Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/4-LGg-TqwoNY1Ln1OoBdAF-ukTo.roa
File: 4-LGg-TqwoNY1Ln1OoBdAF-ukTo.roa (raw, json)
Hash identifier: mgMvrPYaIhKB3YY2Gb7/Msz/fK8eG1dxvKfkIdhI2eg=
Subject key identifier: E3:E2:C6:83:E4:EA:C2:83:58:D4:B9:F5:3A:80:5D:00:5F:AE:91:3A
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4583
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/4-LGg-TqwoNY1Ln1OoBdAF-ukTo.roa
Signing time: Sun 21 Apr 2024 06:23:06 +0000
ROA not before: Sun 21 Apr 2024 06:23:06 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17795 (0x4583)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 21 06:23:06 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=E3E2C683E4EAC28358D4B9F53A805D005FAE913A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:89:6a:09:d3:68:42:74:45:27:f7:c2:5a:46:
24:f2:74:cc:4a:e6:f9:89:92:53:a3:8c:6a:07:71:
62:ec:04:8d:83:d7:a3:1f:8c:5f:59:14:4e:60:c3:
57:89:15:fe:c4:cc:68:07:d0:59:26:15:1c:9c:72:
da:54:65:16:1e:7e:bb:41:ed:d2:a7:92:fd:8e:78:
b5:81:6a:e7:07:71:ab:b5:e5:7f:bc:46:d8:4f:f2:
ab:86:09:e8:3b:14:e4:aa:90:22:d1:94:bf:6f:49:
9f:ec:98:b3:60:a4:b9:e1:c4:bc:28:83:12:04:aa:
08:47:29:b3:35:af:81:2d:fb:d6:76:5b:1a:28:41:
ef:3b:47:07:b8:90:c0:6a:9d:ea:48:91:97:e4:d3:
1c:64:ce:bd:53:0f:66:6e:d3:95:20:6b:6b:e0:72:
d5:22:c5:dc:91:03:93:c6:ab:a8:e7:85:fe:13:ec:
d3:44:2b:f5:9f:78:69:75:4b:3b:e6:e5:1e:a0:bb:
fb:f4:ba:a9:59:74:be:b7:a3:bd:ab:f4:92:e9:51:
33:ba:e7:9e:11:95:90:9f:a6:96:2c:d8:85:ad:e1:
fa:45:96:9c:35:b0:1d:82:91:55:f9:5d:91:68:cb:
4d:81:f2:32:45:1a:b6:c8:b0:e2:80:7c:08:c1:bb:
3a:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:E2:C6:83:E4:EA:C2:83:58:D4:B9:F5:3A:80:5D:00:5F:AE:91:3A
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/4-LGg-TqwoNY1Ln1OoBdAF-ukTo.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
42:25:1c:82:dd:4a:08:92:d8:80:75:d4:04:fe:82:ca:cf:59:
30:4d:20:f5:66:64:a7:7f:17:8a:ca:38:39:27:75:eb:20:6f:
cf:88:ad:0b:fe:ab:2b:3e:c2:c0:d2:c8:bb:bd:fe:08:60:6a:
ed:5e:80:c0:14:55:08:c5:4a:3a:29:06:df:de:26:d5:e4:9a:
0a:cf:72:76:16:54:6e:66:36:af:b3:f0:c4:55:e0:ee:4d:9c:
6e:56:00:0e:41:f3:c4:b9:bb:be:c8:5b:b7:8f:35:8f:77:87:
5f:09:fc:a3:ca:36:3f:a2:11:8f:21:12:5a:a6:26:cf:b8:e6:
68:f1:11:db:31:27:a0:02:49:20:b1:f1:93:b6:54:93:82:68:
61:34:74:b8:9b:33:b9:13:00:3b:92:c7:15:a3:9b:50:fa:6c:
98:8d:cf:57:fb:67:db:22:9e:c4:83:1f:b7:41:1c:90:9a:49:
3a:4f:ac:15:f0:32:6d:dd:ac:75:2a:7c:0f:31:1e:68:84:6c:
40:2b:af:1c:b5:78:0b:1a:fe:9a:4d:c7:db:6e:2d:bf:57:69:
94:e5:23:82:56:2c:d0:a2:da:53:31:46:e1:0e:32:b6:e8:8e:
40:1a:95:d5:4c:67:bf:b4:82:68:83:f2:80:96:c3:08:f7:38:
7b:d3:0e:1e
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICRYMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MjEw
NjIzMDZaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEUzRTJDNjgzRTRFQUMy
ODM1OEQ0QjlGNTNBODA1RDAwNUZBRTkxM0EwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDkiWoJ02hCdEUn98JaRiTydMxK5vmJklOjjGoHcWLsBI2D16Mf
jF9ZFE5gw1eJFf7EzGgH0FkmFRycctpUZRYefrtB7dKnkv2OeLWBaucHcau15X+8
RthP8quGCeg7FOSqkCLRlL9vSZ/smLNgpLnhxLwogxIEqghHKbM1r4Et+9Z2Wxoo
Qe87Rwe4kMBqnepIkZfk0xxkzr1TD2Zu05Uga2vgctUixdyRA5PGq6jnhf4T7NNE
K/WfeGl1Szvm5R6gu/v0uqlZdL63o72r9JLpUTO6554RlZCfppYs2IWt4fpFlpw1
sB2CkVX5XZFoy02B8jJFGrbIsOKAfAjBuzqZAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQU4+LGg+TqwoNY1Ln1OoBdAF+ukTowHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzQtTEdnLVRxd29OWTFM
bjFPb0JkQUYtdWtUby5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAEIlHILdSgiS2IB11AT+gsrPWTBNIPVm
ZKd/F4rKODkndesgb8+IrQv+qys+wsDSyLu9/ghgau1egMAUVQjFSjopBt/eJtXk
mgrPcnYWVG5mNq+z8MRV4O5NnG5WAA5B88S5u77IW7ePNY93h18J/KPKNj+iEY8h
ElqmJs+45mjxEdsxJ6ACSSCx8ZO2VJOCaGE0dLibM7kTADuSxxWjm1D6bJiNz1f7
Z9sinsSDH7dBHJCaSTpPrBXwMm3drHUqfA8xHmiEbEArrxy1eAsa/ppNx9tuLb9X
aZTlI4JWLNCi2lMxRuEOMrbojkAaldVMZ7+0gmiD8oCWwwj3OHvTDh4=
-----END CERTIFICATE-----
Generated at Sun Apr 21 13:43:41 2024 by rpki-client on console.sobornost.net