Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/CBu3L0_Z5EGQNWtieZM5Tcb-ThQ.roa
File: CBu3L0_Z5EGQNWtieZM5Tcb-ThQ.roa (raw, json)
Hash identifier: glYpn+UqonN4xBokGeTgmYZC1nDSR1XG0Ml4X/lsjdE=
Subject key identifier: 08:1B:B7:2F:4F:D9:E4:41:90:35:6B:62:79:93:39:4D:C6:FE:4E:14
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4133
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/CBu3L0_Z5EGQNWtieZM5Tcb-ThQ.roa
Signing time: Mon 15 Apr 2024 12:22:54 +0000
ROA not before: Mon 15 Apr 2024 12:22:54 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16691 (0x4133)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 15 12:22:54 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=081BB72F4FD9E44190356B627993394DC6FE4E14
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:07:21:42:a5:55:72:18:6c:a1:46:07:48:67:
9a:27:19:ae:23:b4:f8:94:e6:ee:0d:cc:9e:15:0e:
40:d2:f4:59:24:7a:bf:6e:ee:fe:02:f8:03:39:6d:
52:11:9b:6e:0d:71:45:38:ff:4f:6f:6a:2c:fc:58:
f4:be:1a:ca:9f:02:51:44:ab:a5:22:98:2e:94:2a:
ca:f1:39:24:f3:68:f5:88:ce:39:43:ed:11:4c:5a:
fb:e7:42:14:00:01:85:79:cc:aa:6a:5a:57:7d:cb:
91:b1:28:5d:90:59:9a:05:2b:ad:0c:ad:df:bd:21:
6e:f4:2b:ce:a0:b8:52:4b:55:ae:7c:a4:3a:29:d8:
d9:47:8b:e5:55:31:a6:e4:54:42:86:ce:33:05:fa:
ad:30:a2:82:84:3a:ae:43:8c:21:5b:e0:10:72:f3:
a0:72:9e:a9:25:55:03:eb:c7:2d:de:85:2d:26:0d:
14:20:5e:c7:2c:25:99:1f:c3:6a:a6:54:35:74:62:
9f:f9:22:58:c2:cc:a6:60:3e:51:70:87:63:38:b3:
62:10:04:58:78:4d:dc:25:1a:57:0e:54:58:7c:e4:
df:d6:76:96:28:24:a3:7d:f5:18:33:de:ac:6c:d2:
d2:fb:8e:bf:33:a8:14:7c:78:03:95:97:65:0c:6a:
8a:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:1B:B7:2F:4F:D9:E4:41:90:35:6B:62:79:93:39:4D:C6:FE:4E:14
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/CBu3L0_Z5EGQNWtieZM5Tcb-ThQ.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
5f:ee:af:d8:0e:f3:b5:b7:df:e4:03:40:53:56:7d:6f:a3:f1:
15:08:ee:b0:76:93:6a:39:94:29:33:8f:c1:39:bf:f6:72:81:
e9:76:6d:4e:42:22:02:7d:7e:cc:7d:1c:f1:db:14:31:2c:da:
fc:3a:db:e7:64:4d:7f:ce:bf:c1:3c:21:68:76:94:36:8f:de:
02:a8:8f:90:0e:08:53:ba:54:5b:12:e8:3e:df:25:a8:a6:45:
a5:cb:2f:08:a1:33:06:6b:1d:30:b6:85:e7:e7:76:f4:c5:b9:
5b:0b:d9:f4:ee:be:bd:67:74:22:06:b1:d9:c5:36:2f:7f:9d:
60:9f:aa:6f:4d:df:bd:2e:56:d2:77:e5:83:b2:3b:62:a5:58:
c4:2f:9f:f9:80:c6:b8:ae:6d:ee:be:3b:67:f9:ed:12:fc:ac:
80:7b:58:3d:3c:85:92:12:65:f1:09:9d:fe:23:37:f6:10:76:
aa:d1:fc:c3:5b:2a:b1:00:43:e0:10:59:e1:e4:cf:9c:ed:c8:
00:68:43:9b:05:17:a5:68:97:8c:54:0c:9e:80:d1:e8:23:7b:
d6:63:66:e8:8e:01:0c:02:24:9a:95:74:ec:9a:ff:5c:2a:52:
51:01:de:ec:e8:a3:bc:71:9b:9c:13:a3:ee:0e:fd:2c:e3:9d:
30:f9:07:cc
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICQTMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTUx
MjIyNTRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDA4MUJCNzJGNEZEOUU0
NDE5MDM1NkI2Mjc5OTMzOTREQzZGRTRFMTQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCyByFCpVVyGGyhRgdIZ5onGa4jtPiU5u4NzJ4VDkDS9Fkker9u
7v4C+AM5bVIRm24NcUU4/09vaiz8WPS+GsqfAlFEq6UimC6UKsrxOSTzaPWIzjlD
7RFMWvvnQhQAAYV5zKpqWld9y5GxKF2QWZoFK60Mrd+9IW70K86guFJLVa58pDop
2NlHi+VVMabkVEKGzjMF+q0wooKEOq5DjCFb4BBy86BynqklVQPrxy3ehS0mDRQg
XscsJZkfw2qmVDV0Yp/5IljCzKZgPlFwh2M4s2IQBFh4TdwlGlcOVFh85N/WdpYo
JKN99Rgz3qxs0tL7jr8zqBR8eAOVl2UMaopXAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUCBu3L0/Z5EGQNWtieZM5Tcb+ThQwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0NCdTNMMF9aNUVHUU5X
dGllWk01VGNiLVRoUS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAF/ur9gO87W33+QDQFNWfW+j8RUI7rB2
k2o5lCkzj8E5v/Zygel2bU5CIgJ9fsx9HPHbFDEs2vw62+dkTX/Ov8E8IWh2lDaP
3gKoj5AOCFO6VFsS6D7fJaimRaXLLwihMwZrHTC2hefndvTFuVsL2fTuvr1ndCIG
sdnFNi9/nWCfqm9N370uVtJ35YOyO2KlWMQvn/mAxriube6+O2f57RL8rIB7WD08
hZISZfEJnf4jN/YQdqrR/MNbKrEAQ+AQWeHkz5ztyABoQ5sFF6Vol4xUDJ6A0egj
e9ZjZuiOAQwCJJqVdOya/1wqUlEB3uzoo7xxm5wTo+4O/SzjnTD5B8w=
-----END CERTIFICATE-----
Generated at Mon Apr 15 19:41:48 2024 by rpki-client on console.sobornost.net