Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/Ao7dz3niYuVQDKWGFIMVQHzZkLs.roa
File: Ao7dz3niYuVQDKWGFIMVQHzZkLs.roa (raw, json)
Hash identifier: V4ZIdP8vFfjp45TRayLYKBDcK7DH2JZittqhAhsOcvg=
Subject key identifier: 02:8E:DD:CF:79:E2:62:E5:50:0C:A5:86:14:83:15:40:7C:D9:90:BB
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 54EB
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/Ao7dz3niYuVQDKWGFIMVQHzZkLs.roa
Signing time: Sat 11 May 2024 19:24:04 +0000
ROA not before: Sat 11 May 2024 19:24:04 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21739 (0x54eb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 11 19:24:04 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=028EDDCF79E262E5500CA586148315407CD990BB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:60:9a:e0:07:f8:05:f6:d6:8b:14:53:25:34:
c2:75:60:95:89:e7:09:7c:4a:bd:3d:b6:22:5d:4b:
1e:de:36:ab:7e:21:ad:cb:94:1f:91:a6:3b:f9:2e:
1a:3a:6d:ac:5c:50:6b:e4:bb:32:de:a2:24:74:33:
38:0c:ad:1e:af:fe:c6:00:3f:dc:2b:14:63:26:86:
18:1c:5c:15:c3:a9:c3:3d:b9:46:3a:9d:fa:ed:45:
81:67:84:46:5f:99:b5:4b:3e:77:5b:25:c6:05:54:
da:8d:34:a1:1a:ef:a0:0e:70:a2:c6:7a:4b:a9:48:
d8:3c:36:e5:3e:7a:ea:b4:3d:21:75:38:79:55:28:
fb:36:f8:13:50:5d:c1:d5:8e:85:2e:13:e8:15:33:
b1:97:4b:57:51:79:c7:c9:d6:ae:ea:b2:e5:81:ef:
31:bd:28:2d:f1:98:6a:62:41:ac:f5:62:b0:c7:f9:
b9:ae:b2:81:5b:de:6f:4b:60:a7:30:90:2c:3a:73:
ca:0c:36:a6:58:3d:5e:5d:0b:6b:98:6a:5c:5d:a7:
8c:8b:fa:85:d0:0a:ab:ed:a2:36:e7:b6:26:44:4a:
a1:ce:c8:02:60:ad:25:f8:68:c6:d4:f3:c7:3c:7b:
95:30:12:e8:94:63:da:b3:00:3e:a9:93:84:ec:1e:
a1:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:8E:DD:CF:79:E2:62:E5:50:0C:A5:86:14:83:15:40:7C:D9:90:BB
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/Ao7dz3niYuVQDKWGFIMVQHzZkLs.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
07:92:72:28:99:88:45:5b:40:eb:95:bf:69:2d:eb:50:d1:a6:
a7:82:ce:c8:8a:70:83:b2:fd:4c:30:4b:e6:87:e4:83:0a:35:
62:e0:76:03:3d:21:16:2b:db:5c:78:4f:c0:c1:67:73:aa:91:
8b:03:db:f7:59:c7:4d:d0:64:48:b2:b0:00:d9:b4:3d:e3:93:
ff:cf:67:3b:6f:e1:c4:dd:08:30:79:ee:36:da:30:46:e9:1c:
38:3b:eb:49:f2:16:fd:3a:a0:1b:37:59:8f:1c:7b:2d:74:b5:
dd:77:e1:69:95:c3:4e:51:0e:7d:29:ce:fc:42:fd:33:6d:32:
55:aa:6c:41:e9:d5:aa:06:b0:59:78:0f:fe:27:99:34:c0:b6:
44:ce:c4:a7:38:19:e8:64:f8:8a:3c:dd:73:bc:71:b4:dc:f9:
ea:df:5f:02:61:e7:d4:47:fc:76:d2:01:54:ad:67:fd:ce:10:
9d:82:d0:14:84:9a:fa:bc:0a:bb:7c:62:56:24:55:06:39:ed:
bd:38:b1:dc:05:8a:f1:9c:e3:a3:21:7f:6d:19:be:88:8c:8c:
c7:ae:ec:81:b4:80:69:74:0c:d9:f9:10:65:2d:45:5a:19:15:
1e:b3:f8:22:08:1d:a9:b1:46:f8:7a:c3:65:72:19:b3:27:7f:
ed:01:84:52
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICVOswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MTEx
OTI0MDRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDAyOEVERENGNzlFMjYy
RTU1MDBDQTU4NjE0ODMxNTQwN0NEOTkwQkIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCyYJrgB/gF9taLFFMlNMJ1YJWJ5wl8Sr09tiJdSx7eNqt+Ia3L
lB+Rpjv5Lho6baxcUGvkuzLeoiR0MzgMrR6v/sYAP9wrFGMmhhgcXBXDqcM9uUY6
nfrtRYFnhEZfmbVLPndbJcYFVNqNNKEa76AOcKLGekupSNg8NuU+euq0PSF1OHlV
KPs2+BNQXcHVjoUuE+gVM7GXS1dRecfJ1q7qsuWB7zG9KC3xmGpiQaz1YrDH+bmu
soFb3m9LYKcwkCw6c8oMNqZYPV5dC2uYalxdp4yL+oXQCqvtojbntiZESqHOyAJg
rSX4aMbU88c8e5UwEuiUY9qzAD6pk4TsHqGDAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUAo7dz3niYuVQDKWGFIMVQHzZkLswHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0FvN2R6M25pWXVWUURL
V0dGSU1WUUh6WmtMcy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAAeSciiZiEVbQOuVv2kt61DRpqeCzsiK
cIOy/UwwS+aH5IMKNWLgdgM9IRYr21x4T8DBZ3OqkYsD2/dZx03QZEiysADZtD3j
k//PZztv4cTdCDB57jbaMEbpHDg760nyFv06oBs3WY8cey10td134WmVw05RDn0p
zvxC/TNtMlWqbEHp1aoGsFl4D/4nmTTAtkTOxKc4Gehk+Io83XO8cbTc+erfXwJh
59RH/HbSAVStZ/3OEJ2C0BSEmvq8Crt8YlYkVQY57b04sdwFivGc46Mhf20ZvoiM
jMeu7IG0gGl0DNn5EGUtRVoZFR6z+CIIHamxRvh6w2VyGbMnf+0BhFI=
-----END CERTIFICATE-----
Generated at Sun May 12 00:32:58 2024 by rpki-client on console.sobornost.net