Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/MoepCMc52PNXmGdBmEmtS5dK_iE.roa
File: MoepCMc52PNXmGdBmEmtS5dK_iE.roa (raw, json)
Hash identifier: YyoHzE7LoQjOBPbZ6Z+QLJYfGCYj05ApNHXpnwcKFEg=
Subject key identifier: 32:87:A9:08:C7:39:D8:F3:57:98:67:41:98:49:AD:4B:97:4A:FE:21
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 5311
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/MoepCMc52PNXmGdBmEmtS5dK_iE.roa
Signing time: Thu 09 May 2024 08:23:57 +0000
ROA not before: Thu 09 May 2024 08:23:57 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21265 (0x5311)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 9 08:23:57 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=3287A908C739D8F3579867419849AD4B974AFE21
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:f0:85:1d:2d:ea:34:33:32:37:50:85:aa:5e:
39:8b:50:83:c3:59:ba:ff:25:02:bb:f1:b4:56:c8:
26:d0:46:70:57:ff:41:a9:d6:6e:f8:2d:a9:61:d0:
ea:1f:5e:d4:1b:40:bb:ea:30:c9:5c:8c:b8:cd:dc:
08:cf:1a:4c:41:d6:3e:04:23:88:54:24:30:82:2e:
d0:0f:c0:07:1b:ec:61:42:56:1c:45:19:62:75:00:
9a:46:67:b5:2b:99:5e:b3:dc:40:9d:f2:f8:c5:7c:
a3:33:b6:57:17:fb:a4:4e:65:33:3b:0b:70:81:34:
29:12:1d:da:0e:b9:7f:b9:13:24:57:a6:28:0b:fa:
8b:e0:eb:0e:aa:59:b3:49:ff:e0:f9:d6:35:93:1a:
f8:74:33:4d:63:50:32:5d:7f:ee:78:6d:64:4b:d8:
1d:65:70:f0:08:71:da:8d:1a:57:f3:f1:36:b5:dc:
90:52:2d:81:0d:23:41:ca:c8:eb:e2:01:d7:ce:7f:
1f:f0:18:a9:ed:55:b4:ef:8a:b6:4a:16:7d:1e:fd:
2b:bc:1c:f2:19:cd:ee:c5:e2:a0:01:df:da:86:f5:
30:71:70:16:95:4c:bc:eb:53:d2:75:17:8d:85:e9:
64:e2:32:7e:7f:30:2a:8f:6f:98:8f:94:b9:0e:21:
98:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:87:A9:08:C7:39:D8:F3:57:98:67:41:98:49:AD:4B:97:4A:FE:21
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/MoepCMc52PNXmGdBmEmtS5dK_iE.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
15:6b:82:f6:e4:e5:8c:17:07:78:39:8f:a4:ae:a0:b5:f2:03:
9b:5a:eb:03:c7:4d:5f:16:1f:24:6a:01:2c:f3:73:e1:b3:ce:
fb:5b:36:8b:79:12:99:4b:0c:d6:d4:11:97:8f:bc:07:2e:83:
c0:2b:9d:51:b2:2f:78:87:7e:fe:cb:43:65:df:36:db:b2:92:
c5:35:e7:2b:22:4e:29:36:28:b2:c3:63:03:1e:55:e8:5a:ab:
db:ea:e0:6e:c8:3e:cd:96:a7:b4:f0:e7:9b:c7:32:ab:ec:68:
c9:c5:2e:75:31:5e:43:07:b4:1c:cc:91:6d:1f:54:e5:a6:04:
ef:91:60:7f:70:88:38:6a:1e:f2:66:2a:ae:a9:d3:04:23:22:
bb:c8:96:a0:e7:ec:c9:46:e7:20:3f:6e:56:85:fb:0e:da:77:
5f:17:52:e4:f4:3c:10:8f:dd:d6:1e:d4:24:9b:3c:e8:7a:2f:
20:96:57:e1:89:f6:63:aa:af:e4:99:c2:7b:fa:c2:9c:47:ab:
25:0c:f5:f5:9b:57:c8:6f:6a:1a:e8:c9:3a:3e:6f:f5:44:8f:
3f:cc:4e:24:81:48:79:97:da:18:f0:b3:f0:12:1b:09:ca:48:
a1:e1:35:5c:77:5a:f3:49:20:53:05:e6:f8:39:13:fe:e4:16:
77:05:13:c7
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICUxEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDkw
ODIzNTdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDMyODdBOTA4QzczOUQ4
RjM1Nzk4Njc0MTk4NDlBRDRCOTc0QUZFMjEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCZ8IUdLeo0MzI3UIWqXjmLUIPDWbr/JQK78bRWyCbQRnBX/0Gp
1m74Lalh0OofXtQbQLvqMMlcjLjN3AjPGkxB1j4EI4hUJDCCLtAPwAcb7GFCVhxF
GWJ1AJpGZ7UrmV6z3ECd8vjFfKMztlcX+6ROZTM7C3CBNCkSHdoOuX+5EyRXpigL
+ovg6w6qWbNJ/+D51jWTGvh0M01jUDJdf+54bWRL2B1lcPAIcdqNGlfz8Ta13JBS
LYENI0HKyOviAdfOfx/wGKntVbTvirZKFn0e/Su8HPIZze7F4qAB39qG9TBxcBaV
TLzrU9J1F42F6WTiMn5/MCqPb5iPlLkOIZjpAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUMoepCMc52PNXmGdBmEmtS5dK/iEwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L01vZXBDTWM1MlBOWG1H
ZEJtRW10UzVkS19pRS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBABVrgvbk5YwXB3g5
j6SuoLXyA5ta6wPHTV8WHyRqASzzc+GzzvtbNot5EplLDNbUEZePvAcug8ArnVGy
L3iHfv7LQ2XfNtuyksU15ysiTik2KLLDYwMeVehaq9vq4G7IPs2Wp7Tw55vHMqvs
aMnFLnUxXkMHtBzMkW0fVOWmBO+RYH9wiDhqHvJmKq6p0wQjIrvIlqDn7MlG5yA/
blaF+w7ad18XUuT0PBCP3dYe1CSbPOh6LyCWV+GJ9mOqr+SZwnv6wpxHqyUM9fWb
V8hvahroyTo+b/VEjz/MTiSBSHmX2hjws/ASGwnKSKHhNVx3WvNJIFMF5vg5E/7k
FncFE8c=
-----END CERTIFICATE-----
Generated at Thu May 9 14:22:49 2024 by rpki-client on console.sobornost.net