Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/MOhoPCdIJ6KYphojYZxk5IJ44U4.roa
File: MOhoPCdIJ6KYphojYZxk5IJ44U4.roa (raw, json)
Hash identifier: 0n0zEJFX6JeaC+3k5X67JtvKbY8nZ+j7vMEH7CzMAkE=
Subject key identifier: 30:E8:68:3C:27:48:27:A2:98:A6:1A:23:61:9C:64:E4:82:78:E1:4E
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 414F
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/MOhoPCdIJ6KYphojYZxk5IJ44U4.roa
Signing time: Mon 15 Apr 2024 15:52:54 +0000
ROA not before: Mon 15 Apr 2024 15:52:54 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16719 (0x414f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 15 15:52:54 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=30E8683C274827A298A61A23619C64E48278E14E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:48:19:80:54:cd:e2:8b:3b:e3:e9:93:e3:dd:
86:19:fa:c3:dc:83:7b:3d:9d:84:05:f6:a4:7c:71:
d1:56:b0:70:00:b2:5f:12:a8:b0:d7:04:81:21:65:
c3:0b:79:e3:9b:08:7b:14:c3:d6:3f:be:a3:f4:49:
df:13:4b:37:52:f6:5b:ba:55:ec:d9:b1:e8:23:90:
35:51:f3:fe:40:b0:53:56:89:04:ac:ad:41:63:0b:
6e:b2:44:d1:10:7b:78:c4:82:81:ef:6a:a4:a0:69:
00:34:a0:d7:3e:83:19:43:7c:a6:20:c8:b6:9e:e9:
e9:c9:b8:ca:a7:f3:36:bf:96:47:8d:30:42:43:f7:
32:70:bb:e3:31:76:46:63:d0:68:fc:ab:79:31:fe:
7e:b6:f4:72:a8:cc:4e:72:71:51:b1:98:72:62:e5:
15:51:b4:00:5e:a0:cd:17:91:25:01:f5:cb:10:98:
ee:e4:e2:8c:84:e6:a9:1d:4f:86:2e:28:37:fd:80:
e3:de:28:d0:63:61:3e:c3:34:ee:7a:ca:24:28:ae:
1a:08:17:8e:d8:f5:1a:4e:f5:a2:01:8d:ee:ca:ac:
dd:6e:26:fc:b1:87:7e:5a:6c:e0:62:89:3a:0c:73:
83:b6:66:71:48:95:dd:e3:48:e1:4a:f4:ef:b2:14:
db:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:E8:68:3C:27:48:27:A2:98:A6:1A:23:61:9C:64:E4:82:78:E1:4E
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/MOhoPCdIJ6KYphojYZxk5IJ44U4.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
5a:1b:6f:73:27:c7:09:58:f0:94:be:3e:ba:52:da:ed:d5:1d:
e6:4c:49:da:b6:3b:7a:46:06:30:14:32:89:98:88:9f:32:a6:
08:4d:8c:90:c4:6d:1e:24:09:3f:9b:d5:3f:21:f6:7b:d9:07:
06:48:12:50:48:f9:d8:24:c4:3d:e1:7d:ea:37:e2:3e:49:3d:
33:26:c0:4e:ab:17:c0:d0:0f:28:44:66:39:49:89:be:86:91:
eb:f9:2b:c9:b1:1b:20:f5:61:54:cb:a5:3c:89:b1:bb:a6:bd:
1b:ae:71:17:60:36:8a:3f:c6:eb:27:d8:3a:d6:df:9f:b1:24:
84:d1:c4:ce:f2:03:c7:0c:6a:89:d4:c2:c2:9f:17:b8:dc:d1:
f4:2c:b7:95:e9:17:3f:52:00:ba:47:41:fa:07:6b:a3:16:71:
79:29:3b:68:63:4d:f7:11:5b:6b:40:c3:1c:e8:40:65:50:62:
90:f9:01:36:5a:f0:97:5d:ec:5e:18:dd:9a:1f:ad:17:5d:21:
52:c0:c3:f1:69:69:94:75:b8:e7:fb:5d:e5:f2:57:3d:df:6e:
03:99:28:ac:92:a2:04:16:5d:6e:5b:46:d8:6b:ca:6b:77:71:
b7:d2:11:70:8f:eb:ab:95:14:25:fc:d7:9d:9b:55:3b:86:bf:
0a:68:77:1b
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICQU8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTUx
NTUyNTRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDMwRTg2ODNDMjc0ODI3
QTI5OEE2MUEyMzYxOUM2NEU0ODI3OEUxNEUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDBSBmAVM3iizvj6ZPj3YYZ+sPcg3s9nYQF9qR8cdFWsHAAsl8S
qLDXBIEhZcMLeeObCHsUw9Y/vqP0Sd8TSzdS9lu6VezZsegjkDVR8/5AsFNWiQSs
rUFjC26yRNEQe3jEgoHvaqSgaQA0oNc+gxlDfKYgyLae6enJuMqn8za/lkeNMEJD
9zJwu+MxdkZj0Gj8q3kx/n629HKozE5ycVGxmHJi5RVRtABeoM0XkSUB9csQmO7k
4oyE5qkdT4YuKDf9gOPeKNBjYT7DNO56yiQorhoIF47Y9RpO9aIBje7KrN1uJvyx
h35abOBiiToMc4O2ZnFIld3jSOFK9O+yFNtHAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUMOhoPCdIJ6KYphojYZxk5IJ44U4wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L01PaG9QQ2RJSjZLWXBo
b2pZWnhrNUlKNDRVNC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAFobb3MnxwlY8JS+PrpS2u3VHeZMSdq2
O3pGBjAUMomYiJ8ypghNjJDEbR4kCT+b1T8h9nvZBwZIElBI+dgkxD3hfeo34j5J
PTMmwE6rF8DQDyhEZjlJib6Gkev5K8mxGyD1YVTLpTyJsbumvRuucRdgNoo/xusn
2DrW35+xJITRxM7yA8cMaonUwsKfF7jc0fQst5XpFz9SALpHQfoHa6MWcXkpO2hj
TfcRW2tAwxzoQGVQYpD5ATZa8Jdd7F4Y3ZofrRddIVLAw/FpaZR1uOf7XeXyVz3f
bgOZKKySogQWXW5bRthrymt3cbfSEXCP66uVFCX8152bVTuGvwpodxs=
-----END CERTIFICATE-----
Generated at Tue Apr 16 00:10:50 2024 by rpki-client on console.sobornost.net