Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/vKyPR8B1cMOi9Ye1bYue8UCl6KE.roa
File: vKyPR8B1cMOi9Ye1bYue8UCl6KE.roa (raw, json)
Hash identifier: iA9fiSbOl2xR44EZLAUVaqMUwK0mINSmpYbapUsNirY=
Subject key identifier: BC:AC:8F:47:C0:75:70:C3:A2:F5:87:B5:6D:8B:9E:F1:40:A5:E8:A1
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 564D
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vKyPR8B1cMOi9Ye1bYue8UCl6KE.roa
Signing time: Mon 13 May 2024 15:54:14 +0000
ROA not before: Mon 13 May 2024 15:54:14 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 22093 (0x564d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 13 15:54:14 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=BCAC8F47C07570C3A2F587B56D8B9EF140A5E8A1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:46:f2:10:04:12:11:33:ed:19:4f:1c:d2:3f:
71:47:3a:5c:8c:5e:9a:77:54:c3:0d:1c:b9:cc:15:
76:8c:a6:f0:d7:7d:62:ae:7c:26:ef:e8:9a:d8:8d:
de:6d:99:30:7a:92:b1:d9:ea:13:fd:c0:5e:5a:53:
0b:1f:65:50:f7:38:f6:f1:ca:b8:78:0a:81:d9:3e:
2a:53:46:8b:9c:16:3d:d1:b9:39:d1:9a:9c:78:d2:
b2:8f:c5:de:a2:fa:3a:79:93:2e:61:19:bd:50:16:
9d:25:e2:d6:bb:2c:e2:7d:76:f1:f4:24:be:43:52:
8e:8a:19:9b:44:04:ca:39:6b:83:fc:ce:dc:2b:c2:
10:ea:35:5a:b8:7b:f9:93:a4:02:47:1a:4a:29:58:
d3:72:20:08:11:d6:16:c1:32:43:23:75:69:b7:67:
14:a9:f7:b0:85:a4:29:2c:17:ce:33:21:fb:32:ed:
54:b2:af:88:55:bd:47:ff:48:d5:a1:c9:15:a5:8e:
01:82:d0:89:b6:a9:c7:16:63:44:0f:83:7a:85:32:
62:e8:08:0c:b6:e9:a6:5e:da:3d:b9:b9:62:7e:28:
1e:6c:4e:8b:cf:14:3e:88:39:90:43:e6:1e:13:b9:
8c:99:72:2c:5b:36:28:19:ce:e4:e2:11:5f:68:cf:
af:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:AC:8F:47:C0:75:70:C3:A2:F5:87:B5:6D:8B:9E:F1:40:A5:E8:A1
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vKyPR8B1cMOi9Ye1bYue8UCl6KE.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
4e:5d:a1:d6:9f:e6:e4:b1:20:33:3b:e1:81:6d:fc:2b:94:ca:
48:6d:8a:a8:96:7f:ce:d0:6a:11:48:58:05:4c:cd:36:31:d0:
27:dc:58:71:63:95:ad:dc:54:53:5d:d8:e8:50:b1:b3:b0:21:
e7:4a:04:c6:05:fe:4a:3b:82:04:e0:14:ce:f8:6a:d1:a4:42:
4d:82:e1:a9:3b:92:24:9b:d8:99:10:fe:3f:69:07:70:40:b9:
0c:76:a4:27:d9:e5:4d:f6:c8:dd:e5:db:ab:f5:e4:7f:3d:04:
18:94:3d:d0:a7:ae:02:d9:ba:e7:0a:b1:2a:98:86:c9:48:28:
1d:db:18:a4:d8:95:c3:bc:47:5c:3f:b2:db:40:74:da:e9:8a:
b3:52:0a:70:40:f4:96:cc:a7:42:39:29:4f:f1:68:eb:0d:d8:
81:23:0e:66:1e:cd:97:75:e8:ae:ed:07:b3:94:e8:a1:1c:d7:
c8:30:98:d5:0b:52:65:c4:af:ae:28:fe:0e:52:30:86:8c:74:
40:24:4a:a9:e4:92:10:86:ce:56:71:62:01:2c:78:44:9d:2c:
0c:6f:05:d8:0f:10:af:b9:09:0c:0a:47:d0:72:dc:62:7c:e0:
5b:6a:24:4c:68:4c:94:27:06:80:d2:81:bf:78:31:6c:9b:f1:
7c:17:8a:c0
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICVk0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MTMx
NTU0MTRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEJDQUM4RjQ3QzA3NTcw
QzNBMkY1ODdCNTZEOEI5RUYxNDBBNUU4QTEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDJRvIQBBIRM+0ZTxzSP3FHOlyMXpp3VMMNHLnMFXaMpvDXfWKu
fCbv6JrYjd5tmTB6krHZ6hP9wF5aUwsfZVD3OPbxyrh4CoHZPipTRoucFj3RuTnR
mpx40rKPxd6i+jp5ky5hGb1QFp0l4ta7LOJ9dvH0JL5DUo6KGZtEBMo5a4P8ztwr
whDqNVq4e/mTpAJHGkopWNNyIAgR1hbBMkMjdWm3ZxSp97CFpCksF84zIfsy7VSy
r4hVvUf/SNWhyRWljgGC0Im2qccWY0QPg3qFMmLoCAy26aZe2j25uWJ+KB5sTovP
FD6IOZBD5h4TuYyZcixbNigZzuTiEV9oz6/5AgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUvKyPR8B1cMOi9Ye1bYue8UCl6KEwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3ZLeVBSOEIxY01PaTlZ
ZTFiWXVlOFVDbDZLRS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAE5dodaf5uSxIDM7
4YFt/CuUykhtiqiWf87QahFIWAVMzTYx0CfcWHFjla3cVFNd2OhQsbOwIedKBMYF
/ko7ggTgFM74atGkQk2C4ak7kiSb2JkQ/j9pB3BAuQx2pCfZ5U32yN3l26v15H89
BBiUPdCnrgLZuucKsSqYhslIKB3bGKTYlcO8R1w/sttAdNrpirNSCnBA9JbMp0I5
KU/xaOsN2IEjDmYezZd16K7tB7OU6KEc18gwmNULUmXEr64o/g5SMIaMdEAkSqnk
khCGzlZxYgEseESdLAxvBdgPEK+5CQwKR9By3GJ84FtqJExoTJQnBoDSgb94MWyb
8XwXisA=
Generated at Mon May 13 19:40:33 2024 by rpki-client on console.sobornost.net