Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/R2-0wsdHDlug1Ir3km6h3IjPVHM.roa
File: R2-0wsdHDlug1Ir3km6h3IjPVHM.roa (raw, json)
Hash identifier: 0CStltIwfPVaJS4Xqoe/if6ttbDqAGCNjgGBfr9cv9g=
Subject key identifier: 47:6F:B4:C2:C7:47:0E:5B:A0:D4:8A:F7:92:6E:A1:DC:88:CF:54:73
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4DDF
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/R2-0wsdHDlug1Ir3km6h3IjPVHM.roa
Signing time: Thu 02 May 2024 09:53:41 +0000
ROA not before: Thu 02 May 2024 09:53:41 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 19935 (0x4ddf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 2 09:53:41 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=476FB4C2C7470E5BA0D48AF7926EA1DC88CF5473
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:7a:ab:f4:26:37:d7:c8:b2:b7:ec:19:93:95:
e8:98:2f:19:24:f1:eb:78:96:cf:55:54:84:10:7f:
1c:87:d5:a4:df:44:62:ec:f1:aa:92:68:ba:fc:58:
a5:3c:58:df:d8:9d:fd:1e:c2:13:03:87:05:5c:bd:
72:a7:a1:86:d0:d4:80:dc:7e:84:35:22:82:eb:49:
10:8c:5f:54:ff:28:e1:e9:27:e6:c2:ac:3d:ea:05:
83:49:6e:e5:d2:91:b2:35:bd:f3:27:4c:a5:99:38:
04:a5:27:63:71:d4:dd:36:30:3c:78:08:80:48:03:
5d:0d:43:40:73:0e:17:ef:90:6e:27:15:e7:5a:da:
d0:ba:aa:bb:95:c3:f3:d6:94:ab:60:77:58:96:4c:
3b:71:16:d7:62:c5:30:fe:66:a8:0a:8a:ff:44:54:
ff:04:19:c8:05:3c:a8:03:8c:61:94:6c:28:62:e4:
e4:72:88:b8:94:86:97:51:da:94:e3:2e:9f:03:86:
90:51:a5:38:d6:17:c2:89:95:53:86:f4:89:07:9f:
6c:cd:79:54:14:2a:f9:a8:6b:ba:6b:f2:e5:6a:d8:
be:da:82:ea:fd:80:aa:98:d6:d8:5f:eb:40:ef:8c:
ab:46:87:ee:15:0a:97:26:bb:f1:16:7b:82:3a:34:
b5:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:6F:B4:C2:C7:47:0E:5B:A0:D4:8A:F7:92:6E:A1:DC:88:CF:54:73
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/R2-0wsdHDlug1Ir3km6h3IjPVHM.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
54:4e:85:b0:ba:4b:03:f2:cc:34:31:07:81:17:d7:d6:a0:c6:
56:32:9e:95:46:c7:50:50:e6:ff:40:a9:23:0d:bc:50:f5:5c:
8c:f0:85:92:dd:9c:6e:f7:d3:79:8a:42:88:a6:20:a0:82:53:
ed:b3:9d:41:d7:69:ee:46:76:5a:05:6c:5f:e9:11:3a:d1:2a:
c9:d1:52:e3:b4:f3:18:35:81:b2:6e:64:b8:b8:d3:09:e8:e3:
c4:fe:d3:41:8c:8d:85:65:7e:62:0b:be:dd:c0:72:72:f7:c7:
f5:89:2b:e7:27:44:14:4c:30:66:99:d8:42:82:9a:15:d1:27:
d4:f7:57:16:b0:80:f6:55:84:a1:0c:e8:a8:a0:6e:e6:04:db:
a6:6a:83:75:5a:41:47:c6:ea:27:30:c8:90:eb:e7:80:ba:6e:
33:15:97:aa:e0:8c:98:f4:6b:d0:81:05:4a:b9:ed:f7:bf:d4:
60:20:54:a6:e4:b8:f0:91:71:07:ff:9e:fb:07:f0:3a:91:19:
34:3e:ab:08:fb:3d:27:00:ad:f2:b4:a6:0f:e3:87:1f:1f:af:
59:d0:8b:fe:3f:b8:e1:4b:e3:e1:13:e3:03:f8:76:86:a1:89:
af:2f:c4:c9:1f:e0:4f:df:d2:c7:d3:27:7b:57:14:37:fc:4c:
e7:c2:60:f3
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICTd8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDIw
OTUzNDFaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDQ3NkZCNEMyQzc0NzBF
NUJBMEQ0OEFGNzkyNkVBMURDODhDRjU0NzMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC9eqv0JjfXyLK37BmTleiYLxkk8et4ls9VVIQQfxyH1aTfRGLs
8aqSaLr8WKU8WN/Ynf0ewhMDhwVcvXKnoYbQ1IDcfoQ1IoLrSRCMX1T/KOHpJ+bC
rD3qBYNJbuXSkbI1vfMnTKWZOASlJ2Nx1N02MDx4CIBIA10NQ0BzDhfvkG4nFeda
2tC6qruVw/PWlKtgd1iWTDtxFtdixTD+ZqgKiv9EVP8EGcgFPKgDjGGUbChi5ORy
iLiUhpdR2pTjLp8DhpBRpTjWF8KJlVOG9IkHn2zNeVQUKvmoa7pr8uVq2L7agur9
gKqY1thf60DvjKtGh+4VCpcmu/EWe4I6NLW9AgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUR2+0wsdHDlug1Ir3km6h3IjPVHMwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1IyLTB3c2RIRGx1ZzFJ
cjNrbTZoM0lqUFZITS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAFROhbC6SwPyzDQxB4EX19agxlYynpVG
x1BQ5v9AqSMNvFD1XIzwhZLdnG7303mKQoimIKCCU+2znUHXae5GdloFbF/pETrR
KsnRUuO08xg1gbJuZLi40wno48T+00GMjYVlfmILvt3AcnL3x/WJK+cnRBRMMGaZ
2EKCmhXRJ9T3VxawgPZVhKEM6KigbuYE26Zqg3VaQUfG6icwyJDr54C6bjMVl6rg
jJj0a9CBBUq57fe/1GAgVKbkuPCRcQf/nvsH8DqRGTQ+qwj7PScArfK0pg/jhx8f
r1nQi/4/uOFL4+ET4wP4doahia8vxMkf4E/f0sfTJ3tXFDf8TOfCYPM=
-----END CERTIFICATE-----
Generated at Thu May 2 13:57:27 2024 by rpki-client on console.sobornost.net