Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/Bz50dIROpZlavfyXbNRrlwYb270.roa
File: Bz50dIROpZlavfyXbNRrlwYb270.roa (raw, json)
Hash identifier: 15cSoI44C42irwcGodeiNElB7Shpn0sDLbPF93MH6QQ=
Subject key identifier: 07:3E:74:74:84:4E:A5:99:5A:BD:FC:97:6C:D4:6B:97:06:1B:DB:BD
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3EC3
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/Bz50dIROpZlavfyXbNRrlwYb270.roa
Signing time: Fri 12 Apr 2024 06:22:47 +0000
ROA not before: Fri 12 Apr 2024 06:22:47 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16067 (0x3ec3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 12 06:22:47 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=073E7474844EA5995ABDFC976CD46B97061BDBBD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:19:8c:dc:a6:ce:4f:5b:52:41:27:0e:1d:7c:
61:36:cf:dc:8c:92:05:ad:8c:40:c1:74:fa:30:6f:
40:4a:47:aa:08:9d:82:54:79:4d:a9:e0:98:0b:2b:
0b:8a:f7:73:5e:d4:bd:7a:23:41:2f:e9:3d:d9:3d:
1b:d7:dc:d1:f1:9c:9f:3d:e9:c0:d6:9f:1a:ec:cb:
39:0c:a9:4c:c4:f6:17:1e:90:a2:a9:a7:83:69:3f:
1a:60:fe:6b:51:30:45:0a:bc:b3:65:ce:d2:8a:fc:
91:2e:f7:d0:ec:0e:c5:a8:3b:e9:27:b6:ce:7e:f8:
49:7e:4e:cd:f0:a6:c7:83:0c:6f:1c:bb:92:af:17:
4c:b6:43:af:4c:bd:05:21:c9:1d:93:f7:0b:e9:a5:
2b:ea:8c:3e:eb:26:2a:dc:b4:c0:5f:ec:7e:d9:da:
3f:29:db:14:af:f4:16:96:7a:46:f0:30:57:c6:8d:
05:e8:0c:94:79:19:1e:69:ca:25:28:ca:a3:90:d6:
11:32:cc:04:bb:bb:76:a5:60:6d:d2:e5:c8:ad:e7:
05:8a:fc:6d:66:bc:b2:37:25:03:92:32:29:fa:b8:
df:e4:3a:7b:53:ba:81:d4:a8:0a:fb:52:cf:ed:d5:
d7:10:80:09:d4:69:f0:2c:27:1d:9c:28:15:19:3f:
09:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:3E:74:74:84:4E:A5:99:5A:BD:FC:97:6C:D4:6B:97:06:1B:DB:BD
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/Bz50dIROpZlavfyXbNRrlwYb270.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
b8:4c:66:6b:ed:46:49:c2:a9:34:27:c2:29:12:f8:8a:d7:f1:
87:b3:c9:29:a6:ee:1f:60:b7:51:ba:7c:dc:6c:57:74:c4:6f:
e2:ec:6d:99:f0:d4:5a:de:2d:d6:71:6c:3e:da:de:50:99:74:
a9:36:9e:81:73:ed:25:ee:5a:5a:d4:69:d2:09:ca:1e:b7:ad:
f3:17:f7:90:44:f1:0b:65:8a:70:99:f9:01:68:99:cc:c5:8e:
96:e2:83:be:15:62:60:33:13:96:c7:5e:69:59:e4:12:5c:1b:
e7:4d:89:b2:d5:c3:ec:d6:26:e6:a3:85:f8:b4:8c:42:5c:b2:
cb:9b:bd:ef:92:c8:db:1f:e7:9f:92:89:9a:bd:76:ff:42:02:
66:7c:0e:70:7a:b8:b6:11:d6:79:ff:f5:0d:32:36:20:de:3f:
38:9f:a7:62:15:21:a8:39:71:67:a1:2a:2b:0c:3f:4a:2f:5f:
ed:3a:39:ee:df:90:c9:06:02:63:ff:51:5e:7c:31:65:61:a1:
c1:4c:25:fb:71:ef:85:39:a8:9e:94:d1:21:36:69:12:14:9a:
d8:b0:38:85:69:81:6f:7d:af:f0:92:fa:a1:54:ad:27:48:3f:
41:cf:be:6c:19:43:3d:ab:0c:75:51:d8:a9:23:8d:23:97:20:
51:07:ea:ad
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICPsMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTIw
NjIyNDdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDA3M0U3NDc0ODQ0RUE1
OTk1QUJERkM5NzZDRDQ2Qjk3MDYxQkRCQkQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCpGYzcps5PW1JBJw4dfGE2z9yMkgWtjEDBdPowb0BKR6oInYJU
eU2p4JgLKwuK93Ne1L16I0Ev6T3ZPRvX3NHxnJ896cDWnxrsyzkMqUzE9hcekKKp
p4NpPxpg/mtRMEUKvLNlztKK/JEu99DsDsWoO+knts5++El+Ts3wpseDDG8cu5Kv
F0y2Q69MvQUhyR2T9wvppSvqjD7rJirctMBf7H7Z2j8p2xSv9BaWekbwMFfGjQXo
DJR5GR5pyiUoyqOQ1hEyzAS7u3alYG3S5cit5wWK/G1mvLI3JQOSMin6uN/kOntT
uoHUqAr7Us/t1dcQgAnUafAsJx2cKBUZPwmbAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUBz50dIROpZlavfyXbNRrlwYb270wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0J6NTBkSVJPcFpsYXZm
eVhiTlJybHdZYjI3MC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBALhMZmvtRknCqTQnwikS+IrX8YezySmm
7h9gt1G6fNxsV3TEb+LsbZnw1FreLdZxbD7a3lCZdKk2noFz7SXuWlrUadIJyh63
rfMX95BE8QtlinCZ+QFomczFjpbig74VYmAzE5bHXmlZ5BJcG+dNibLVw+zWJuaj
hfi0jEJcssubve+SyNsf55+SiZq9dv9CAmZ8DnB6uLYR1nn/9Q0yNiDePzifp2IV
Iag5cWehKisMP0ovX+06Oe7fkMkGAmP/UV58MWVhocFMJftx74U5qJ6U0SE2aRIU
mtiwOIVpgW99r/CS+qFUrSdIP0HPvmwZQz2rDHVR2KkjjSOXIFEH6q0=
-----END CERTIFICATE-----
Generated at Fri Apr 12 12:41:58 2024 by rpki-client on console.sobornost.net