Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/xvPHV9wpiCIoCuds6DHg3To0h6E.roa
File: xvPHV9wpiCIoCuds6DHg3To0h6E.roa (raw, json)
Hash identifier: uPZpYYBrhfDRM5rx5pYTefCmYN0rCBUUyYx2wJJlVVg=
Subject key identifier: C6:F3:C7:57:DC:29:88:22:28:0A:E7:6C:E8:31:E0:DD:3A:34:87:A1
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3979
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/xvPHV9wpiCIoCuds6DHg3To0h6E.roa
Signing time: Fri 05 Apr 2024 05:22:25 +0000
ROA not before: Fri 05 Apr 2024 05:22:25 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14713 (0x3979)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 5 05:22:25 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=C6F3C757DC298822280AE76CE831E0DD3A3487A1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:6a:18:37:44:e8:ba:91:3d:dd:a0:f2:df:cd:
be:4f:70:72:c0:b6:43:88:2f:e1:61:ec:0e:bd:84:
d7:4b:b1:98:37:1c:26:91:35:a6:69:06:60:62:50:
0a:96:84:d1:9c:26:43:57:f7:6c:18:98:3b:64:9d:
17:79:d3:44:f1:fe:75:fe:7c:f6:32:97:c7:11:42:
8f:73:d0:83:77:5a:9a:65:22:cd:cb:64:b6:c4:b5:
f8:0b:1f:47:0a:e5:dc:51:1d:06:13:ac:0e:e3:91:
f0:c8:37:a1:fb:b1:5c:fe:73:f3:c8:0a:70:30:42:
f3:dd:2f:cc:8f:f1:91:e6:12:9b:ef:39:d3:b4:87:
a5:ee:f5:65:97:f5:31:b0:7e:8d:ff:f5:97:70:5a:
cc:f4:98:f9:91:e6:a0:90:54:cc:8a:b7:93:43:26:
db:d2:ba:6d:01:ae:92:1d:48:4c:f6:8c:32:e6:3b:
96:92:25:c6:c9:db:03:e5:40:e4:d2:64:7a:94:31:
37:41:a0:18:52:00:10:5c:a3:b3:cc:29:61:7f:e1:
58:cf:d0:b9:5d:94:47:0c:a9:a9:31:3a:86:06:8d:
85:41:65:f1:df:4b:7f:41:df:64:f0:c2:b4:77:d0:
70:ec:71:30:9c:fb:0f:58:13:84:0b:18:59:49:20:
2d:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:F3:C7:57:DC:29:88:22:28:0A:E7:6C:E8:31:E0:DD:3A:34:87:A1
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/xvPHV9wpiCIoCuds6DHg3To0h6E.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
64:38:3c:21:22:89:01:a8:f9:18:bf:9f:28:18:b5:48:62:ff:
e4:79:56:90:0d:6f:97:6b:f3:39:9b:be:10:80:c2:5f:d6:62:
fb:24:60:b6:21:c0:a2:63:ad:dc:17:00:c9:8d:be:b5:5d:e0:
29:49:b2:74:a6:39:70:92:ba:1e:2a:91:71:50:1d:03:79:58:
6c:5d:fc:e6:a6:bf:82:15:d5:a9:a2:f0:92:1a:40:44:7e:76:
22:cc:37:23:a2:58:3e:25:53:db:54:a2:ec:9b:b1:11:ff:e3:
6a:26:e5:94:33:aa:eb:22:7f:48:a1:ee:bb:1a:84:cf:5c:9d:
af:ee:49:ec:2b:d6:ad:9c:fd:cc:4f:e4:0f:4c:01:6e:c0:77:
47:a4:85:0f:70:29:40:1f:bf:8b:3c:43:c9:53:33:5d:d7:d3:
7d:98:dc:6b:43:b4:62:1a:23:0d:11:52:2c:d7:53:ed:1f:c5:
7d:09:e2:44:7b:96:ab:ee:a1:46:b4:db:01:e7:36:52:22:05:
90:22:54:88:0a:37:55:e0:ca:23:81:35:90:44:f4:55:a0:dc:
ca:90:b0:b8:4d:5d:4b:0b:1b:00:55:97:6c:09:76:82:88:66:
52:a3:fe:b8:e1:11:68:bd:8b:9c:92:3e:83:a2:49:e4:c9:23:
b1:d4:77:0d
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICOXkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDUw
NTIyMjVaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEM2RjNDNzU3REMyOTg4
MjIyODBBRTc2Q0U4MzFFMEREM0EzNDg3QTEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDWahg3ROi6kT3doPLfzb5PcHLAtkOIL+Fh7A69hNdLsZg3HCaR
NaZpBmBiUAqWhNGcJkNX92wYmDtknRd500Tx/nX+fPYyl8cRQo9z0IN3WpplIs3L
ZLbEtfgLH0cK5dxRHQYTrA7jkfDIN6H7sVz+c/PICnAwQvPdL8yP8ZHmEpvvOdO0
h6Xu9WWX9TGwfo3/9ZdwWsz0mPmR5qCQVMyKt5NDJtvSum0BrpIdSEz2jDLmO5aS
JcbJ2wPlQOTSZHqUMTdBoBhSABBco7PMKWF/4VjP0LldlEcMqakxOoYGjYVBZfHf
S39B32TwwrR30HDscTCc+w9YE4QLGFlJIC3dAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUxvPHV9wpiCIoCuds6DHg3To0h6EwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3h2UEhWOXdwaUNJb0N1
ZHM2REhnM1RvMGg2RS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAGQ4PCEiiQGo+Ri/
nygYtUhi/+R5VpANb5dr8zmbvhCAwl/WYvskYLYhwKJjrdwXAMmNvrVd4ClJsnSm
OXCSuh4qkXFQHQN5WGxd/Oamv4IV1ami8JIaQER+diLMNyOiWD4lU9tUouybsRH/
42om5ZQzqusif0ih7rsahM9cna/uSewr1q2c/cxP5A9MAW7Ad0ekhQ9wKUAfv4s8
Q8lTM13X032Y3GtDtGIaIw0RUizXU+0fxX0J4kR7lqvuoUa02wHnNlIiBZAiVIgK
N1XgyiOBNZBE9FWg3MqQsLhNXUsLGwBVl2wJdoKIZlKj/rjhEWi9i5ySPoOiSeTJ
I7HUdw0=
-----END CERTIFICATE-----
Generated at Fri Apr 5 12:25:50 2024 by rpki-client on console.sobornost.net