Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/4edY5pziiv5ya3Zp8VqGIaSgVuw.roa
File: 4edY5pziiv5ya3Zp8VqGIaSgVuw.roa (raw, json)
Hash identifier: dfXzE3POyK+cJHEWRQRw6JIC4uZyMc+oBphDY15jmdI=
Subject key identifier: E1:E7:58:E6:9C:E2:8A:FE:72:6B:76:69:F1:5A:86:21:A4:A0:56:EC
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 557B
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/4edY5pziiv5ya3Zp8VqGIaSgVuw.roa
Signing time: Sun 12 May 2024 13:24:15 +0000
ROA not before: Sun 12 May 2024 13:24:15 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21883 (0x557b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 12 13:24:15 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=E1E758E69CE28AFE726B7669F15A8621A4A056EC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:af:2a:8a:57:cf:ff:a7:56:87:11:f0:f1:76:
53:ff:bf:e7:c4:b5:f6:44:cc:45:aa:c4:02:9f:af:
19:96:ac:9a:44:95:fc:58:40:0d:01:2f:8b:dd:a9:
dc:9f:fd:be:c6:c3:2c:6f:65:50:75:0e:33:28:4d:
fd:ce:27:49:97:11:45:55:e6:1e:00:c9:06:99:ec:
30:74:5d:5f:d8:d3:9e:6a:f2:c3:55:e5:86:e5:45:
ed:dd:0e:d1:9e:d4:89:73:86:29:b6:e5:bf:d7:c8:
a3:d9:c4:b8:c1:e0:67:5b:a7:9d:e0:44:83:ff:1d:
cf:e8:38:34:7e:bd:2c:9f:04:78:81:bc:c1:38:c1:
de:20:de:1f:00:6a:ab:1b:a9:c1:7e:2d:a6:4a:af:
fd:19:c2:fa:23:d2:65:3c:94:37:14:d8:67:f2:95:
38:65:7e:fc:8e:9f:f2:2b:82:03:8e:33:9b:e9:e7:
6d:fc:a9:fa:ca:e7:b3:e7:19:e3:69:b3:92:bd:51:
7d:29:09:b5:c2:73:54:79:de:f1:04:71:66:db:84:
a9:a2:50:47:4e:d2:61:02:1b:97:5c:7e:a6:16:1c:
59:c3:d9:13:0f:d8:ab:4a:e9:7c:d6:d9:53:1b:38:
f0:cb:64:b1:6e:53:b9:64:7f:db:cd:bd:c4:0c:e2:
c6:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:E7:58:E6:9C:E2:8A:FE:72:6B:76:69:F1:5A:86:21:A4:A0:56:EC
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/4edY5pziiv5ya3Zp8VqGIaSgVuw.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
aa:5c:ee:2d:73:fd:e0:81:63:46:86:20:2a:8f:cb:c9:9e:9f:
51:27:90:6c:9a:36:b5:4c:8e:65:e3:61:9d:d4:a1:ee:9b:53:
ce:97:b4:98:07:3d:64:ce:7e:58:56:96:e0:0a:ad:e8:f4:43:
04:42:67:34:fa:37:58:8c:38:3a:3c:db:df:7e:ab:48:e2:da:
83:d8:c7:1b:05:58:03:8f:63:e7:93:b2:2d:12:d2:f1:3a:c4:
a6:10:aa:c4:32:db:a1:76:e8:20:61:f2:09:ad:9a:44:2f:5a:
c8:77:91:df:4e:f7:cc:0e:0c:fc:11:a7:5f:00:a2:56:53:92:
07:a7:e8:b7:54:c4:f4:a9:f7:8e:a6:17:72:93:30:ba:54:80:
f8:03:ba:64:ad:f0:37:3e:94:f9:a5:df:e7:f6:1f:51:fc:65:
0f:e9:dd:7b:c0:97:1e:f2:92:e2:26:ee:66:a1:9a:df:a9:53:
be:19:79:80:56:f9:6f:db:e1:74:bf:51:97:a8:29:3a:12:85:
20:d4:8a:45:c6:3a:db:97:ed:93:f4:2e:c4:5a:a2:cd:ad:24:
34:e3:5a:d1:43:2e:62:7f:b8:fd:93:68:59:f7:40:bd:e7:b6:
6d:fb:13:aa:f4:92:74:fa:c4:15:c8:a3:32:9d:9d:c8:34:51:
cf:e8:9a:b5
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICVXswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MTIx
MzI0MTVaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEUxRTc1OEU2OUNFMjhB
RkU3MjZCNzY2OUYxNUE4NjIxQTRBMDU2RUMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCiryqKV8//p1aHEfDxdlP/v+fEtfZEzEWqxAKfrxmWrJpElfxY
QA0BL4vdqdyf/b7GwyxvZVB1DjMoTf3OJ0mXEUVV5h4AyQaZ7DB0XV/Y055q8sNV
5YblRe3dDtGe1Ilzhim25b/XyKPZxLjB4Gdbp53gRIP/Hc/oODR+vSyfBHiBvME4
wd4g3h8AaqsbqcF+LaZKr/0Zwvoj0mU8lDcU2GfylThlfvyOn/IrggOOM5vp5238
qfrK57PnGeNps5K9UX0pCbXCc1R53vEEcWbbhKmiUEdO0mECG5dcfqYWHFnD2RMP
2KtK6XzW2VMbOPDLZLFuU7lkf9vNvcQM4sYpAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQU4edY5pziiv5ya3Zp8VqGIaSgVuwwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzRlZFk1cHppaXY1eWEz
WnA4VnFHSWFTZ1Z1dy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAKpc7i1z/eCBY0aGICqPy8men1EnkGya
NrVMjmXjYZ3Uoe6bU86XtJgHPWTOflhWluAKrej0QwRCZzT6N1iMODo8299+q0ji
2oPYxxsFWAOPY+eTsi0S0vE6xKYQqsQy26F26CBh8gmtmkQvWsh3kd9O98wODPwR
p18AolZTkgen6LdUxPSp946mF3KTMLpUgPgDumSt8Dc+lPml3+f2H1H8ZQ/p3XvA
lx7ykuIm7mahmt+pU74ZeYBW+W/b4XS/UZeoKToShSDUikXGOtuX7ZP0LsRaos2t
JDTjWtFDLmJ/uP2TaFn3QL3ntm37E6r0knT6xBXIozKdncg0Uc/omrU=
-----END CERTIFICATE-----
Generated at Sun May 12 16:26:51 2024 by rpki-client on console.sobornost.net