Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/LB1uXSNMLVF4il7hSUvHAWRAVQI.roa
File: LB1uXSNMLVF4il7hSUvHAWRAVQI.roa (raw, json)
Hash identifier: 5P23nEVIYyth1aLutgB4tOMtpjhowSujO9ejv5YvRGQ=
Subject key identifier: 2C:1D:6E:5D:23:4C:2D:51:78:8A:5E:E1:49:4B:C7:01:64:40:55:02
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4DF7
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/LB1uXSNMLVF4il7hSUvHAWRAVQI.roa
Signing time: Thu 02 May 2024 12:53:42 +0000
ROA not before: Thu 02 May 2024 12:53:42 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 19959 (0x4df7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 2 12:53:42 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=2C1D6E5D234C2D51788A5EE1494BC70164405502
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:c9:c1:46:31:c4:80:21:a0:af:9e:3e:bd:ac:
a8:8f:3d:f1:d4:e2:23:35:fe:9f:04:5f:86:14:c6:
36:4d:e5:56:99:85:41:f4:e8:76:67:c0:7c:62:be:
b7:94:e7:80:9f:09:8b:e3:7d:7b:c3:36:17:e4:85:
08:79:22:9b:b7:91:49:23:e2:7a:e9:ec:ac:a8:3a:
7d:86:da:8e:1c:77:f2:82:34:fd:98:23:34:37:a3:
41:14:51:d5:cb:21:a4:de:73:cd:52:62:fa:18:a5:
36:31:9e:c1:f7:cb:f1:9d:6e:94:e5:9e:a8:a0:4c:
f1:06:61:94:eb:90:b7:d9:d4:e4:46:a1:45:01:4b:
38:5b:cb:ae:20:0b:33:02:55:6f:e6:ed:f4:f0:db:
c7:c5:3f:f5:a7:0b:54:3f:77:33:22:7a:5c:97:60:
fa:61:83:51:cf:60:8d:41:a8:bb:8d:c8:ee:79:f1:
cd:10:2f:df:28:28:39:59:1a:59:71:50:77:ec:98:
c2:eb:b6:2b:2f:10:8f:b1:67:e1:d8:d9:6a:50:32:
9f:00:91:17:c8:4f:fd:b5:d9:ee:bb:00:15:2e:8d:
ea:a7:d4:d4:38:9a:ff:e6:33:55:e6:7a:c4:48:5b:
9d:06:6c:0a:eb:09:da:8c:52:90:7b:5c:93:71:9c:
5f:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:1D:6E:5D:23:4C:2D:51:78:8A:5E:E1:49:4B:C7:01:64:40:55:02
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/LB1uXSNMLVF4il7hSUvHAWRAVQI.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
8b:f0:ca:b0:a2:d4:ee:87:be:ac:22:fd:48:13:4f:5c:28:15:
05:a0:1a:b2:a3:4d:1b:d4:4a:fc:c3:c2:4b:fd:69:13:e5:dd:
8f:34:b7:e5:94:55:c9:34:9f:57:d9:33:d9:06:74:ec:6b:4e:
c7:f6:4a:ef:a5:39:75:4b:d2:55:a5:d2:b4:83:80:f1:84:69:
7b:4f:ea:16:03:8b:0f:d6:6e:34:2f:a5:61:c6:10:fa:be:0b:
82:65:56:67:a1:57:09:2b:98:6b:c1:a1:2c:3c:15:2d:5e:69:
74:79:93:29:b6:7e:d5:8b:11:65:32:b6:49:a7:50:e5:a7:f2:
e7:bf:47:ab:f4:92:a5:d7:03:73:0a:5a:0c:eb:8d:30:2a:72:
10:8c:7f:4f:78:a1:54:d0:f5:47:36:19:ca:bc:9d:a3:cb:1c:
b1:38:5c:1c:a7:18:4a:3b:8f:24:cd:73:d8:bc:bf:75:b9:0e:
34:ec:d1:25:2d:db:0f:aa:42:7f:00:98:a3:6e:e0:4c:e7:5c:
e0:dd:7a:12:84:fb:f7:84:74:93:25:5b:02:e9:98:be:cf:3d:
93:8e:ac:8a:77:7e:e1:3b:ca:eb:38:12:53:30:ed:76:e7:c5:
4c:a6:b7:3e:72:fe:61:84:56:01:73:db:e8:b4:8e:ca:5e:5f:
8c:64:93:9c
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICTfcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDIx
MjUzNDJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDJDMUQ2RTVEMjM0QzJE
NTE3ODhBNUVFMTQ5NEJDNzAxNjQ0MDU1MDIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCiycFGMcSAIaCvnj69rKiPPfHU4iM1/p8EX4YUxjZN5VaZhUH0
6HZnwHxivreU54CfCYvjfXvDNhfkhQh5Ipu3kUkj4nrp7KyoOn2G2o4cd/KCNP2Y
IzQ3o0EUUdXLIaTec81SYvoYpTYxnsH3y/GdbpTlnqigTPEGYZTrkLfZ1ORGoUUB
Szhby64gCzMCVW/m7fTw28fFP/WnC1Q/dzMielyXYPphg1HPYI1BqLuNyO558c0Q
L98oKDlZGllxUHfsmMLrtisvEI+xZ+HY2WpQMp8AkRfIT/212e67ABUujeqn1NQ4
mv/mM1XmesRIW50GbArrCdqMUpB7XJNxnF+/AgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQULB1uXSNMLVF4il7hSUvHAWRAVQIwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0xCMXVYU05NTFZGNGls
N2hTVXZIQVdSQVZRSS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAIvwyrCi1O6Hvqwi/UgTT1woFQWgGrKj
TRvUSvzDwkv9aRPl3Y80t+WUVck0n1fZM9kGdOxrTsf2Su+lOXVL0lWl0rSDgPGE
aXtP6hYDiw/WbjQvpWHGEPq+C4JlVmehVwkrmGvBoSw8FS1eaXR5kym2ftWLEWUy
tkmnUOWn8ue/R6v0kqXXA3MKWgzrjTAqchCMf094oVTQ9Uc2Gcq8naPLHLE4XByn
GEo7jyTNc9i8v3W5DjTs0SUt2w+qQn8AmKNu4EznXODdehKE+/eEdJMlWwLpmL7P
PZOOrIp3fuE7yus4ElMw7XbnxUymtz5y/mGEVgFz2+i0jspeX4xkk5w=
-----END CERTIFICATE-----
Generated at Thu May 2 16:08:50 2024 by rpki-client on console.sobornost.net