Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/2jmS62xvJNMKcE-cPzpqHjTGXuA.roa
File: 2jmS62xvJNMKcE-cPzpqHjTGXuA.roa (raw, json)
Hash identifier: azwbc/f0zPt/zb0us23ffHRRveNjYH7vEruf+4Pqktc=
Subject key identifier: DA:39:92:EB:6C:6F:24:D3:0A:70:4F:9C:3F:3A:6A:1E:34:C6:5E:E0
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4A7B
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/2jmS62xvJNMKcE-cPzpqHjTGXuA.roa
Signing time: Sat 27 Apr 2024 21:23:28 +0000
ROA not before: Sat 27 Apr 2024 21:23:28 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 19067 (0x4a7b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 27 21:23:28 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=DA3992EB6C6F24D30A704F9C3F3A6A1E34C65EE0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:a2:01:a3:0d:31:2a:11:9c:17:17:c9:60:20:
93:52:45:9b:b7:69:a5:d6:ab:98:42:20:8a:93:52:
5a:81:8c:46:c8:f1:e9:d9:94:4c:5e:44:cf:d4:e6:
24:db:69:cc:b4:7a:25:9f:41:18:63:3c:20:d5:d1:
89:50:40:59:8d:2c:24:4d:74:9f:a0:57:64:5a:5e:
cf:66:f1:22:e5:5d:c6:44:e4:32:45:24:12:1c:87:
d4:a8:aa:5e:84:01:47:fc:be:ad:a8:b0:84:b2:3e:
a7:73:95:2e:dc:38:b5:7e:13:5c:fa:62:d1:1e:c6:
f1:1b:6a:5b:07:07:f4:1d:4e:0d:6d:4e:d9:6c:5b:
59:a4:8b:43:37:3c:42:d0:73:c2:6a:dd:5e:64:57:
a0:04:00:d4:7f:6d:e3:0f:36:f3:d3:e4:a8:26:92:
34:69:c1:21:7d:f0:c7:ab:83:98:3a:ff:16:c0:56:
43:50:3b:12:7a:60:17:a8:19:00:30:2d:34:74:6b:
46:f1:56:6d:95:02:3e:8d:35:fc:71:1a:28:c1:d4:
30:60:80:99:45:b5:fa:92:e5:bb:d7:83:39:55:7a:
a6:e4:d4:df:39:ec:f8:b8:25:01:af:72:e5:60:c9:
f2:8e:77:d6:b1:4d:ed:9e:f2:1a:74:d9:63:61:7d:
fa:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:39:92:EB:6C:6F:24:D3:0A:70:4F:9C:3F:3A:6A:1E:34:C6:5E:E0
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/2jmS62xvJNMKcE-cPzpqHjTGXuA.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
67:c4:30:a2:ad:f9:59:5c:61:66:37:03:0b:6a:1e:4d:48:4f:
58:4d:39:eb:1a:17:e9:50:9b:8e:61:55:a8:a2:11:70:c1:c8:
92:71:0e:09:69:bf:77:29:0c:a9:65:67:d6:42:5b:a4:bb:55:
01:c6:9d:17:22:3e:0a:42:0f:1b:db:fd:f9:79:64:f9:c3:c4:
18:6a:9b:0f:bd:24:60:06:cf:b8:91:b6:e9:44:ae:48:17:fd:
7f:d5:45:97:06:11:e6:5b:5b:cf:ee:78:a3:32:9a:eb:7d:bd:
b6:1a:2d:e4:2d:f4:40:e7:02:f3:ae:e4:04:ba:99:b4:6b:ae:
cb:d2:2b:79:ee:e4:c9:15:ec:95:0e:f3:4e:25:14:38:cf:fe:
17:f8:12:20:53:fc:9e:23:9c:b7:f6:0e:a7:29:de:3c:56:72:
6f:07:85:07:c3:d4:6d:cb:a0:7a:ff:c9:a2:3c:b6:34:4e:b7:
f4:4d:ee:93:3d:f3:09:ab:ca:2d:c0:04:b8:fc:fa:af:49:a2:
5d:8e:fd:00:57:b0:ae:ac:0f:4b:df:cf:17:38:45:66:3a:24:
8b:fe:96:fb:d1:86:d4:5d:4e:d7:62:4b:88:d8:98:6b:30:71:
91:db:a5:d0:c2:c9:a4:7e:b8:cc:d0:6d:b9:38:d4:0c:8f:36:
20:e4:5a:eb
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICSnswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0Mjcy
MTIzMjhaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKERBMzk5MkVCNkM2RjI0
RDMwQTcwNEY5QzNGM0E2QTFFMzRDNjVFRTAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDQogGjDTEqEZwXF8lgIJNSRZu3aaXWq5hCIIqTUlqBjEbI8enZ
lExeRM/U5iTbacy0eiWfQRhjPCDV0YlQQFmNLCRNdJ+gV2RaXs9m8SLlXcZE5DJF
JBIch9Soql6EAUf8vq2osISyPqdzlS7cOLV+E1z6YtEexvEbalsHB/QdTg1tTtls
W1mki0M3PELQc8Jq3V5kV6AEANR/beMPNvPT5KgmkjRpwSF98Merg5g6/xbAVkNQ
OxJ6YBeoGQAwLTR0a0bxVm2VAj6NNfxxGijB1DBggJlFtfqS5bvXgzlVeqbk1N85
7Pi4JQGvcuVgyfKOd9axTe2e8hp02WNhffq7AgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQU2jmS62xvJNMKcE+cPzpqHjTGXuAwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzJqbVM2Mnh2Sk5NS2NF
LWNQenBxSGpUR1h1QS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAGfEMKKt+VlcYWY3AwtqHk1IT1hNOesa
F+lQm45hVaiiEXDByJJxDglpv3cpDKllZ9ZCW6S7VQHGnRciPgpCDxvb/fl5ZPnD
xBhqmw+9JGAGz7iRtulErkgX/X/VRZcGEeZbW8/ueKMymut9vbYaLeQt9EDnAvOu
5AS6mbRrrsvSK3nu5MkV7JUO804lFDjP/hf4EiBT/J4jnLf2Dqcp3jxWcm8HhQfD
1G3LoHr/yaI8tjROt/RN7pM98wmryi3ABLj8+q9Jol2O/QBXsK6sD0vfzxc4RWY6
JIv+lvvRhtRdTtdiS4jYmGswcZHbpdDCyaR+uMzQbbk41AyPNiDkWus=
-----END CERTIFICATE-----
Generated at Sat Apr 27 23:07:05 2024 by rpki-client on console.sobornost.net