Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/mGpwdgb6IewWvcN-Ys9YnsFSGZc.roa
File: mGpwdgb6IewWvcN-Ys9YnsFSGZc.roa (raw, json)
Hash identifier: ExRSS6RY5GdJoOOiF7czO3UvofEI8l/rpnFY75IpsaA=
Subject key identifier: 98:6A:70:76:06:FA:21:EC:16:BD:C3:7E:62:CF:58:9E:C1:52:19:97
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 543D
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/mGpwdgb6IewWvcN-Ys9YnsFSGZc.roa
Signing time: Fri 10 May 2024 21:54:05 +0000
ROA not before: Fri 10 May 2024 21:54:05 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21565 (0x543d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 10 21:54:05 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=986A707606FA21EC16BDC37E62CF589EC1521997
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:07:04:4f:14:ba:92:08:6f:cc:a5:71:e2:37:
ea:09:78:1c:28:33:4a:47:e5:71:2c:9f:99:6c:3b:
f5:b6:54:78:04:33:44:89:4e:59:5d:71:11:06:06:
9c:39:77:68:32:cd:54:88:1a:9e:1d:72:27:1c:d9:
20:f2:87:43:2e:76:00:2f:03:88:96:15:3f:d0:45:
b3:92:3d:67:59:d8:b4:14:9f:f5:de:9c:b4:ed:c3:
35:5d:83:03:fd:cd:38:60:1b:e7:61:14:27:d7:8f:
d1:50:3f:ae:45:2e:d6:65:fd:db:5b:dc:f0:35:83:
5a:05:02:56:90:ba:0f:3c:51:b4:bb:bf:9b:5a:b9:
88:31:95:ac:f0:d8:e1:f5:8c:58:63:2d:c5:36:3b:
4d:06:1b:34:9e:a7:6c:e1:d0:93:6d:ee:00:ff:c0:
1f:50:5a:f9:80:86:ce:2b:e1:17:be:c0:06:fc:57:
5a:b1:f6:b7:2d:cc:b4:f8:4c:12:50:95:8b:64:9f:
af:c5:43:81:98:1c:2d:bc:53:fa:b4:95:e0:c5:28:
9a:09:92:f8:aa:0c:ba:5d:3f:4a:ce:92:45:68:8a:
ab:48:a4:58:8e:3b:d6:7c:b8:6a:9a:d6:27:1e:87:
01:c5:60:bc:28:31:ab:97:1b:b8:39:66:0c:c8:0a:
fe:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:6A:70:76:06:FA:21:EC:16:BD:C3:7E:62:CF:58:9E:C1:52:19:97
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/mGpwdgb6IewWvcN-Ys9YnsFSGZc.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
44:11:a2:52:f2:ec:e1:95:9f:70:cc:bb:65:fb:19:3f:7d:e6:
a7:c7:48:95:96:c5:1a:f1:ad:a6:64:d8:a5:23:e1:f0:37:b5:
6b:1b:9f:75:78:d1:f6:4a:b8:74:ed:34:6c:c2:50:fc:f8:27:
62:47:71:ee:d5:b8:b3:af:54:3e:d3:1b:78:4d:ac:49:5c:dc:
84:8a:0a:db:de:d5:53:a9:c5:1d:b4:5c:04:eb:bf:f2:ad:85:
7e:3a:e8:90:3e:d4:a6:4b:2f:c7:2d:f7:0d:5b:5b:41:d4:f9:
81:a6:c8:d3:fb:1a:86:72:9e:dd:74:b0:11:94:46:f3:82:c8:
78:32:38:a7:12:41:0e:10:d2:05:cd:d2:28:a2:a9:6a:50:e6:
a8:a5:d2:9d:69:51:e5:2d:3c:20:67:3d:3f:b0:67:53:be:a5:
5b:2b:c6:5a:db:2e:3c:fc:d8:9a:a5:b1:0f:4d:8c:e3:bb:8b:
e3:f9:42:d4:a4:e6:cb:68:a4:f7:51:aa:9f:7c:17:0b:56:94:
97:8d:5f:ac:0f:4c:97:bd:12:d7:2b:bb:ed:7e:d7:a2:22:e7:
4b:57:d9:2a:7e:69:12:1a:a7:16:cb:e5:7b:47:9f:d4:c8:5d:
ed:b2:1f:5b:78:92:a5:25:2d:6d:8d:3e:1c:69:73:2c:96:d1:
10:fe:78:17
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICVD0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MTAy
MTU0MDVaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDk4NkE3MDc2MDZGQTIx
RUMxNkJEQzM3RTYyQ0Y1ODlFQzE1MjE5OTcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDxBwRPFLqSCG/MpXHiN+oJeBwoM0pH5XEsn5lsO/W2VHgEM0SJ
TlldcREGBpw5d2gyzVSIGp4dcicc2SDyh0MudgAvA4iWFT/QRbOSPWdZ2LQUn/Xe
nLTtwzVdgwP9zThgG+dhFCfXj9FQP65FLtZl/dtb3PA1g1oFAlaQug88UbS7v5ta
uYgxlazw2OH1jFhjLcU2O00GGzSep2zh0JNt7gD/wB9QWvmAhs4r4Re+wAb8V1qx
9rctzLT4TBJQlYtkn6/FQ4GYHC28U/q0leDFKJoJkviqDLpdP0rOkkVoiqtIpFiO
O9Z8uGqa1icehwHFYLwoMauXG7g5ZgzICv7FAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUmGpwdgb6IewWvcN+Ys9YnsFSGZcwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L21HcHdkZ2I2SWV3V3Zj
Ti1ZczlZbnNGU0daYy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAEQRolLy7OGVn3DM
u2X7GT995qfHSJWWxRrxraZk2KUj4fA3tWsbn3V40fZKuHTtNGzCUPz4J2JHce7V
uLOvVD7TG3hNrElc3ISKCtve1VOpxR20XATrv/KthX466JA+1KZLL8ct9w1bW0HU
+YGmyNP7GoZynt10sBGURvOCyHgyOKcSQQ4Q0gXN0iiiqWpQ5qil0p1pUeUtPCBn
PT+wZ1O+pVsrxlrbLjz82JqlsQ9NjOO7i+P5QtSk5stopPdRqp98FwtWlJeNX6wP
TJe9Etcru+1+16Ii50tX2Sp+aRIapxbL5XtHn9TIXe2yH1t4kqUlLW2NPhxpcyyW
0RD+eBc=
-----END CERTIFICATE-----
Generated at Sat May 11 02:53:20 2024 by rpki-client on console.sobornost.net