Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/zCozTwzu6exG7J7l_WMT6EbFGig.roa
File: zCozTwzu6exG7J7l_WMT6EbFGig.roa (raw, json)
Hash identifier: /CsbhyOT7LF9wmnjCsgjdkc9+QcEhW2rEZ3TOYP+rFQ=
Subject key identifier: CC:2A:33:4F:0C:EE:E9:EC:46:EC:9E:E5:FD:63:13:E8:46:C5:1A:28
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4B1E
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/zCozTwzu6exG7J7l_WMT6EbFGig.roa
Signing time: Sun 28 Apr 2024 17:53:26 +0000
ROA not before: Sun 28 Apr 2024 17:53:26 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 19230 (0x4b1e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 28 17:53:26 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=CC2A334F0CEEE9EC46EC9EE5FD6313E846C51A28
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:6c:20:1b:05:83:cf:10:39:3a:08:47:ce:1c:
6c:86:cb:03:b2:13:32:15:c1:1c:ce:10:52:15:4d:
c7:5d:b3:17:ec:9a:8f:47:e2:0b:ca:74:ee:62:e1:
8f:c3:e4:0e:ea:e6:9b:f8:35:69:1d:f7:5d:ce:5c:
a1:07:21:73:db:7c:44:04:06:fa:25:c9:5f:f4:41:
91:41:50:3f:49:e7:5d:da:c6:43:ea:6d:af:06:c8:
3a:1f:27:c8:a0:37:20:09:0a:b9:8b:6f:49:fa:e6:
c0:70:3d:65:fa:5b:f2:c1:bf:9e:7e:59:ab:74:86:
33:68:e7:82:51:52:8e:32:ca:6c:de:00:f1:50:fd:
4e:0c:33:a0:94:83:ad:e2:1b:50:91:81:b8:e0:ea:
86:06:d0:4a:fc:7b:aa:1f:06:79:20:2d:99:97:ba:
58:d6:a2:39:c2:ad:6f:52:b8:cc:bb:5e:94:93:17:
87:1f:bd:39:f0:12:39:fe:0c:b0:fc:6d:4c:0e:5e:
0b:90:11:dd:04:d3:46:14:f0:e4:34:f7:14:26:06:
b2:45:61:3c:25:49:3a:50:9d:6b:91:23:0a:50:2d:
d2:74:b4:4d:28:5f:36:fa:d2:30:9c:64:0f:82:ab:
a8:35:74:c4:3e:af:7a:db:3c:3d:89:b3:0d:8d:d7:
dd:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:2A:33:4F:0C:EE:E9:EC:46:EC:9E:E5:FD:63:13:E8:46:C5:1A:28
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/zCozTwzu6exG7J7l_WMT6EbFGig.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
a6:a4:7b:aa:51:13:80:ef:6b:af:41:7d:3d:8a:98:08:92:bb:
de:f3:a3:a9:c2:c8:47:c6:21:4f:d2:57:c9:99:e4:54:1f:91:
97:84:65:df:75:3e:f7:68:82:32:4a:98:c7:41:90:9a:27:0e:
5f:04:25:37:8a:bf:22:57:8a:c6:66:58:4c:fb:af:a3:19:26:
67:cb:05:6d:02:1b:40:c7:97:47:22:a3:e6:e6:40:25:cc:95:
c5:3a:90:02:da:bc:ff:f8:77:33:90:53:87:69:92:15:91:de:
c1:60:90:84:58:37:ce:2b:bd:16:a9:83:9e:d9:73:91:50:e8:
2b:69:24:94:92:1f:3f:22:80:18:ef:11:7a:72:d0:fa:24:e3:
a0:28:79:fa:ec:f7:03:ad:39:cc:17:e8:00:6d:c8:5a:1c:d9:
76:d6:e8:52:4a:b6:50:73:08:26:1f:27:d8:56:5f:62:67:23:
19:03:1d:8c:1f:d9:70:c1:93:04:06:31:e7:db:37:f2:d9:3c:
37:36:79:35:54:f0:31:51:fb:17:06:1b:51:63:37:a4:5b:cd:
64:d1:21:ab:55:70:18:e1:59:9e:02:5f:20:6a:02:a1:bc:ae:
00:49:67:53:29:0a:31:b9:e7:74:fa:ec:50:33:f1:63:93:72:
c4:e9:56:67
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICSx4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0Mjgx
NzUzMjZaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKENDMkEzMzRGMENFRUU5
RUM0NkVDOUVFNUZENjMxM0U4NDZDNTFBMjgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDZbCAbBYPPEDk6CEfOHGyGywOyEzIVwRzOEFIVTcddsxfsmo9H
4gvKdO5i4Y/D5A7q5pv4NWkd913OXKEHIXPbfEQEBvolyV/0QZFBUD9J513axkPq
ba8GyDofJ8igNyAJCrmLb0n65sBwPWX6W/LBv55+Wat0hjNo54JRUo4yymzeAPFQ
/U4MM6CUg63iG1CRgbjg6oYG0Er8e6ofBnkgLZmXuljWojnCrW9SuMy7XpSTF4cf
vTnwEjn+DLD8bUwOXguQEd0E00YU8OQ09xQmBrJFYTwlSTpQnWuRIwpQLdJ0tE0o
Xzb60jCcZA+Cq6g1dMQ+r3rbPD2Jsw2N190xAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUzCozTwzu6exG7J7l/WMT6EbFGigwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3pDb3pUd3p1NmV4RzdK
N2xfV01UNkViRkdpZy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEApqR7qlETgO9rr0F9PYqYCJK73vOjqcLI
R8YhT9JXyZnkVB+Rl4Rl33U+92iCMkqYx0GQmicOXwQlN4q/IleKxmZYTPuvoxkm
Z8sFbQIbQMeXRyKj5uZAJcyVxTqQAtq8//h3M5BTh2mSFZHewWCQhFg3ziu9FqmD
ntlzkVDoK2kklJIfPyKAGO8RenLQ+iTjoCh5+uz3A605zBfoAG3IWhzZdtboUkq2
UHMIJh8n2FZfYmcjGQMdjB/ZcMGTBAYx59s38tk8NzZ5NVTwMVH7FwYbUWM3pFvN
ZNEhq1VwGOFZngJfIGoCobyuAElnUykKMbnndPrsUDPxY5NyxOlWZw==
-----END CERTIFICATE-----
Generated at Mon Apr 29 00:39:48 2024 by rpki-client on console.sobornost.net