Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/6sRS4g0v0JHjqZ94QDMZfD0zeYU.roa
File: 6sRS4g0v0JHjqZ94QDMZfD0zeYU.roa (raw, json)
Hash identifier: dIxCurq69Fpz8Uk/a2AEq1/iLwP1nN4kv2pvnViY5zw=
Subject key identifier: EA:C4:52:E2:0D:2F:D0:91:E3:A9:9F:78:40:33:19:7C:3D:33:79:85
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 563F
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/6sRS4g0v0JHjqZ94QDMZfD0zeYU.roa
Signing time: Mon 13 May 2024 13:54:18 +0000
ROA not before: Mon 13 May 2024 13:54:18 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 22079 (0x563f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 13 13:54:18 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=EAC452E20D2FD091E3A99F784033197C3D337985
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:95:1b:c2:f1:93:e4:08:31:2a:f2:68:1f:b9:
77:f5:39:58:6b:45:d1:28:7d:e1:f2:32:5c:01:66:
77:77:e4:52:bf:26:14:a4:e6:fb:ef:7d:69:5c:01:
4d:57:50:a7:6e:65:ff:b1:9b:29:4f:b0:29:7c:1f:
e6:df:1e:ff:9b:4f:2b:b4:c0:27:1b:60:62:a7:e9:
47:87:7b:e8:83:1f:ad:b3:e1:57:ff:ac:19:20:a0:
e2:5c:ad:01:03:df:7e:df:b1:70:22:e9:cb:5d:04:
03:24:83:77:a8:03:77:65:10:34:06:67:36:22:e6:
47:8b:5f:60:b7:03:b8:23:ed:99:4f:38:8b:e7:2b:
45:5b:6b:a4:2c:bf:dd:0e:dd:8c:ce:ea:9c:71:57:
14:70:af:cc:af:ed:29:ae:d2:08:ae:b1:21:77:b3:
f4:7f:af:02:d9:e3:a7:d0:f9:2e:5a:50:96:32:5b:
c1:6f:03:f5:60:f6:90:97:63:02:c8:bd:36:fe:18:
4a:8a:37:ba:3f:37:c6:19:19:88:e9:a5:71:bb:70:
cc:37:ac:06:57:37:90:3b:37:07:c1:0e:86:30:1c:
07:83:13:f4:fb:71:8a:5c:7f:e5:7a:79:6b:c2:35:
94:3b:bd:c9:91:f0:8e:ec:bd:f8:64:1d:d2:fa:09:
1d:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:C4:52:E2:0D:2F:D0:91:E3:A9:9F:78:40:33:19:7C:3D:33:79:85
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/6sRS4g0v0JHjqZ94QDMZfD0zeYU.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
2f:2c:53:79:75:4d:d6:f2:aa:65:95:43:3a:78:f4:5d:01:98:
ac:8c:60:bb:08:4f:8b:7c:cf:4f:c4:26:47:25:ee:8b:e5:a3:
d7:48:6c:ce:9d:b2:0b:33:0e:72:7b:9c:dc:18:7a:dd:6b:21:
4c:a0:3d:c0:10:b9:de:df:0c:bb:a0:45:17:07:10:07:85:c9:
89:9c:df:f4:9e:b5:39:b0:2c:f3:a0:4a:ef:f3:ff:ba:06:97:
a8:c4:99:67:61:9d:7c:81:0c:c1:e2:dd:14:3c:62:27:4c:f7:
bb:0e:28:a7:34:d0:8d:93:90:54:0c:f8:02:0c:d4:bf:52:4a:
5d:52:2b:62:2c:78:31:a9:e3:91:3c:c1:41:da:a1:79:0d:44:
30:31:c6:e7:99:ad:d7:c8:8e:d6:b3:51:b4:dd:f9:ec:9a:4a:
7d:84:c5:c9:d9:a2:b6:90:bf:a5:19:b9:da:2f:d9:0c:63:b2:
b2:a8:7a:44:50:70:ee:e6:46:3f:46:df:45:bb:16:6b:d1:3e:
06:a1:96:1d:e6:d1:b4:9d:2c:fe:eb:94:c2:23:2c:05:34:2a:
28:ea:d3:1c:de:25:eb:76:16:5f:a9:c3:1c:0f:97:64:f1:2b:
eb:00:82:8c:55:fc:8e:e0:29:62:ed:50:71:bb:66:f5:d1:e5:
63:a3:48:20
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICVj8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MTMx
MzU0MThaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEVBQzQ1MkUyMEQyRkQw
OTFFM0E5OUY3ODQwMzMxOTdDM0QzMzc5ODUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCvlRvC8ZPkCDEq8mgfuXf1OVhrRdEofeHyMlwBZnd35FK/JhSk
5vvvfWlcAU1XUKduZf+xmylPsCl8H+bfHv+bTyu0wCcbYGKn6UeHe+iDH62z4Vf/
rBkgoOJcrQED337fsXAi6ctdBAMkg3eoA3dlEDQGZzYi5keLX2C3A7gj7ZlPOIvn
K0Vba6Qsv90O3YzO6pxxVxRwr8yv7Smu0giusSF3s/R/rwLZ46fQ+S5aUJYyW8Fv
A/Vg9pCXYwLIvTb+GEqKN7o/N8YZGYjppXG7cMw3rAZXN5A7NwfBDoYwHAeDE/T7
cYpcf+V6eWvCNZQ7vcmR8I7svfhkHdL6CR0hAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQU6sRS4g0v0JHjqZ94QDMZfD0zeYUwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzZzUlM0ZzB2MEpIanFa
OTRRRE1aZkQwemVZVS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAC8sU3l1TdbyqmWVQzp49F0BmKyMYLsI
T4t8z0/EJkcl7ovlo9dIbM6dsgszDnJ7nNwYet1rIUygPcAQud7fDLugRRcHEAeF
yYmc3/SetTmwLPOgSu/z/7oGl6jEmWdhnXyBDMHi3RQ8YidM97sOKKc00I2TkFQM
+AIM1L9SSl1SK2IseDGp45E8wUHaoXkNRDAxxueZrdfIjtazUbTd+eyaSn2ExcnZ
oraQv6UZudov2QxjsrKoekRQcO7mRj9G30W7FmvRPgahlh3m0bSdLP7rlMIjLAU0
Kijq0xzeJet2Fl+pwxwPl2TxK+sAgoxV/I7gKWLtUHG7ZvXR5WOjSCA=
-----END CERTIFICATE-----
Generated at Mon May 13 17:38:32 2024 by rpki-client on console.sobornost.net