Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/1_LycaKqoFPFfU-31LX4oDoO9zQ.roa
File: 1_LycaKqoFPFfU-31LX4oDoO9zQ.roa (raw, json)
Hash identifier: iHR8nhrHjwJLroy/2P4T1J9WDWtBTl+9RthFNiAD1us=
Subject key identifier: D7:F2:F2:71:A2:AA:A0:53:C5:7D:4F:B7:D4:B5:F8:A0:3A:0E:F7:34
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3F8B
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/1_LycaKqoFPFfU-31LX4oDoO9zQ.roa
Signing time: Sat 13 Apr 2024 07:22:49 +0000
ROA not before: Sat 13 Apr 2024 07:22:49 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16267 (0x3f8b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 13 07:22:49 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=D7F2F271A2AAA053C57D4FB7D4B5F8A03A0EF734
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:0d:d1:60:b5:cb:60:27:70:61:31:90:f1:28:
a6:47:88:2b:1f:1e:18:b6:2e:8d:ad:0f:2f:96:23:
75:95:33:83:4f:f1:5e:41:6f:0e:fd:b7:f4:d4:75:
72:58:52:6d:0b:69:64:43:9c:58:d5:b6:66:b8:f4:
d1:b7:fb:53:9c:b8:32:0a:c6:3a:d6:db:68:e7:ea:
96:0c:e6:81:e1:cb:92:ea:e2:20:24:7e:3f:af:99:
ec:ba:8d:f9:83:fd:9d:7a:63:80:4c:fa:9f:0c:8b:
93:18:f8:4f:8f:fe:e3:cd:d6:77:e5:b1:f7:4c:f6:
31:f6:2d:ea:21:f7:a1:ca:d1:b1:f7:18:59:2a:3a:
57:08:74:04:dd:be:90:81:c2:de:28:db:66:e6:26:
01:bf:f5:cd:d0:ea:4f:8d:db:8c:1f:03:14:1f:0b:
18:ec:e7:c0:71:3a:a5:4d:f4:0a:78:9e:93:09:d0:
d7:21:dd:ed:f8:26:2d:df:0a:a4:9e:0f:c6:a6:34:
0c:78:70:c3:20:f8:35:43:a8:5d:08:ad:4e:1e:3f:
63:14:83:8f:b1:45:61:73:e5:fe:4e:0d:46:c7:2a:
61:42:17:0d:fc:cf:07:81:cb:a2:c5:9e:08:15:d8:
17:3c:4a:0a:f9:82:89:7c:65:8b:b4:63:56:ab:18:
1e:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:F2:F2:71:A2:AA:A0:53:C5:7D:4F:B7:D4:B5:F8:A0:3A:0E:F7:34
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/1_LycaKqoFPFfU-31LX4oDoO9zQ.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
73:7f:74:85:65:de:a5:17:49:62:a0:c9:13:48:d3:11:23:d5:
9c:7a:32:a0:bf:54:4e:0f:ec:7e:d2:e0:21:1b:95:99:82:b3:
da:86:cb:e6:d3:47:5a:2f:b2:fa:2f:4c:5a:d8:ef:a5:94:91:
50:39:9a:f1:85:cd:60:a1:3f:9d:65:78:06:44:4a:35:aa:81:
8a:aa:bc:dd:73:e6:4b:c0:a6:8d:4c:6d:1f:73:a7:6b:1c:cc:
23:41:2e:5d:97:81:8d:3d:17:62:2d:95:a9:a7:52:01:a3:10:
6f:2f:c3:f6:12:be:18:e1:73:fd:7e:15:88:d9:19:eb:e8:9a:
a8:e7:13:fa:3d:5a:c6:51:28:44:e7:75:c8:1b:da:12:2d:74:
89:6e:52:52:23:4e:84:c8:15:38:10:0f:37:3b:58:5b:dd:54:
5a:76:e2:8a:8d:a0:e9:3f:32:cc:f9:8f:47:21:a7:f2:ba:ee:
21:eb:90:54:79:fe:eb:72:a5:33:fd:21:1d:67:5e:9b:90:ee:
ff:23:76:29:fc:61:f0:d7:60:bf:9c:c9:fd:b6:64:c3:d0:53:
fb:cb:ed:69:23:87:ba:a0:fa:b6:67:b2:77:c8:4b:87:2f:de:
87:b1:09:b3:4b:9a:7d:78:9e:95:ba:36:ae:2f:54:12:3f:17:
0f:c5:82:bb
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICP4swDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTMw
NzIyNDlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEQ3RjJGMjcxQTJBQUEw
NTNDNTdENEZCN0Q0QjVGOEEwM0EwRUY3MzQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDWDdFgtctgJ3BhMZDxKKZHiCsfHhi2Lo2tDy+WI3WVM4NP8V5B
bw79t/TUdXJYUm0LaWRDnFjVtma49NG3+1OcuDIKxjrW22jn6pYM5oHhy5Lq4iAk
fj+vmey6jfmD/Z16Y4BM+p8Mi5MY+E+P/uPN1nflsfdM9jH2Leoh96HK0bH3GFkq
OlcIdATdvpCBwt4o22bmJgG/9c3Q6k+N24wfAxQfCxjs58BxOqVN9Ap4npMJ0Nch
3e34Ji3fCqSeD8amNAx4cMMg+DVDqF0IrU4eP2MUg4+xRWFz5f5ODUbHKmFCFw38
zweBy6LFnggV2Bc8Sgr5gol8ZYu0Y1arGB59AgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQU1/LycaKqoFPFfU+31LX4oDoO9zQwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzFfTHljYUtxb0ZQRmZV
LTMxTFg0b0RvTzl6US5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAHN/dIVl3qUXSWKgyRNI0xEj1Zx6MqC/
VE4P7H7S4CEblZmCs9qGy+bTR1ovsvovTFrY76WUkVA5mvGFzWChP51leAZESjWq
gYqqvN1z5kvApo1MbR9zp2sczCNBLl2XgY09F2ItlamnUgGjEG8vw/YSvhjhc/1+
FYjZGevomqjnE/o9WsZRKETndcgb2hItdIluUlIjToTIFTgQDzc7WFvdVFp24oqN
oOk/Msz5j0chp/K67iHrkFR5/utypTP9IR1nXpuQ7v8jdin8YfDXYL+cyf22ZMPQ
U/vL7Wkjh7qg+rZnsnfIS4cv3oexCbNLmn14npW6Nq4vVBI/Fw/Fgrs=
-----END CERTIFICATE-----
Generated at Sat Apr 13 13:47:28 2024 by rpki-client on console.sobornost.net