Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/37YSAhYpVoVS9mTzJkbSQn4Yci4.roa
File: 37YSAhYpVoVS9mTzJkbSQn4Yci4.roa (raw, json)
Hash identifier: yvi4QxD4fQySjVV2+kOOvbfG+PuaTp0iR7llV2uLwgw=
Subject key identifier: DF:B6:12:02:16:29:56:85:52:F6:64:F3:26:46:D2:42:7E:18:72:2E
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 444F
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/37YSAhYpVoVS9mTzJkbSQn4Yci4.roa
Signing time: Fri 19 Apr 2024 15:53:06 +0000
ROA not before: Fri 19 Apr 2024 15:53:06 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17487 (0x444f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 19 15:53:06 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=DFB612021629568552F664F32646D2427E18722E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:07:08:8e:6a:37:87:1c:42:9a:6e:5a:53:93:
f5:3d:0f:9b:63:8e:db:74:a4:ef:6f:fc:00:18:3e:
e9:78:82:30:66:b8:f5:3d:94:a9:57:c2:7d:89:67:
22:0d:2b:ad:32:fe:5f:56:5e:d9:3d:15:79:1f:4d:
8f:15:0c:3b:6e:48:b2:bd:d2:ca:3e:95:d4:03:86:
ec:ea:24:d0:a6:f8:c8:26:f7:02:be:f1:72:41:7b:
3d:07:50:0f:f3:03:3d:1f:75:25:98:29:01:33:94:
ae:63:96:d1:69:d0:1c:80:95:9e:59:8f:11:da:ee:
46:a3:24:f4:a9:3a:b4:a1:64:25:d1:d8:2c:20:04:
ee:aa:8b:e8:14:8f:da:7d:b8:8a:7d:02:be:48:bc:
9e:4f:15:b2:19:23:e3:cb:91:be:44:0d:ec:39:9c:
a3:e9:94:98:2f:0b:94:b4:28:e8:73:96:0a:7f:e3:
8c:b2:8a:46:ba:e5:cc:a3:7b:1e:5b:bc:ab:ae:72:
29:b9:d4:94:fd:a1:f9:3f:a8:f5:19:fe:6c:ad:f3:
a9:4e:7c:53:b9:35:ad:81:ce:65:dc:90:df:00:47:
78:cb:5b:78:cd:84:b3:b7:71:37:5c:b6:24:4b:6a:
8b:f7:61:68:d9:87:db:32:6e:01:26:4b:05:df:68:
2c:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:B6:12:02:16:29:56:85:52:F6:64:F3:26:46:D2:42:7E:18:72:2E
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/37YSAhYpVoVS9mTzJkbSQn4Yci4.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
42:e6:b3:45:60:c3:00:6a:29:a7:98:62:42:81:45:33:a9:1c:
28:c9:3f:5a:67:f8:5d:1d:ac:63:b3:1b:43:f9:11:b1:f2:b8:
3f:c5:6d:40:1f:ea:88:a1:9f:4e:ef:f7:67:0d:80:d3:31:6a:
09:c5:30:90:24:b7:c9:71:7a:86:0f:a4:a2:30:08:49:91:5d:
fb:cb:47:47:cc:c2:62:06:d4:62:fc:66:66:31:cd:75:e2:98:
d1:a8:e3:bc:32:6d:cb:be:d8:e9:a6:9f:38:0a:6c:86:02:c3:
80:d2:be:84:80:1e:78:b2:f5:f3:f3:82:1d:d3:87:21:3e:fe:
2a:d7:72:1d:d4:0e:77:1b:35:52:0d:5c:c3:41:05:45:1d:db:
c2:8a:15:da:cb:f4:90:5c:b7:d7:51:d5:e4:59:5d:88:89:05:
5a:6a:83:7e:1f:87:a4:a6:8e:71:ef:ef:ef:52:47:e3:f2:c8:
ab:87:29:01:6c:0f:2d:b1:ad:96:98:05:f3:28:15:be:17:6a:
60:b9:95:85:ed:be:03:e1:6f:d4:cc:f5:02:16:5d:db:08:94:
61:54:71:cc:e1:14:d6:ba:ca:31:1f:c5:db:e1:96:90:7d:be:
39:2d:6e:92:a7:f4:52:bc:99:37:d5:24:d5:e4:36:90:c8:f9:
a0:cb:a6:3e
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICRE8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTkx
NTUzMDZaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKERGQjYxMjAyMTYyOTU2
ODU1MkY2NjRGMzI2NDZEMjQyN0UxODcyMkUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCTBwiOajeHHEKablpTk/U9D5tjjtt0pO9v/AAYPul4gjBmuPU9
lKlXwn2JZyINK60y/l9WXtk9FXkfTY8VDDtuSLK90so+ldQDhuzqJNCm+Mgm9wK+
8XJBez0HUA/zAz0fdSWYKQEzlK5jltFp0ByAlZ5ZjxHa7kajJPSpOrShZCXR2Cwg
BO6qi+gUj9p9uIp9Ar5IvJ5PFbIZI+PLkb5EDew5nKPplJgvC5S0KOhzlgp/44yy
ika65cyjex5bvKuucim51JT9ofk/qPUZ/myt86lOfFO5Na2BzmXckN8AR3jLW3jN
hLO3cTdctiRLaov3YWjZh9sybgEmSwXfaCzRAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQU37YSAhYpVoVS9mTzJkbSQn4Yci4wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzM3WVNBaFlwVm9WUzlt
VHpKa2JTUW40WWNpNC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAELms0VgwwBqKaeYYkKBRTOpHCjJP1pn
+F0drGOzG0P5EbHyuD/FbUAf6oihn07v92cNgNMxagnFMJAkt8lxeoYPpKIwCEmR
XfvLR0fMwmIG1GL8ZmYxzXXimNGo47wybcu+2OmmnzgKbIYCw4DSvoSAHniy9fPz
gh3ThyE+/irXch3UDncbNVINXMNBBUUd28KKFdrL9JBct9dR1eRZXYiJBVpqg34f
h6SmjnHv7+9SR+PyyKuHKQFsDy2xrZaYBfMoFb4XamC5lYXtvgPhb9TM9QIWXdsI
lGFUcczhFNa6yjEfxdvhlpB9vjktbpKn9FK8mTfVJNXkNpDI+aDLpj4=
-----END CERTIFICATE-----
Generated at Fri Apr 19 23:24:43 2024 by rpki-client on console.sobornost.net