Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/QdCxR2FTNfadQOQcom6dQ4KV0lY.roa
File: QdCxR2FTNfadQOQcom6dQ4KV0lY.roa (raw, json)
Hash identifier: Hnrf+8UoFkf/YeRT7b5ZvQacqpgu/7kfyyFrSYL0ocQ=
Subject key identifier: 41:D0:B1:47:61:53:35:F6:9D:40:E4:1C:A2:6E:9D:43:82:95:D2:56
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4237
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/QdCxR2FTNfadQOQcom6dQ4KV0lY.roa
Signing time: Tue 16 Apr 2024 20:52:58 +0000
ROA not before: Tue 16 Apr 2024 20:52:58 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16951 (0x4237)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 16 20:52:58 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=41D0B147615335F69D40E41CA26E9D438295D256
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:e1:9f:1d:39:87:79:31:13:51:c9:f0:97:e1:
24:12:e9:1f:b3:42:2f:81:50:cc:b0:98:df:ab:86:
e5:fe:39:c1:48:4e:8b:64:e2:f8:54:a1:31:a3:38:
dd:0e:34:f1:6f:3a:fd:92:c0:40:f3:e7:7e:01:4f:
4c:55:a0:cc:20:d2:75:fd:9f:0f:83:83:01:88:ed:
4c:ee:be:0b:da:53:a3:2f:fd:55:4e:5e:cf:c3:c4:
42:01:4a:7b:64:4c:ef:f2:f9:5a:d4:d7:62:f8:db:
a6:7d:2a:70:8a:97:e1:df:71:5a:a5:da:f5:62:5a:
77:cd:f5:cc:50:02:26:41:62:61:4f:51:38:9f:45:
fc:4e:2c:70:a7:fd:1d:65:dd:aa:e0:55:74:18:b5:
ba:7a:60:9d:49:70:b8:ba:6f:aa:35:46:a0:02:5d:
53:f1:5d:24:8b:2a:d4:77:77:3b:c1:e4:af:ac:3c:
76:ad:aa:78:5f:47:6b:e8:e8:15:ba:3e:d3:14:cf:
8b:25:d7:00:a5:19:2a:99:52:0a:e1:38:f7:be:c1:
6b:f7:51:56:79:47:02:57:40:cf:2a:0c:67:ed:06:
37:02:30:5e:fa:d4:98:0f:ed:2f:62:eb:6b:6b:cf:
37:e5:9e:fe:3b:14:d4:4c:1c:4d:9c:b3:ac:07:98:
3a:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:D0:B1:47:61:53:35:F6:9D:40:E4:1C:A2:6E:9D:43:82:95:D2:56
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/QdCxR2FTNfadQOQcom6dQ4KV0lY.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
88:ef:61:9b:76:38:7e:3e:29:7a:08:cb:3f:e1:2a:e2:55:b5:
ae:18:d7:ee:63:e4:0a:8e:60:03:8f:65:03:7d:25:22:1e:14:
47:e0:d1:a8:8d:00:d8:4b:df:eb:03:73:d4:ef:90:54:c5:fd:
9b:b4:ce:e2:23:e2:79:ad:0c:f4:bf:7b:d6:56:ce:e3:6c:19:
fc:d7:cf:df:8f:77:c4:7c:5f:da:dc:fa:8c:a4:8d:a6:b8:bc:
c5:02:d1:d5:cb:63:d1:73:f5:a5:d8:b1:b1:30:2b:3d:8e:b6:
af:64:7f:3d:03:6c:b5:1e:ba:51:ef:c9:11:ee:67:ff:55:8d:
8e:62:42:64:2d:b5:58:e3:52:36:b7:33:d9:f1:ec:09:24:e2:
63:2b:bb:a8:d1:a5:33:3a:83:5c:2a:50:2c:b0:d7:2b:08:fc:
58:17:aa:4f:6e:35:b5:35:2a:99:e6:a1:09:41:fc:a2:bb:22:
21:9d:57:04:24:2c:c6:d0:ff:b3:c8:f6:5c:46:55:0b:39:98:
51:0d:0e:86:15:5e:dc:02:72:cc:13:c1:02:bc:34:cb:56:97:
1f:7f:1c:8b:52:3d:49:f1:c1:67:fb:3c:c7:1c:f2:8e:73:97:
60:8d:da:54:a8:7d:c0:06:49:36:32:cb:8b:d8:20:3e:9c:92:
f8:7c:c6:a1
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICQjcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTYy
MDUyNThaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDQxRDBCMTQ3NjE1MzM1
RjY5RDQwRTQxQ0EyNkU5RDQzODI5NUQyNTYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC34Z8dOYd5MRNRyfCX4SQS6R+zQi+BUMywmN+rhuX+OcFITotk
4vhUoTGjON0ONPFvOv2SwEDz534BT0xVoMwg0nX9nw+DgwGI7UzuvgvaU6Mv/VVO
Xs/DxEIBSntkTO/y+VrU12L426Z9KnCKl+HfcVql2vViWnfN9cxQAiZBYmFPUTif
RfxOLHCn/R1l3argVXQYtbp6YJ1JcLi6b6o1RqACXVPxXSSLKtR3dzvB5K+sPHat
qnhfR2vo6BW6PtMUz4sl1wClGSqZUgrhOPe+wWv3UVZ5RwJXQM8qDGftBjcCMF76
1JgP7S9i62trzzflnv47FNRMHE2cs6wHmDqVAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUQdCxR2FTNfadQOQcom6dQ4KV0lYwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1FkQ3hSMkZUTmZhZFFP
UWNvbTZkUTRLVjBsWS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAIjvYZt2OH4+KXoIyz/hKuJVta4Y1+5j
5AqOYAOPZQN9JSIeFEfg0aiNANhL3+sDc9TvkFTF/Zu0zuIj4nmtDPS/e9ZWzuNs
GfzXz9+Pd8R8X9rc+oykjaa4vMUC0dXLY9Fz9aXYsbEwKz2Otq9kfz0DbLUeulHv
yRHuZ/9VjY5iQmQttVjjUja3M9nx7Akk4mMru6jRpTM6g1wqUCyw1ysI/FgXqk9u
NbU1KpnmoQlB/KK7IiGdVwQkLMbQ/7PI9lxGVQs5mFENDoYVXtwCcswTwQK8NMtW
lx9/HItSPUnxwWf7PMcc8o5zl2CN2lSofcAGSTYyy4vYID6ckvh8xqE=
-----END CERTIFICATE-----
Generated at Wed Apr 17 04:19:29 2024 by rpki-client on console.sobornost.net