Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/LHoHBvz2HU8MItTDsloq04B1CsM.roa
File: LHoHBvz2HU8MItTDsloq04B1CsM.roa (raw, json)
Hash identifier: bu/o+SZ7jnbTiTJiAwITUb2KIpWUKzVzgoFQgLNf2qg=
Subject key identifier: 2C:7A:07:06:FC:F6:1D:4F:0C:22:D4:C3:B2:5A:2A:D3:80:75:0A:C3
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3D77
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/LHoHBvz2HU8MItTDsloq04B1CsM.roa
Signing time: Wed 10 Apr 2024 12:52:41 +0000
ROA not before: Wed 10 Apr 2024 12:52:41 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15735 (0x3d77)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 10 12:52:41 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=2C7A0706FCF61D4F0C22D4C3B25A2AD380750AC3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:5b:c4:4e:15:42:7d:83:68:89:1f:e9:62:d4:
72:f3:de:75:b1:87:8b:9b:9a:9b:f8:36:91:72:fc:
c9:28:4f:c7:df:2e:55:4a:f6:ec:29:da:1c:b3:bc:
bd:25:88:af:83:6b:0d:ce:bb:b4:55:fc:e9:69:31:
17:8f:a0:ab:8b:7f:1a:84:06:c9:49:ec:5f:b5:08:
96:2a:a9:bf:86:a3:7e:21:ce:0f:ac:15:a6:51:e6:
e8:6e:40:41:9c:2c:f8:21:3d:5c:57:ed:89:ed:e3:
b2:26:bd:0a:53:80:d4:78:13:6d:e3:79:ef:ba:44:
d2:06:46:06:df:da:8c:2a:47:9e:b8:71:cf:2c:55:
60:4c:76:1d:d7:d6:7c:44:76:4e:bc:83:86:cc:70:
87:76:af:92:e0:2c:1f:f5:3d:f9:7b:34:98:fb:a0:
c1:61:4a:6f:ec:5c:98:f6:c3:cb:30:2c:3e:e1:b2:
fd:a4:2d:1e:16:e7:55:4d:c0:bc:65:9b:a4:d2:3e:
03:92:d2:a6:dd:48:c5:71:44:7f:e1:91:c2:9f:3a:
2c:c3:ca:d4:b2:d7:97:1e:42:c6:d9:06:2d:a3:cd:
8b:82:1b:1f:b6:86:81:52:32:5b:35:21:a0:40:0e:
8b:b9:83:b2:4a:ea:6c:fb:12:db:f5:fc:a6:e0:ed:
eb:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:7A:07:06:FC:F6:1D:4F:0C:22:D4:C3:B2:5A:2A:D3:80:75:0A:C3
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/LHoHBvz2HU8MItTDsloq04B1CsM.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
11:20:52:41:0b:5a:b6:3a:57:e9:22:bc:89:a5:33:75:90:9a:
77:8d:cb:6c:8a:90:92:e6:76:9b:63:a6:c1:3b:dc:68:99:f6:
2c:e4:e7:fb:e2:d0:91:81:66:c4:45:45:f2:51:36:11:7b:2d:
c6:19:6f:3b:29:f2:ba:1f:a5:1d:0c:5e:76:58:b1:d0:8c:6b:
df:d2:aa:96:e2:dc:17:b5:78:7e:73:60:41:8b:14:3a:73:e8:
b8:46:91:88:f8:c3:67:41:14:a4:0c:8a:ba:04:ae:2a:a8:7e:
f2:d2:01:5b:59:25:ae:ad:8d:a1:91:ff:54:9e:a0:9a:9f:77:
15:48:3a:71:fc:87:41:32:12:1d:f2:b4:ec:ff:e4:7a:2d:5d:
06:ff:f3:3d:71:a7:b4:8c:a0:a8:27:95:eb:5b:64:d6:08:03:
d5:ff:79:1e:f0:db:b8:96:2b:b9:ea:9d:23:19:25:a6:65:d7:
cc:ec:db:34:7f:8b:a1:21:b5:01:26:ad:23:07:3a:52:0d:64:
26:98:56:59:ae:39:3a:f5:11:cc:51:03:8d:03:a9:93:f1:7c:
42:75:80:f3:a5:4e:80:22:ed:21:be:e7:22:81:e7:00:9e:22:
f6:74:50:e4:ac:d3:f3:44:bf:28:6a:f4:84:d7:c4:1f:1e:8e:
9b:08:68:96
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICPXcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTAx
MjUyNDFaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDJDN0EwNzA2RkNGNjFE
NEYwQzIyRDRDM0IyNUEyQUQzODA3NTBBQzMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC2W8ROFUJ9g2iJH+li1HLz3nWxh4ubmpv4NpFy/MkoT8ffLlVK
9uwp2hyzvL0liK+Daw3Ou7RV/OlpMRePoKuLfxqEBslJ7F+1CJYqqb+Go34hzg+s
FaZR5uhuQEGcLPghPVxX7Ynt47ImvQpTgNR4E23jee+6RNIGRgbf2owqR564cc8s
VWBMdh3X1nxEdk68g4bMcId2r5LgLB/1Pfl7NJj7oMFhSm/sXJj2w8swLD7hsv2k
LR4W51VNwLxlm6TSPgOS0qbdSMVxRH/hkcKfOizDytSy15ceQsbZBi2jzYuCGx+2
hoFSMls1IaBADou5g7JK6mz7Etv1/Kbg7etjAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQULHoHBvz2HU8MItTDsloq04B1CsMwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0xIb0hCdnoySFU4TUl0
VERzbG9xMDRCMUNzTS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBABEgUkELWrY6V+kivImlM3WQmneNy2yK
kJLmdptjpsE73GiZ9izk5/vi0JGBZsRFRfJRNhF7LcYZbzsp8rofpR0MXnZYsdCM
a9/Sqpbi3Be1eH5zYEGLFDpz6LhGkYj4w2dBFKQMiroEriqofvLSAVtZJa6tjaGR
/1SeoJqfdxVIOnH8h0EyEh3ytOz/5HotXQb/8z1xp7SMoKgnletbZNYIA9X/eR7w
27iWK7nqnSMZJaZl18zs2zR/i6EhtQEmrSMHOlINZCaYVlmuOTr1EcxRA40DqZPx
fEJ1gPOlToAi7SG+5yKB5wCeIvZ0UOSs0/NEvyhq9ITXxB8ejpsIaJY=
-----END CERTIFICATE-----
Generated at Wed Apr 10 19:53:41 2024 by rpki-client on console.sobornost.net