Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/y6oUvoqeyzAWcRHIxFinr-v_Cbc.roa
File: y6oUvoqeyzAWcRHIxFinr-v_Cbc.roa (raw, json)
Hash identifier: RRBWu2j8PVG2pSt4G5gjjMoJHhSPDV5PqjdDmWzYJwI=
Subject key identifier: CB:AA:14:BE:8A:9E:CB:30:16:71:11:C8:C4:58:A7:AF:EB:FF:09:B7
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 44A5
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/y6oUvoqeyzAWcRHIxFinr-v_Cbc.roa
Signing time: Sat 20 Apr 2024 02:53:10 +0000
ROA not before: Sat 20 Apr 2024 02:53:10 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17573 (0x44a5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 20 02:53:10 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=CBAA14BE8A9ECB30167111C8C458A7AFEBFF09B7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:85:6d:50:3b:32:f9:1f:ef:61:82:9c:51:00:
57:27:84:41:4a:e5:04:03:14:6d:1c:31:9d:ee:bf:
43:e0:75:69:2b:e9:86:50:4f:ad:93:67:ae:57:2e:
df:e8:8d:21:85:d8:96:6a:4b:20:69:a3:4b:1f:fc:
1a:a8:29:a6:bb:fb:05:54:8e:49:f6:0b:49:d5:36:
f8:9f:85:cc:7e:40:ae:f2:0b:ee:34:5e:93:e4:bf:
95:77:2e:3f:c0:d3:e7:be:68:44:b2:e2:78:10:58:
0a:7e:45:98:e7:c2:a5:11:eb:b5:53:7e:6d:9e:fe:
da:c4:8f:31:d2:24:92:d6:3b:42:8d:b3:5c:1d:d5:
41:2b:19:07:95:4d:f0:dd:13:4d:65:77:8c:22:ad:
35:5f:fe:73:ef:f5:fc:ff:39:06:ea:b2:83:af:7d:
69:38:5e:02:5a:e8:3e:56:db:b7:14:5a:3a:e9:97:
b3:57:bd:55:55:af:66:54:fc:4a:70:4e:4d:2c:45:
61:01:8b:02:32:a5:8e:fa:2a:a6:a4:85:10:20:2e:
5a:fa:e9:4f:9b:1a:8c:95:48:b3:4f:0c:ce:eb:07:
d6:66:d3:74:27:39:23:a5:89:bd:f1:39:e4:10:0c:
8e:54:9b:39:f4:fd:f4:5e:4f:f8:1f:7a:38:e4:f0:
12:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:AA:14:BE:8A:9E:CB:30:16:71:11:C8:C4:58:A7:AF:EB:FF:09:B7
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/y6oUvoqeyzAWcRHIxFinr-v_Cbc.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
16:85:57:a2:51:be:f5:74:fa:d3:05:e2:d2:c0:f6:56:9d:fd:
f0:38:5b:97:4d:6a:b7:d7:0b:04:10:cc:f7:db:e3:4e:7e:61:
3e:52:f8:28:cb:c3:78:84:94:2d:ad:f0:0d:f6:a1:34:87:70:
6f:a7:3c:c2:8c:de:dd:1b:aa:c2:ba:2b:66:f8:06:1f:3f:ef:
08:e8:c1:95:98:57:64:ea:79:a9:36:67:b9:c8:b8:3b:60:91:
08:e0:9b:e5:bb:a7:fe:e7:ee:9d:60:00:e7:7e:45:f0:5e:03:
f1:f3:47:1f:d5:ba:1c:09:d0:65:52:ea:aa:3c:de:7f:0c:99:
b0:e5:9a:2e:9d:f0:ab:cb:94:21:24:3a:0e:03:b0:27:4c:23:
57:83:9b:94:4d:19:cc:6f:f5:ce:47:31:ad:17:7d:60:cc:da:
fe:28:51:0a:75:a4:d7:1f:4d:62:42:6d:2c:f2:01:7a:b3:72:
8c:5d:a0:8a:5a:92:f4:74:d6:69:a8:f9:7d:55:22:30:1c:d8:
d0:9d:bc:fe:98:59:b9:95:82:8f:db:2c:4a:c0:a1:d5:07:27:
5a:82:97:21:49:21:1d:54:1f:fd:58:81:be:f8:c3:18:49:38:
ea:87:63:be:d9:63:ed:76:d0:78:95:5a:f1:f2:29:88:8b:cc:
4e:87:8f:47
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICRKUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MjAw
MjUzMTBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKENCQUExNEJFOEE5RUNC
MzAxNjcxMTFDOEM0NThBN0FGRUJGRjA5QjcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDBhW1QOzL5H+9hgpxRAFcnhEFK5QQDFG0cMZ3uv0PgdWkr6YZQ
T62TZ65XLt/ojSGF2JZqSyBpo0sf/BqoKaa7+wVUjkn2C0nVNvifhcx+QK7yC+40
XpPkv5V3Lj/A0+e+aESy4ngQWAp+RZjnwqUR67VTfm2e/trEjzHSJJLWO0KNs1wd
1UErGQeVTfDdE01ld4wirTVf/nPv9fz/OQbqsoOvfWk4XgJa6D5W27cUWjrpl7NX
vVVVr2ZU/EpwTk0sRWEBiwIypY76KqakhRAgLlr66U+bGoyVSLNPDM7rB9Zm03Qn
OSOlib3xOeQQDI5Umzn0/fReT/gfejjk8BL7AgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUy6oUvoqeyzAWcRHIxFinr+v/CbcwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3k2b1V2b3FleXpBV2NS
SEl4Rmluci12X0NiYy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBABaFV6JRvvV0+tMF
4tLA9lad/fA4W5dNarfXCwQQzPfb405+YT5S+CjLw3iElC2t8A32oTSHcG+nPMKM
3t0bqsK6K2b4Bh8/7wjowZWYV2Tqeak2Z7nIuDtgkQjgm+W7p/7n7p1gAOd+RfBe
A/HzRx/VuhwJ0GVS6qo83n8MmbDlmi6d8KvLlCEkOg4DsCdMI1eDm5RNGcxv9c5H
Ma0XfWDM2v4oUQp1pNcfTWJCbSzyAXqzcoxdoIpakvR01mmo+X1VIjAc2NCdvP6Y
WbmVgo/bLErAodUHJ1qClyFJIR1UH/1Ygb74wxhJOOqHY77ZY+120HiVWvHyKYiL
zE6Hj0c=
-----END CERTIFICATE-----
Generated at Sat Apr 20 07:46:17 2024 by rpki-client on console.sobornost.net