Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/JEVs1xIOgCZffBLHG351-BRhWP8.roa
File: JEVs1xIOgCZffBLHG351-BRhWP8.roa (raw, json)
Hash identifier: Dp3QsHagKuM82ryms+6Q/AEAdo+RhGfHxzWR8bt85i0=
Subject key identifier: 24:45:6C:D7:12:0E:80:26:5F:7C:12:C7:1B:7E:75:F8:14:61:58:FF
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 36C7
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/JEVs1xIOgCZffBLHG351-BRhWP8.roa
Signing time: Mon 01 Apr 2024 14:52:11 +0000
ROA not before: Mon 01 Apr 2024 14:52:11 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14023 (0x36c7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 1 14:52:11 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=24456CD7120E80265F7C12C71B7E75F8146158FF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:d7:59:75:45:36:14:75:56:f7:d3:cf:b5:54:
e6:a9:83:82:08:1c:f7:33:3f:23:50:2c:66:1f:93:
5e:87:f2:50:dc:23:7e:78:00:ec:55:28:d8:55:c6:
25:d3:43:19:89:6e:15:95:a4:07:04:92:61:21:19:
7d:b3:50:35:59:73:a9:e3:34:00:5e:13:67:08:57:
ab:90:1b:f2:e1:d6:4a:47:93:df:d9:33:71:79:88:
75:be:3d:7b:18:98:d5:8e:cd:97:78:17:30:80:42:
6a:7f:78:a2:f1:88:fe:f1:ea:16:38:4b:2b:aa:1d:
a3:80:88:4c:f3:ee:40:9e:5a:61:0c:8a:b2:a8:a6:
86:44:df:12:c2:3c:fb:1c:4a:1e:d9:99:98:00:b6:
d6:a7:4e:31:5f:5f:cb:de:91:78:b2:22:fd:ab:1d:
ce:e4:68:dc:6d:ba:05:cc:a3:e3:36:1b:2b:98:a8:
55:25:32:b2:5e:39:4b:a2:f9:4a:97:30:c3:79:db:
7d:5a:54:69:5b:16:b5:26:9a:ca:95:6f:7f:42:47:
3d:15:4a:95:95:51:3c:65:f3:fe:ef:7d:e1:3c:78:
d8:72:ba:e3:ac:81:e2:43:5a:e7:a2:88:38:bc:13:
d4:26:8c:0c:b9:4e:22:d3:fa:3f:35:d9:66:a4:34:
84:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:45:6C:D7:12:0E:80:26:5F:7C:12:C7:1B:7E:75:F8:14:61:58:FF
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/JEVs1xIOgCZffBLHG351-BRhWP8.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
42:84:9e:d3:26:40:50:25:58:f2:ef:7e:a9:fd:72:41:4c:4a:
a5:8c:a6:68:fb:af:7c:1b:7e:c9:53:16:ce:11:02:a5:f3:b9:
07:8b:0c:8c:c5:91:d8:ab:a3:a5:19:69:ba:d2:d9:e1:74:e1:
c9:49:fe:46:13:d2:1b:7b:c5:2a:b1:55:62:50:f9:fc:1b:16:
dc:85:84:24:2f:0a:75:88:9f:5e:2f:29:11:57:ef:c8:bd:77:
e0:b6:e6:a3:70:54:c2:ca:c2:5e:d4:de:40:2f:3a:1a:fa:22:
2b:23:9b:6e:f0:01:50:a9:ea:94:7c:6d:28:72:5f:4b:71:5d:
93:0e:f1:67:7e:32:0a:84:3f:6a:28:0b:68:32:bd:5b:59:3a:
f8:fa:a3:ef:7f:c9:44:08:5b:bb:a4:0e:8d:9f:74:89:d1:ad:
a0:3d:53:c7:64:4e:7d:24:6a:81:4b:3b:72:68:d5:45:49:27:
04:1b:f0:43:7b:f6:8f:44:79:9e:c5:c9:83:96:28:5e:1a:07:
df:00:ba:78:5d:b0:33:56:1c:f7:48:d3:0b:71:66:a3:b9:0e:
af:5c:1e:df:d0:2d:7d:2e:07:cd:19:ae:99:14:79:9c:41:48:
83:fe:f9:5a:56:7b:9b:b9:44:91:69:f6:72:e9:10:55:6f:5c:
88:df:cd:af
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICNscwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDEx
NDUyMTFaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDI0NDU2Q0Q3MTIwRTgw
MjY1RjdDMTJDNzFCN0U3NUY4MTQ2MTU4RkYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDK11l1RTYUdVb308+1VOapg4IIHPczPyNQLGYfk16H8lDcI354
AOxVKNhVxiXTQxmJbhWVpAcEkmEhGX2zUDVZc6njNABeE2cIV6uQG/Lh1kpHk9/Z
M3F5iHW+PXsYmNWOzZd4FzCAQmp/eKLxiP7x6hY4SyuqHaOAiEzz7kCeWmEMirKo
poZE3xLCPPscSh7ZmZgAttanTjFfX8vekXiyIv2rHc7kaNxtugXMo+M2GyuYqFUl
MrJeOUui+UqXMMN5231aVGlbFrUmmsqVb39CRz0VSpWVUTxl8/7vfeE8eNhyuuOs
geJDWueiiDi8E9QmjAy5TiLT+j812WakNITLAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUJEVs1xIOgCZffBLHG351+BRhWP8wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0pFVnMxeElPZ0NaZmZC
TEhHMzUxLUJSaFdQOC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAEKEntMmQFAlWPLvfqn9ckFMSqWMpmj7
r3wbfslTFs4RAqXzuQeLDIzFkdiro6UZabrS2eF04clJ/kYT0ht7xSqxVWJQ+fwb
FtyFhCQvCnWIn14vKRFX78i9d+C25qNwVMLKwl7U3kAvOhr6Iisjm27wAVCp6pR8
bShyX0txXZMO8Wd+MgqEP2ooC2gyvVtZOvj6o+9/yUQIW7ukDo2fdInRraA9U8dk
Tn0kaoFLO3Jo1UVJJwQb8EN79o9EeZ7FyYOWKF4aB98AunhdsDNWHPdI0wtxZqO5
Dq9cHt/QLX0uB80ZrpkUeZxBSIP++VpWe5u5RJFp9nLpEFVvXIjfza8=
-----END CERTIFICATE-----
Generated at Mon Apr 1 20:28:32 2024 by rpki-client on console.sobornost.net