Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/59zDGESYO4yr4lUmRKS5K5EuuSc.roa
File: 59zDGESYO4yr4lUmRKS5K5EuuSc.roa (raw, json)
Hash identifier: ToiTDGHwvoMxZBCwkaaMglwVlDFYXy2LWdnh5QUAHNk=
Subject key identifier: E7:DC:C3:18:44:98:3B:8C:AB:E2:55:26:44:A4:B9:2B:91:2E:B9:27
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 41D7
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/59zDGESYO4yr4lUmRKS5K5EuuSc.roa
Signing time: Tue 16 Apr 2024 08:52:56 +0000
ROA not before: Tue 16 Apr 2024 08:52:56 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16855 (0x41d7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 16 08:52:56 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=E7DCC31844983B8CABE2552644A4B92B912EB927
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:dc:54:cd:4e:18:77:da:ff:fa:1f:3f:d9:55:
ac:78:96:7a:17:fd:00:80:40:40:80:e1:ed:62:98:
e4:61:43:bb:16:df:8e:c4:ff:f4:05:33:d0:2e:9a:
f0:93:87:c5:ee:08:0d:90:3c:32:cf:aa:89:c4:61:
97:a0:55:62:13:1f:51:f2:ca:59:75:b3:6a:fb:97:
a0:86:bd:d9:18:2f:9d:88:39:d8:87:26:82:5e:21:
17:7d:71:46:97:1f:9b:fd:bd:39:59:5d:ea:4e:65:
8f:08:42:4a:e5:4c:66:8b:ff:0f:e0:ee:e1:82:ee:
97:45:b8:28:d0:1a:0e:de:a4:39:ec:e8:2c:06:42:
be:02:7a:80:0f:7c:e7:a1:fa:28:9a:bb:ba:c0:4d:
cd:2f:43:de:c7:8d:31:37:6b:96:dd:0c:da:ff:e6:
ff:41:30:5f:26:f4:a7:b6:ba:91:5f:5d:80:45:fa:
5f:d9:ca:e6:4f:d1:52:65:83:cd:9a:5c:b2:16:71:
f2:7a:ec:b5:69:a0:68:b7:2c:fc:aa:ce:b6:85:1e:
a4:92:ef:b2:7b:96:32:1c:9f:28:af:3e:50:a0:ed:
50:87:c6:7c:5d:fc:dd:56:dd:64:db:9b:30:28:d0:
e3:c1:22:71:69:b7:04:b8:fb:de:5e:2a:56:c3:42:
fd:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:DC:C3:18:44:98:3B:8C:AB:E2:55:26:44:A4:B9:2B:91:2E:B9:27
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/59zDGESYO4yr4lUmRKS5K5EuuSc.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
5c:02:f3:48:2e:99:f5:4e:b3:a1:08:4a:9e:0b:d1:53:c1:9d:
f9:14:33:87:d6:49:aa:56:b6:6d:d8:f3:4c:69:98:65:30:17:
2e:8d:c2:aa:80:9e:f4:82:35:a0:15:dc:83:ff:c8:7f:e0:c9:
7b:f9:df:a1:e6:f0:59:69:d7:c4:96:ae:15:16:4d:66:fa:2e:
82:3e:e7:1f:df:83:59:3e:ca:3b:d5:39:6d:c3:68:5c:cf:e6:
f8:b7:cd:ec:6d:6d:d9:66:41:7f:06:9d:e8:6b:10:5b:7a:bd:
0a:3e:4b:2c:47:70:15:48:8e:e9:05:2f:bc:ca:64:2e:5d:bd:
c8:c7:18:de:26:20:fd:f1:3d:4e:31:f7:c7:c6:1c:e7:3b:4d:
58:67:7f:c9:89:9b:93:33:ab:01:a7:cb:30:d9:5d:4a:e3:d4:
bb:0a:2d:94:2a:91:9f:c9:69:9c:5c:15:af:e7:fb:a5:9e:53:
d0:8f:6b:00:d5:ae:0e:82:f2:f2:3a:6d:3a:c8:2f:20:16:a4:
65:9a:70:90:ff:66:3e:12:1d:28:27:a8:b0:6c:43:0e:7f:a9:
a3:07:e2:40:92:ec:3c:bc:8e:cd:3e:cd:bf:64:15:47:3a:0c:
ed:7e:11:03:3f:83:c0:01:72:12:44:30:a5:5c:3b:ff:8c:0f:
8b:42:46:d6
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICQdcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTYw
ODUyNTZaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEU3RENDMzE4NDQ5ODNC
OENBQkUyNTUyNjQ0QTRCOTJCOTEyRUI5MjcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC53FTNThh32v/6Hz/ZVax4lnoX/QCAQECA4e1imORhQ7sW347E
//QFM9AumvCTh8XuCA2QPDLPqonEYZegVWITH1Hyyll1s2r7l6CGvdkYL52IOdiH
JoJeIRd9cUaXH5v9vTlZXepOZY8IQkrlTGaL/w/g7uGC7pdFuCjQGg7epDns6CwG
Qr4CeoAPfOeh+iiau7rATc0vQ97HjTE3a5bdDNr/5v9BMF8m9Ke2upFfXYBF+l/Z
yuZP0VJlg82aXLIWcfJ67LVpoGi3LPyqzraFHqSS77J7ljIcnyivPlCg7VCHxnxd
/N1W3WTbmzAo0OPBInFptwS4+95eKlbDQv2vAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQU59zDGESYO4yr4lUmRKS5K5EuuScwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzU5ekRHRVNZTzR5cjRs
VW1SS1M1SzVFdXVTYy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAFwC80gumfVOs6EISp4L0VPBnfkUM4fW
SapWtm3Y80xpmGUwFy6NwqqAnvSCNaAV3IP/yH/gyXv536Hm8Flp18SWrhUWTWb6
LoI+5x/fg1k+yjvVOW3DaFzP5vi3zextbdlmQX8GnehrEFt6vQo+SyxHcBVIjukF
L7zKZC5dvcjHGN4mIP3xPU4x98fGHOc7TVhnf8mJm5MzqwGnyzDZXUrj1LsKLZQq
kZ/JaZxcFa/n+6WeU9CPawDVrg6C8vI6bTrILyAWpGWacJD/Zj4SHSgnqLBsQw5/
qaMH4kCS7Dy8js0+zb9kFUc6DO1+EQM/g8ABchJEMKVcO/+MD4tCRtY=
-----END CERTIFICATE-----
Generated at Tue Apr 16 12:19:23 2024 by rpki-client on console.sobornost.net