Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/wMoql2BZoP8kHqzoQkUjklvj0Yg.roa
File: wMoql2BZoP8kHqzoQkUjklvj0Yg.roa (raw, json)
Hash identifier: wttFb/7omzrIH0A6J/iPgDDuT5ROPM1AFu6h7JVW2iU=
Subject key identifier: C0:CA:2A:97:60:59:A0:FF:24:1E:AC:E8:42:45:23:92:5B:E3:D1:88
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 54A1
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/wMoql2BZoP8kHqzoQkUjklvj0Yg.roa
Signing time: Sat 11 May 2024 10:24:03 +0000
ROA not before: Sat 11 May 2024 10:24:03 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21665 (0x54a1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 11 10:24:03 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=C0CA2A976059A0FF241EACE8424523925BE3D188
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:ac:50:7f:dc:6a:9c:a6:cf:40:c7:80:88:69:
0a:ed:9e:44:7e:0f:9d:c3:d0:34:b2:e0:7f:3b:f8:
19:3e:9c:77:99:16:72:5b:a3:20:1d:1f:67:52:58:
cb:4d:9d:72:06:2c:33:78:1d:e2:b3:df:c9:e1:a5:
ee:2e:ca:61:57:26:8b:4e:1b:a6:ef:46:06:26:0c:
4a:a5:1b:2a:a2:af:90:57:12:8a:bf:52:5e:4d:02:
05:90:3e:17:91:30:0f:b2:dc:e9:99:19:35:71:98:
c2:2a:81:f0:cc:43:9e:04:b0:7a:f0:08:4c:5e:b4:
8d:4e:a8:70:75:e7:d7:74:e9:b7:0a:b3:54:79:5c:
1f:1f:d5:07:7e:42:dc:ae:f5:93:37:2b:83:45:fb:
05:a1:6b:46:c3:52:1f:3c:0b:94:05:36:87:b6:2b:
b9:56:5c:06:94:af:a1:c8:52:02:35:aa:06:65:4e:
17:d5:b7:2f:a4:c9:14:55:23:56:db:a5:61:a4:86:
f1:c6:ae:b3:37:10:b0:f6:c0:8c:19:c1:61:5c:c4:
e5:14:a2:8b:b7:34:fe:c3:78:79:50:19:9c:f9:e4:
06:ca:15:c6:78:21:3a:72:c7:c1:55:ac:82:8a:bf:
02:99:4d:d3:9f:94:18:60:cb:9a:2e:f7:06:80:30:
a4:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:CA:2A:97:60:59:A0:FF:24:1E:AC:E8:42:45:23:92:5B:E3:D1:88
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/wMoql2BZoP8kHqzoQkUjklvj0Yg.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
46:71:d5:2a:cf:27:bd:22:0d:fc:9d:34:f4:b1:80:ca:5c:e9:
91:02:45:b8:3a:b6:6b:8e:63:90:58:45:89:dc:f7:c6:c1:79:
1c:90:3a:ea:3c:f2:de:41:24:56:3e:c3:da:85:55:29:a7:30:
de:a5:4f:21:45:04:13:a4:2b:80:46:ca:fb:f4:0c:78:a1:74:
80:a5:46:4e:ea:bf:7f:50:f4:26:1f:97:95:ea:3c:1d:74:bc:
e0:5d:e8:3b:33:30:93:54:14:c4:db:bc:87:9a:9e:40:69:ed:
87:87:80:45:7c:8c:e5:b8:28:ce:5e:ca:e8:ea:bf:bf:8a:09:
f7:d9:24:92:4a:27:b9:1a:de:c1:84:60:e9:e9:1e:1f:32:3a:
b2:7c:da:01:67:32:07:c6:9c:61:d8:b5:39:1e:af:26:49:b2:
32:88:ae:f9:d0:ec:b9:85:be:ec:69:50:45:b2:06:32:94:bd:
e7:eb:e4:44:aa:8e:6a:a8:0b:bc:e8:0d:1c:fd:fa:90:39:85:
cf:4e:b6:f4:98:3d:41:f8:2f:98:d9:f4:35:7d:72:15:44:08:
d9:ef:40:45:76:18:b2:ed:20:10:cd:b8:bd:bc:af:b4:23:a7:
92:ae:5c:aa:c4:80:32:09:81:fb:59:79:18:ac:ba:a2:37:e9:
d5:4e:4f:69
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICVKEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MTEx
MDI0MDNaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEMwQ0EyQTk3NjA1OUEw
RkYyNDFFQUNFODQyNDUyMzkyNUJFM0QxODgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC2rFB/3Gqcps9Ax4CIaQrtnkR+D53D0DSy4H87+Bk+nHeZFnJb
oyAdH2dSWMtNnXIGLDN4HeKz38nhpe4uymFXJotOG6bvRgYmDEqlGyqir5BXEoq/
Ul5NAgWQPheRMA+y3OmZGTVxmMIqgfDMQ54EsHrwCExetI1OqHB159d06bcKs1R5
XB8f1Qd+Qtyu9ZM3K4NF+wWha0bDUh88C5QFNoe2K7lWXAaUr6HIUgI1qgZlThfV
ty+kyRRVI1bbpWGkhvHGrrM3ELD2wIwZwWFcxOUUoou3NP7DeHlQGZz55AbKFcZ4
ITpyx8FVrIKKvwKZTdOflBhgy5ou9waAMKQ3AgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUwMoql2BZoP8kHqzoQkUjklvj0YgwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3dNb3FsMkJab1A4a0hx
em9Ra1Vqa2x2ajBZZy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAEZx1SrPJ70iDfyd
NPSxgMpc6ZECRbg6tmuOY5BYRYnc98bBeRyQOuo88t5BJFY+w9qFVSmnMN6lTyFF
BBOkK4BGyvv0DHihdIClRk7qv39Q9CYfl5XqPB10vOBd6DszMJNUFMTbvIeankBp
7YeHgEV8jOW4KM5eyujqv7+KCffZJJJKJ7ka3sGEYOnpHh8yOrJ82gFnMgfGnGHY
tTkeryZJsjKIrvnQ7LmFvuxpUEWyBjKUvefr5ESqjmqoC7zoDRz9+pA5hc9OtvSY
PUH4L5jZ9DV9chVECNnvQEV2GLLtIBDNuL28r7Qjp5KuXKrEgDIJgftZeRisuqI3
6dVOT2k=
-----END CERTIFICATE-----
Generated at Sat May 11 14:26:45 2024 by rpki-client on console.sobornost.net