:c7:a8:a3:
b4:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:AE:58:C2:5A:E6:BC:B1:7B:4D:05:8E:85:61:94:3B:90:B6:49:51
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vK5YwlrmvLF7TQWOhWGUO5C2SVE.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
71:2d:c8:bd:1b:c2:c3:02:ed:6e:3b:cc:31:61:b0:65:9b:9b:
93:4b:65:f6:fd:cf:a4:49:9b:39:4b:7c:64:49:01:87:08:24:
46:12:c3:9e:de:13:e4:24:04:40:2f:42:a3:60:ae:1a:ff:3f:
c8:0b:e3:b9:19:b0:38:2b:ac:b3:72:b0:97:39:cf:ca:8c:bf:
34:27:00:fe:f8:d7:59:ac:f2:5e:c9:7b:b2:8e:fd:8f:b3:74:
9d:45:13:4f:a1:45:ec:e3:d9:7e:87:c7:bf:3e:ba:d8:48:d0:
aa:0f:2b:37:df:1c:e0:23:78:da:03:64:3d:78:30:a6:35:29:
d1:23:ca:cb:f4:4d:87:30:ec:55:d6:4f:90:83:e8:21:25:0a:
ef:45:c9:a2:cb:60:77:a4:1c:18:dd:5b:9b:60:44:74:df:61:
c4:3a:5a:9a:9a:da:99:c3:15:de:a0:ac:37:a9:53:02:72:23:
45:87:49:b8:c1:a6:86:f9:f0:89:d1:75:c0:5f:a5:29:ba:e8:
75:ec:b4:3f:0e:f7:d2:8d:1d:01:c9:0f:b5:03:8a:8b:8a:5f:
88:d6:79:dc:39:7e:f5:6b:15:d5:77:44:fa:ed:b6:c4:1b:0d:
6f:fa:10:ce:d1:39:a5:66:3c:8a:6b:de:eb:83:21:9a:4f:cd:
5d:73:a7:9d
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICQmIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTcw
MjIzMjVaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEJDQUU1OEMyNUFFNkJD
QjE3QjREMDU4RTg1NjE5NDNCOTBCNjQ5NTEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDXhUuBA1dh7ILzEKnIRyIMkoQnL7lqjJrpc1J5Xq4QymDXNsaL
MTKtDIpg6w5MOvTcvvuLreWRbQq6Zjt03y+MgmVHVEPe8r3eq0yQrIlhI6e2vALT
U++Lk/QaTf0OIrAQYS/jzXWfj6/uUZxnh6ZEkhTn5zFkjMjA5va4UtXJ6/X+PabE
s4xtjBRX1N2uQHMP+G+LF4CeA5E0nciq/C5VZd5JzWu8JL4Mar7LL8Cx4La1yEr7
2YTsCJzvTnLNX9SyWf37van9Y8ZEQJuu/tQGZJziaxxf3isGXhT5UFj68oaup3UQ
ZX6aRl2gTdU0Vah7qCPQ0fWVqJB+pMeoo7SzAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUvK5YwlrmvLF7TQWOhWGUO5C2SVEwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3ZLNVl3bHJtdkxGN1RR
V09oV0dVTzVDMlNWRS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAcS3IvRvCwwLtbjvMMWGwZZubk0tl9v3P
pEmbOUt8ZEkBhwgkRhLDnt4T5CQEQC9Co2CuGv8/yAvjuRmwOCuss3KwlznPyoy/
NCcA/vjXWazyXsl7so79j7N0nUUTT6FF7OPZfofHvz662EjQqg8rN98c4CN42gNk
PXgwpjUp0SPKy/RNhzDsVdZPkIPoISUK70XJostgd6QcGN1bm2BEdN9hxDpampra
mcMV3qCsN6lTAnIjRYdJuMGmhvnwidF1wF+lKbrodey0Pw730o0dAckPtQOKi4pf
iNZ53Dl+9WsV1XdE+u22xBsNb/oQztE5pWY8imve64Mhmk/NXXOnnQ==
-----END CERTIFICATE-----
Generated at Wed Apr 17 08:40:33 2024 by rpki-client on console.sobornost.net