Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/enMRXJxdzqTuy3Q_Tig-olGvuZA.roa
File: enMRXJxdzqTuy3Q_Tig-olGvuZA.roa (raw, json)
Hash identifier: NgXsdekzt0MzPv8HUbyzJF8VMeQklm1Cy+Vanq4YXXc=
Subject key identifier: 7A:73:11:5C:9C:5D:CE:A4:EE:CB:74:3F:4E:28:3E:A2:51:AF:B9:90
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 5361
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/enMRXJxdzqTuy3Q_Tig-olGvuZA.roa
Signing time: Thu 09 May 2024 18:23:58 +0000
ROA not before: Thu 09 May 2024 18:23:58 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21345 (0x5361)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 9 18:23:58 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=7A73115C9C5DCEA4EECB743F4E283EA251AFB990
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:52:8d:b1:a2:55:ec:12:5f:6a:36:4b:51:b9:
50:db:b3:6c:6a:15:3a:3b:50:ba:08:b3:30:17:6e:
5a:cc:9d:a2:b1:de:f2:27:67:56:8d:06:2a:a6:e8:
1e:ea:f4:b7:a5:a9:4b:ce:59:c5:ac:65:5f:cc:aa:
7d:fd:fe:3b:60:f8:dc:ec:b5:97:f2:d3:05:c6:9c:
d1:8c:69:fa:99:17:85:86:da:a7:d1:04:fd:8e:6c:
65:88:69:a2:76:f6:68:1a:a6:40:39:28:dd:18:55:
ce:a8:b9:c7:0c:cd:b7:10:94:ed:98:00:ff:83:0c:
75:fa:da:b4:6f:b6:a2:fc:1d:dc:43:23:2a:e2:52:
43:fd:f1:15:68:af:e8:1a:bd:ed:69:2a:9f:fb:79:
75:df:57:d4:b4:22:69:cc:85:c8:fa:38:f2:69:a8:
c7:b5:e3:bc:81:13:f2:b7:00:29:c7:eb:d0:ad:6f:
d9:6e:1b:d5:68:f7:bb:3f:35:e9:67:23:43:b7:71:
6b:4d:fa:b2:bd:ce:02:be:1f:c1:2b:0c:99:6e:74:
7e:44:6c:ae:0b:ca:85:5d:b4:bd:eb:3e:4a:13:ae:
72:46:2a:ea:7b:ae:9d:61:54:bb:11:c7:da:ae:30:
24:cc:0e:6c:b9:06:4b:88:0d:4d:c3:be:3c:2e:ae:
ae:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:73:11:5C:9C:5D:CE:A4:EE:CB:74:3F:4E:28:3E:A2:51:AF:B9:90
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/enMRXJxdzqTuy3Q_Tig-olGvuZA.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
ba:cc:e0:ab:6b:a8:cd:4c:38:ce:49:fc:ca:7f:04:bb:b5:ca:
62:8a:78:7c:93:81:df:dd:4a:79:30:24:66:b8:93:e8:9e:b0:
3f:19:37:fc:4c:63:eb:b4:59:96:e1:cb:5c:fb:ee:e7:0a:6d:
f9:47:6c:8c:b3:72:87:df:f1:5c:61:60:0f:b4:42:3d:55:55:
96:77:e1:98:e2:a8:03:a9:29:64:47:41:bb:cd:80:1c:41:91:
22:d5:e0:b9:d5:6c:b7:13:da:b3:c2:35:9f:3b:e8:d5:d1:ff:
ae:a9:82:db:f0:0d:ee:84:84:59:42:7c:00:35:e6:ac:1f:9a:
56:ae:8b:47:68:b0:04:28:9d:16:6b:82:4e:92:75:aa:96:3b:
62:2a:8b:63:91:96:a4:38:4d:d0:59:87:f9:a9:bc:93:22:a0:
18:4a:28:f5:ab:25:79:6e:30:82:fb:5c:c8:13:a1:2a:3d:3b:
e5:a0:8a:ff:2e:55:89:4b:eb:7a:db:8c:18:4b:77:b9:19:1d:
e0:9f:f7:fe:ee:31:32:b9:8c:d6:44:39:7c:85:1b:a6:23:68:
d7:5b:1b:ae:ba:50:20:0b:13:b0:b7:44:a6:2e:af:d6:91:66:
83:b9:f8:55:31:8a:3e:88:10:fc:01:a5:2b:e6:2e:bb:3f:78:
d9:c9:3e:e1
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICU2EwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDkx
ODIzNThaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDdBNzMxMTVDOUM1RENF
QTRFRUNCNzQzRjRFMjgzRUEyNTFBRkI5OTAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDCUo2xolXsEl9qNktRuVDbs2xqFTo7ULoIszAXblrMnaKx3vIn
Z1aNBiqm6B7q9LelqUvOWcWsZV/Mqn39/jtg+NzstZfy0wXGnNGMafqZF4WG2qfR
BP2ObGWIaaJ29mgapkA5KN0YVc6ouccMzbcQlO2YAP+DDHX62rRvtqL8HdxDIyri
UkP98RVor+gave1pKp/7eXXfV9S0ImnMhcj6OPJpqMe147yBE/K3ACnH69Ctb9lu
G9Vo97s/NelnI0O3cWtN+rK9zgK+H8ErDJludH5EbK4LyoVdtL3rPkoTrnJGKup7
rp1hVLsRx9quMCTMDmy5BkuIDU3Dvjwurq63AgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUenMRXJxdzqTuy3Q/Tig+olGvuZAwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2VuTVJYSnhkenFUdXkz
UV9UaWctb2xHdnVaQS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBALrM4KtrqM1MOM5J
/Mp/BLu1ymKKeHyTgd/dSnkwJGa4k+iesD8ZN/xMY+u0WZbhy1z77ucKbflHbIyz
coff8VxhYA+0Qj1VVZZ34ZjiqAOpKWRHQbvNgBxBkSLV4LnVbLcT2rPCNZ876NXR
/66pgtvwDe6EhFlCfAA15qwfmlaui0dosAQonRZrgk6SdaqWO2Iqi2ORlqQ4TdBZ
h/mpvJMioBhKKPWrJXluMIL7XMgToSo9O+Wgiv8uVYlL63rbjBhLd7kZHeCf9/7u
MTK5jNZEOXyFG6YjaNdbG666UCALE7C3RKYur9aRZoO5+FUxij6IEPwBpSvmLrs/
eNnJPuE=
-----END CERTIFICATE-----
Generated at Fri May 10 00:19:25 2024 by rpki-client on console.sobornost.net