Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/F40uZUh2jjcACcyJ7XVYZLtoosA.roa
File: F40uZUh2jjcACcyJ7XVYZLtoosA.roa (raw, json)
Hash identifier: ULMXQIG2SVKAfhD07man2bCr2iw+C+Oy6XYTubmjyhw=
Subject key identifier: 17:8D:2E:65:48:76:8E:37:00:09:CC:89:ED:75:58:64:BB:68:A2:C0
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4363
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/F40uZUh2jjcACcyJ7XVYZLtoosA.roa
Signing time: Thu 18 Apr 2024 10:23:01 +0000
ROA not before: Thu 18 Apr 2024 10:23:01 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17251 (0x4363)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 18 10:23:01 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=178D2E6548768E370009CC89ED755864BB68A2C0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:6a:d3:4b:2b:10:8e:d0:c0:d8:62:df:d3:b5:
13:0a:18:32:76:70:21:9f:64:aa:f1:13:71:4c:b3:
e3:a5:bd:33:66:22:47:73:ec:7a:f8:cb:a4:1a:6a:
35:dc:8a:62:c5:cd:4b:93:fd:c7:37:8c:26:e0:c3:
e5:59:61:03:6c:af:39:ab:cd:20:29:fd:c6:9c:69:
b1:1a:b9:f6:20:db:35:f7:1e:54:a5:1d:7b:66:b9:
53:29:12:12:80:b7:95:45:42:0c:3b:69:89:a0:5c:
b9:86:ad:50:05:b2:f8:38:43:5b:00:9c:6c:fa:99:
de:f4:94:3d:4f:9a:fe:88:98:0f:b2:dc:be:9d:2f:
a1:2d:64:2e:60:ed:a5:0f:e6:bd:17:86:d9:e2:33:
67:0b:f4:19:a5:67:c7:4b:55:98:83:e7:77:d0:ea:
24:65:9d:8a:96:bb:6c:fe:1f:97:df:50:f4:3e:f9:
bf:9c:e5:c1:9f:64:8e:23:c2:f8:ee:e1:e2:08:d8:
2d:ac:cc:5e:8b:06:49:ec:31:cd:c1:d8:7b:d8:a0:
91:cb:be:4b:c3:a2:02:d6:a0:5b:38:13:e1:cd:75:
93:25:a0:4a:a7:ce:66:20:33:a9:d0:3c:ad:29:a3:
f6:4d:de:18:3b:69:65:cc:2f:61:6e:dd:8b:ac:a5:
4a:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:8D:2E:65:48:76:8E:37:00:09:CC:89:ED:75:58:64:BB:68:A2:C0
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/F40uZUh2jjcACcyJ7XVYZLtoosA.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
3a:9b:e8:e5:4d:5a:1d:07:9d:99:1c:24:ee:72:a5:1d:fd:bb:
01:4d:0c:d3:bf:d6:9e:a7:ea:f0:1a:61:82:c2:54:2f:1f:82:
22:04:f6:d6:4c:a3:17:c5:03:04:dc:c5:7a:80:3e:c2:08:12:
46:6e:40:81:a4:5f:b2:5f:02:1f:2c:45:50:86:ca:7d:cc:f9:
29:ca:d1:e5:b3:6d:51:7a:af:32:4c:8e:a3:5f:af:75:5f:46:
35:81:33:fe:61:77:2f:eb:44:04:c5:73:f9:5c:b9:0f:d6:d2:
3a:23:88:6b:ac:c7:f4:fb:a6:e6:ae:be:c8:0e:aa:ce:ea:47:
3c:35:c1:73:ce:fa:4a:2c:be:d9:55:46:32:ee:cf:b6:f2:be:
08:2b:98:14:6e:84:e1:c1:09:be:25:ec:ac:18:ea:a9:4e:5f:
85:84:f6:1d:c6:20:d8:cf:6d:85:6d:86:03:b6:65:e6:d3:92:
27:29:b3:26:a2:11:33:d9:e2:f3:ec:e1:44:e1:51:71:a3:be:
b6:7f:8c:bb:24:aa:c9:73:1b:1c:65:dd:92:72:7b:66:5b:74:
be:82:83:49:79:96:99:91:b3:a5:fb:db:da:da:c6:76:4d:08:
12:7c:be:9c:5e:33:a5:b8:a2:64:9c:a0:be:20:ab:38:a0:d0:
98:2e:37:eb
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICQ2MwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTgx
MDIzMDFaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDE3OEQyRTY1NDg3NjhF
MzcwMDA5Q0M4OUVENzU1ODY0QkI2OEEyQzAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCpatNLKxCO0MDYYt/TtRMKGDJ2cCGfZKrxE3FMs+OlvTNmIkdz
7Hr4y6QaajXcimLFzUuT/cc3jCbgw+VZYQNsrzmrzSAp/cacabEaufYg2zX3HlSl
HXtmuVMpEhKAt5VFQgw7aYmgXLmGrVAFsvg4Q1sAnGz6md70lD1Pmv6ImA+y3L6d
L6EtZC5g7aUP5r0XhtniM2cL9BmlZ8dLVZiD53fQ6iRlnYqWu2z+H5ffUPQ++b+c
5cGfZI4jwvju4eII2C2szF6LBknsMc3B2HvYoJHLvkvDogLWoFs4E+HNdZMloEqn
zmYgM6nQPK0po/ZN3hg7aWXML2Fu3YuspUrRAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUF40uZUh2jjcACcyJ7XVYZLtoosAwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0Y0MHVaVWgyampjQUNj
eUo3WFZZWkx0b29zQS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBADqb6OVNWh0HnZkcJO5ypR39uwFNDNO/
1p6n6vAaYYLCVC8fgiIE9tZMoxfFAwTcxXqAPsIIEkZuQIGkX7JfAh8sRVCGyn3M
+SnK0eWzbVF6rzJMjqNfr3VfRjWBM/5hdy/rRATFc/lcuQ/W0jojiGusx/T7puau
vsgOqs7qRzw1wXPO+kosvtlVRjLuz7byvggrmBRuhOHBCb4l7KwY6qlOX4WE9h3G
INjPbYVthgO2ZebTkicpsyaiETPZ4vPs4UThUXGjvrZ/jLskqslzGxxl3ZJye2Zb
dL6Cg0l5lpmRs6X729raxnZNCBJ8vpxeM6W4omScoL4gqzig0JguN+s=
-----END CERTIFICATE-----
Generated at Thu Apr 18 18:13:35 2024 by rpki-client on console.sobornost.net