Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/Fd7NmyAY_OY3Wr6M0cekXHo4OVI.roa
File: Fd7NmyAY_OY3Wr6M0cekXHo4OVI.roa (raw, json)
Hash identifier: xMLQ8LvIeqpB3IXUUdjAaIawWl0pAOckW1OUo6oLWRk=
Subject key identifier: 15:DE:CD:9B:20:18:FC:E6:37:5A:BE:8C:D1:C7:A4:5C:7A:38:39:52
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4803
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/Fd7NmyAY_OY3Wr6M0cekXHo4OVI.roa
Signing time: Wed 24 Apr 2024 14:23:13 +0000
ROA not before: Wed 24 Apr 2024 14:23:13 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18435 (0x4803)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 24 14:23:13 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=15DECD9B2018FCE6375ABE8CD1C7A45C7A383952
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:11:84:d8:50:15:89:30:10:c9:cf:a6:d2:cf:
6b:5e:4d:3a:c8:ca:e6:99:33:10:c9:89:4b:dd:b2:
81:52:30:c4:4b:64:18:f6:c1:ad:c2:81:5d:6f:37:
12:5a:ee:64:a8:31:b0:f4:02:87:45:f3:a2:57:fe:
24:3e:9f:61:19:82:31:bf:df:cb:d8:72:96:35:1b:
7e:49:e8:8f:32:10:95:0f:36:c6:35:17:09:17:5f:
1d:e7:73:58:48:11:79:58:57:3d:47:f7:b9:24:61:
de:1b:85:a3:25:e8:b7:d0:4e:b2:6c:f5:cc:f7:11:
83:8e:03:04:68:ab:85:5e:1d:18:7e:a2:26:0a:8c:
bd:da:00:88:96:3e:f0:6e:9a:bd:6f:c8:35:14:66:
cd:e1:c9:17:72:9c:a6:11:fc:71:fb:b3:ab:f0:88:
15:09:29:ce:6d:0c:85:1e:72:b9:81:ac:54:b3:98:
b3:ef:06:64:e9:b3:f2:ab:e5:f5:c6:d8:2e:2b:b3:
df:00:71:54:25:47:5d:37:d4:3a:1c:47:5e:fd:51:
89:f1:31:b8:c7:69:ef:5c:3c:a7:9d:19:a8:12:e8:
ce:1c:1f:fe:d8:7e:ed:25:42:3e:a5:f5:94:63:3b:
01:c5:ff:a4:2b:71:d0:8c:a4:ec:93:99:ec:be:42:
f8:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:DE:CD:9B:20:18:FC:E6:37:5A:BE:8C:D1:C7:A4:5C:7A:38:39:52
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/Fd7NmyAY_OY3Wr6M0cekXHo4OVI.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
05:71:30:f9:d9:f1:97:0a:d1:ba:9b:19:2f:ca:51:9d:60:83:
22:e4:0b:83:d1:ee:90:3a:30:7b:0c:16:a6:e1:d0:84:06:ee:
67:bd:12:0e:3d:dd:6c:4c:a3:0c:10:50:eb:1a:80:98:f5:8c:
50:92:1d:56:c5:52:28:b3:74:0e:00:59:a6:8c:47:23:c0:1c:
3e:af:da:c6:a9:79:33:f9:a1:85:a0:63:e9:a7:fa:0b:ca:ae:
97:ef:22:6b:63:b9:a8:60:cf:ea:55:64:3d:96:e9:e1:ed:4e:
8f:6c:fd:bf:af:38:f5:a2:f1:a6:e9:e5:86:70:b9:6e:3e:82:
f5:0d:f7:4c:8c:35:c5:c3:4f:89:d4:75:92:69:fd:a7:ec:87:
b5:54:56:63:bc:c3:10:f7:ca:fc:21:fc:03:37:fd:c8:16:9a:
7f:cf:01:6a:76:15:b3:fb:09:27:7e:91:0c:9a:66:5b:16:67:
2e:ee:57:c3:29:60:e4:db:81:7e:30:37:83:1e:bc:5e:1e:3c:
d2:a8:6e:29:81:5a:47:39:89:f7:0c:41:17:e0:be:57:7c:22:
04:e2:00:67:7d:c0:e7:f8:a4:c1:fe:f2:a4:2c:36:e5:4f:1c:
0b:8b:77:34:55:d3:e1:52:28:eb:31:a3:9e:a0:38:e3:08:03:
39:6c:23:8f
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICSAMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MjQx
NDIzMTNaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDE1REVDRDlCMjAxOEZD
RTYzNzVBQkU4Q0QxQzdBNDVDN0EzODM5NTIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDAEYTYUBWJMBDJz6bSz2teTTrIyuaZMxDJiUvdsoFSMMRLZBj2
wa3CgV1vNxJa7mSoMbD0AodF86JX/iQ+n2EZgjG/38vYcpY1G35J6I8yEJUPNsY1
FwkXXx3nc1hIEXlYVz1H97kkYd4bhaMl6LfQTrJs9cz3EYOOAwRoq4VeHRh+oiYK
jL3aAIiWPvBumr1vyDUUZs3hyRdynKYR/HH7s6vwiBUJKc5tDIUecrmBrFSzmLPv
BmTps/Kr5fXG2C4rs98AcVQlR1031DocR179UYnxMbjHae9cPKedGagS6M4cH/7Y
fu0lQj6l9ZRjOwHF/6QrcdCMpOyTmey+Qvg9AgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUFd7NmyAY/OY3Wr6M0cekXHo4OVIwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0ZkN05teUFZX09ZM1dy
Nk0wY2VrWEhvNE9WSS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAAVxMPnZ8ZcK0bqbGS/KUZ1ggyLkC4PR
7pA6MHsMFqbh0IQG7me9Eg493WxMowwQUOsagJj1jFCSHVbFUiizdA4AWaaMRyPA
HD6v2sapeTP5oYWgY+mn+gvKrpfvImtjuahgz+pVZD2W6eHtTo9s/b+vOPWi8abp
5YZwuW4+gvUN90yMNcXDT4nUdZJp/afsh7VUVmO8wxD3yvwh/AM3/cgWmn/PAWp2
FbP7CSd+kQyaZlsWZy7uV8MpYOTbgX4wN4MevF4ePNKobimBWkc5ifcMQRfgvld8
IgTiAGd9wOf4pMH+8qQsNuVPHAuLdzRV0+FSKOsxo56gOOMIAzlsI48=
-----END CERTIFICATE-----
Generated at Wed Apr 24 21:49:58 2024 by rpki-client on console.sobornost.net