Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/0KHzm7bwxxGZrlh98AMLm_muXCY.roa
File: 0KHzm7bwxxGZrlh98AMLm_muXCY.roa (raw, json)
Hash identifier: HcLqZR0Nc/cQlmDZ+XvIrLhFSAnJC2TJMhkRiDomlTw=
Subject key identifier: D0:A1:F3:9B:B6:F0:C7:11:99:AE:58:7D:F0:03:0B:9B:F9:AE:5C:26
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 5347
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/0KHzm7bwxxGZrlh98AMLm_muXCY.roa
Signing time: Thu 09 May 2024 14:53:58 +0000
ROA not before: Thu 09 May 2024 14:53:58 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21319 (0x5347)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 9 14:53:58 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=D0A1F39BB6F0C71199AE587DF0030B9BF9AE5C26
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:b3:8e:39:74:fc:fc:e8:5a:59:80:db:d9:43:
8d:68:d9:71:64:8c:37:e5:74:f8:61:94:a8:ff:38:
fb:88:d6:f1:03:92:b7:07:06:ef:4a:32:27:d6:fd:
30:f0:52:da:5a:0a:19:c1:af:6d:c2:c6:88:e8:d7:
7a:d2:cc:be:19:90:77:af:f3:fe:0a:71:19:a9:84:
a3:b8:41:38:6b:28:0c:65:06:b5:8c:c1:f8:f2:d7:
5c:e9:a0:11:24:91:f0:01:bf:23:d2:eb:06:15:d5:
46:77:23:6f:4c:0e:3a:2a:c2:f3:59:b2:2f:2b:b9:
e0:57:0d:f4:4f:e0:14:f3:b5:c0:23:42:94:05:9a:
3f:bc:9a:32:dd:6a:97:3a:bd:96:82:09:ac:a0:6d:
83:65:ce:5c:21:e9:33:d3:85:15:38:5a:84:c6:a9:
38:3b:5f:13:99:d7:d1:c2:3a:23:e8:32:8f:db:a8:
6b:60:e1:db:90:de:7c:18:80:1d:99:45:d6:a6:79:
f8:cf:54:d1:16:92:27:a0:97:58:fb:fe:e3:ff:9a:
68:f1:02:d9:7f:1b:aa:be:a3:a6:c8:f7:cc:2c:a3:
0d:ac:51:4a:9e:22:9e:74:7b:89:c6:1f:6a:8a:18:
b4:4f:4f:15:6a:ac:a8:af:cc:02:8f:0f:0e:8c:ac:
d7:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:A1:F3:9B:B6:F0:C7:11:99:AE:58:7D:F0:03:0B:9B:F9:AE:5C:26
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/0KHzm7bwxxGZrlh98AMLm_muXCY.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
0f:11:6e:54:45:e8:93:2d:35:c5:06:87:93:df:b9:d3:4c:7b:
88:19:5a:df:31:c8:76:8d:3c:88:dc:03:b2:24:e5:6b:e6:5a:
6b:99:ff:99:61:95:a9:db:72:49:77:b9:d7:76:2f:bc:4d:38:
48:2a:56:16:cf:8a:b9:ae:c5:ea:30:fb:52:1e:96:06:df:61:
ec:d0:e9:f3:b2:b8:cd:39:ae:53:ae:d2:e4:3d:89:37:7d:60:
47:4d:04:cb:5c:2b:27:95:76:b3:dd:db:c2:65:b8:c3:1c:d7:
19:89:8b:b2:ed:b1:57:fb:98:ba:5b:53:5f:2c:e3:35:ca:1d:
46:b5:95:be:f2:e9:36:cc:8c:ea:58:6a:0f:71:b4:ff:00:9b:
dd:43:79:fa:ca:f3:4f:0c:58:fd:64:38:7d:af:cf:3b:76:4a:
f3:08:f5:91:08:0d:54:5d:44:35:f9:e9:38:dd:4e:b0:1e:89:
42:55:60:2d:1c:6e:25:9c:18:f2:9b:81:1a:bd:58:bb:6d:6c:
d8:77:4b:fd:dc:44:af:2a:b6:00:4c:22:e7:58:d6:9d:c4:d9:
12:b8:08:1a:52:43:ec:8c:e2:78:cc:fc:0c:c9:b6:4b:7f:a8:
7c:d1:b4:72:a5:ba:ce:76:17:a0:f9:aa:dc:e5:77:8b:a6:41:
03:a5:03:00
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICU0cwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDkx
NDUzNThaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEQwQTFGMzlCQjZGMEM3
MTE5OUFFNTg3REYwMDMwQjlCRjlBRTVDMjYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDhs445dPz86FpZgNvZQ41o2XFkjDfldPhhlKj/OPuI1vEDkrcH
Bu9KMifW/TDwUtpaChnBr23Cxojo13rSzL4ZkHev8/4KcRmphKO4QThrKAxlBrWM
wfjy11zpoBEkkfABvyPS6wYV1UZ3I29MDjoqwvNZsi8rueBXDfRP4BTztcAjQpQF
mj+8mjLdapc6vZaCCaygbYNlzlwh6TPThRU4WoTGqTg7XxOZ19HCOiPoMo/bqGtg
4duQ3nwYgB2ZRdamefjPVNEWkiegl1j7/uP/mmjxAtl/G6q+o6bI98wsow2sUUqe
Ip50e4nGH2qKGLRPTxVqrKivzAKPDw6MrNfBAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQU0KHzm7bwxxGZrlh98AMLm/muXCYwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzBLSHptN2J3eHhHWnJs
aDk4QU1MbV9tdVhDWS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAA8RblRF6JMtNcUGh5PfudNMe4gZWt8x
yHaNPIjcA7Ik5WvmWmuZ/5lhlanbckl3udd2L7xNOEgqVhbPirmuxeow+1Ielgbf
YezQ6fOyuM05rlOu0uQ9iTd9YEdNBMtcKyeVdrPd28JluMMc1xmJi7LtsVf7mLpb
U18s4zXKHUa1lb7y6TbMjOpYag9xtP8Am91DefrK808MWP1kOH2vzzt2SvMI9ZEI
DVRdRDX56TjdTrAeiUJVYC0cbiWcGPKbgRq9WLttbNh3S/3cRK8qtgBMIudY1p3E
2RK4CBpSQ+yM4njM/AzJtkt/qHzRtHKlus52F6D5qtzld4umQQOlAwA=
-----END CERTIFICATE-----
Generated at Thu May 9 21:56:18 2024 by rpki-client on console.sobornost.net