Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/0MgNIj_YIk4qf_qUKPUkD5Jv95c.roa
File: 0MgNIj_YIk4qf_qUKPUkD5Jv95c.roa (raw, json)
Hash identifier: zYi6IVy64g9O8QzsmGc8E5A7q4hXcS6tKRbGKj9+4PM=
Subject key identifier: D0:C8:0D:22:3F:D8:22:4E:2A:7F:FA:94:28:F5:24:0F:92:6F:F7:97
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 479E
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/0MgNIj_YIk4qf_qUKPUkD5Jv95c.roa
Signing time: Wed 24 Apr 2024 01:53:32 +0000
ROA not before: Wed 24 Apr 2024 01:53:32 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18334 (0x479e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 24 01:53:32 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=D0C80D223FD8224E2A7FFA9428F5240F926FF797
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:2c:13:2f:25:17:31:81:e8:27:c9:aa:05:e3:
c0:a4:c1:d2:7c:14:99:59:b3:f5:0f:8e:aa:51:a1:
8c:fe:bd:b1:d2:c4:f3:db:b6:cf:00:d7:c6:73:65:
9f:47:28:60:df:b3:af:a5:0f:5b:2d:b9:72:97:4c:
a3:97:7b:09:f7:ef:08:cd:7e:09:68:f2:43:d3:77:
ec:5d:72:49:69:a6:71:12:d5:8b:03:f3:20:2a:20:
69:ed:18:30:e8:3d:08:d3:a7:f4:4e:c8:4b:ce:c5:
68:d9:fd:a0:3c:76:30:f6:61:38:8f:f5:04:77:fd:
14:fb:6c:84:6e:51:3b:b3:fa:62:fa:5b:0c:4c:d4:
00:76:7c:bd:50:5c:a6:a6:97:cd:13:31:f1:6d:c5:
14:69:6d:61:44:b5:4a:34:fc:aa:83:3a:99:d0:9d:
37:f5:d8:e0:40:de:83:7d:21:2f:f2:61:dd:5e:ec:
5c:52:c9:89:9b:e8:82:83:9d:3f:42:d0:80:aa:62:
3e:0e:8f:5a:84:51:58:9d:ca:1d:30:1f:bd:8d:4b:
17:ec:5a:c7:15:cc:4f:3e:ee:39:a1:d0:50:76:b1:
bd:9a:31:38:e2:17:8d:c5:c9:d7:04:68:87:43:ba:
bc:c2:05:97:5b:78:4c:c8:8e:b3:81:2e:60:64:cc:
50:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:C8:0D:22:3F:D8:22:4E:2A:7F:FA:94:28:F5:24:0F:92:6F:F7:97
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/0MgNIj_YIk4qf_qUKPUkD5Jv95c.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
93:3d:d0:c2:1a:a5:09:7a:a3:c6:16:53:51:69:02:1c:b0:48:
a0:37:24:f6:75:9f:e3:33:e9:c9:69:5d:38:7b:09:39:2e:c1:
b2:7b:89:a4:fd:8b:22:6f:bf:cb:4c:48:8b:eb:f7:cb:ae:70:
66:17:51:8a:c2:d4:96:06:1b:4d:a1:12:ee:cb:09:1e:1b:69:
b2:e3:61:0d:bb:9c:e3:97:06:fc:90:9a:11:76:dc:4f:f3:00:
dd:33:81:3d:d1:1a:7b:39:f1:ea:77:c9:26:64:cb:d9:36:27:
4b:fd:ed:8a:11:b9:0f:21:53:05:8a:6c:07:c8:13:c4:9e:54:
88:5b:4d:4c:0b:b3:d2:29:b0:6c:80:43:67:ef:13:4f:a8:56:
cf:a4:a3:80:b2:18:5f:e6:ec:80:10:43:d2:05:9d:f1:08:22:
34:a5:c7:92:96:09:97:99:c7:7b:d6:5b:d3:1c:b8:8e:33:e7:
81:7d:45:b5:00:bc:34:6f:46:40:d7:ca:c0:5e:f1:d6:39:f5:
ef:f6:b1:48:41:d2:19:0a:09:5d:89:d1:b6:0a:ff:4e:d0:92:
b8:35:df:e2:d0:6a:5b:6c:b1:5b:7c:b7:48:2d:e9:62:2c:17:
d5:38:b8:a9:7e:13:fa:09:ad:df:f4:b2:bd:02:7d:6a:b1:09:
b7:11:00:2a
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICR54wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MjQw
MTUzMzJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEQwQzgwRDIyM0ZEODIy
NEUyQTdGRkE5NDI4RjUyNDBGOTI2RkY3OTcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDFLBMvJRcxgegnyaoF48CkwdJ8FJlZs/UPjqpRoYz+vbHSxPPb
ts8A18ZzZZ9HKGDfs6+lD1stuXKXTKOXewn37wjNfglo8kPTd+xdcklppnES1YsD
8yAqIGntGDDoPQjTp/ROyEvOxWjZ/aA8djD2YTiP9QR3/RT7bIRuUTuz+mL6WwxM
1AB2fL1QXKaml80TMfFtxRRpbWFEtUo0/KqDOpnQnTf12OBA3oN9IS/yYd1e7FxS
yYmb6IKDnT9C0ICqYj4Oj1qEUVidyh0wH72NSxfsWscVzE8+7jmh0FB2sb2aMTji
F43FydcEaIdDurzCBZdbeEzIjrOBLmBkzFDNAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQU0MgNIj/YIk4qf/qUKPUkD5Jv95cwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzBNZ05Jal9ZSWs0cWZf
cVVLUFVrRDVKdjk1Yy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAkz3QwhqlCXqjxhZTUWkCHLBIoDck9nWf
4zPpyWldOHsJOS7BsnuJpP2LIm+/y0xIi+v3y65wZhdRisLUlgYbTaES7ssJHhtp
suNhDbuc45cG/JCaEXbcT/MA3TOBPdEaeznx6nfJJmTL2TYnS/3tihG5DyFTBYps
B8gTxJ5UiFtNTAuz0imwbIBDZ+8TT6hWz6SjgLIYX+bsgBBD0gWd8QgiNKXHkpYJ
l5nHe9Zb0xy4jjPngX1FtQC8NG9GQNfKwF7x1jn17/axSEHSGQoJXYnRtgr/TtCS
uDXf4tBqW2yxW3y3SC3pYiwX1Ti4qX4T+gmt3/SyvQJ9arEJtxEAKg==
-----END CERTIFICATE-----
Generated at Wed Apr 24 07:08:10 2024 by rpki-client on console.sobornost.net