Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/RmG11t8vqe3zhd0pDbnuT4l99UM.roa
File: RmG11t8vqe3zhd0pDbnuT4l99UM.roa (raw, json)
Hash identifier: tJWihA7hgWsra7tLy6yaWP7gw9og37FWB6kni/u3uhc=
Subject key identifier: 46:61:B5:D6:DF:2F:A9:ED:F3:85:DD:29:0D:B9:EE:4F:89:7D:F5:43
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 568F
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/RmG11t8vqe3zhd0pDbnuT4l99UM.roa
Signing time: Mon 13 May 2024 23:54:19 +0000
ROA not before: Mon 13 May 2024 23:54:19 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 22159 (0x568f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 13 23:54:19 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=4661B5D6DF2FA9EDF385DD290DB9EE4F897DF543
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:28:a6:6b:33:b9:c7:ed:ed:69:0d:ee:1b:09:
e4:25:81:4a:e8:bf:02:c9:ee:ba:e5:6f:81:5e:e1:
d7:7f:96:c7:4e:b3:96:5c:40:dc:a5:11:24:78:13:
f7:38:e2:1c:87:58:95:13:5c:a3:3a:b1:6f:61:b0:
6a:ee:37:2f:09:c1:de:62:a5:9a:2a:32:3f:17:ce:
d5:ab:d6:f8:b9:94:83:33:b9:73:30:17:54:2d:f8:
8a:72:21:fa:c7:5d:47:fa:c7:4e:18:43:81:5d:d2:
5e:b5:82:d7:45:fd:41:c1:d8:4d:69:ea:d0:29:b0:
57:c6:85:57:2c:60:92:06:f5:06:ed:6e:42:52:cf:
a9:c4:3f:b3:0e:f3:7d:23:da:78:7b:f6:a6:df:b8:
4d:df:7c:06:b4:6e:16:77:09:fc:0d:a1:58:4d:ec:
88:33:9f:bf:59:c1:13:db:72:23:0c:d7:af:6d:b7:
ea:30:d0:6d:96:ac:b5:39:aa:a9:b9:bd:c1:3b:51:
25:a2:17:23:da:be:1c:e7:6a:91:15:d1:87:86:6b:
d9:56:c8:8c:7c:1b:dd:7b:e0:26:05:98:19:bc:27:
69:06:ac:7d:3f:9e:a2:3e:61:d3:36:74:c0:1b:eb:
3f:95:ad:68:e9:1b:b0:ee:b8:0f:55:29:c8:11:94:
f1:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:61:B5:D6:DF:2F:A9:ED:F3:85:DD:29:0D:B9:EE:4F:89:7D:F5:43
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/RmG11t8vqe3zhd0pDbnuT4l99UM.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
76:5e:62:27:1f:25:8f:ec:1e:90:5c:65:06:4e:dc:69:92:83:
db:37:7b:db:05:dd:9e:fc:15:43:78:c4:23:54:ef:89:44:82:
bd:52:26:16:ad:0e:89:c7:67:fe:e3:a6:18:90:72:1d:5f:b3:
92:31:bd:58:1a:1d:07:46:20:06:2b:1c:78:13:11:aa:5e:a8:
df:6e:e0:3d:6a:09:44:b7:f6:f8:48:cc:83:07:d4:7e:dd:df:
49:50:1b:40:88:51:b7:ac:0f:d3:e1:eb:7c:e5:b3:54:01:87:
65:4e:ae:a1:72:34:df:46:d7:11:51:ca:38:5a:44:c8:10:ad:
1b:6d:b5:4f:4b:a6:52:e0:9c:7d:32:9d:dc:a8:54:98:bc:b5:
44:59:df:06:a7:ba:8f:8d:75:0a:87:12:c2:5c:c5:31:92:59:
94:7a:88:28:11:c1:39:99:bc:a2:de:3e:ce:bf:17:f5:ff:c9:
d8:72:6d:a8:9f:c0:fb:91:2b:67:8e:63:b1:62:28:64:47:ae:
c9:e1:7c:00:ca:ca:0f:cd:98:f8:a4:81:48:a0:55:9d:72:78:
f0:63:49:33:9e:87:2e:04:76:6f:fe:ed:19:8e:dc:94:95:f6:
92:3d:50:e5:0d:d9:d0:67:17:a8:38:80:fb:86:91:0b:f8:b9:
9f:fc:8e:4a
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICVo8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MTMy
MzU0MTlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDQ2NjFCNUQ2REYyRkE5
RURGMzg1REQyOTBEQjlFRTRGODk3REY1NDMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCbKKZrM7nH7e1pDe4bCeQlgUrovwLJ7rrlb4Fe4dd/lsdOs5Zc
QNylESR4E/c44hyHWJUTXKM6sW9hsGruNy8Jwd5ipZoqMj8XztWr1vi5lIMzuXMw
F1Qt+IpyIfrHXUf6x04YQ4Fd0l61gtdF/UHB2E1p6tApsFfGhVcsYJIG9QbtbkJS
z6nEP7MO830j2nh79qbfuE3ffAa0bhZ3CfwNoVhN7Igzn79ZwRPbciMM169tt+ow
0G2WrLU5qqm5vcE7USWiFyPavhznapEV0YeGa9lWyIx8G9174CYFmBm8J2kGrH0/
nqI+YdM2dMAb6z+VrWjpG7DuuA9VKcgRlPH1AgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQURmG11t8vqe3zhd0pDbnuT4l99UMwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1JtRzExdDh2cWUzemhk
MHBEYm51VDRsOTlVTS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAHZeYicfJY/sHpBcZQZO3GmSg9s3e9sF
3Z78FUN4xCNU74lEgr1SJhatDonHZ/7jphiQch1fs5IxvVgaHQdGIAYrHHgTEape
qN9u4D1qCUS39vhIzIMH1H7d30lQG0CIUbesD9Ph63zls1QBh2VOrqFyNN9G1xFR
yjhaRMgQrRtttU9LplLgnH0yndyoVJi8tURZ3wanuo+NdQqHEsJcxTGSWZR6iCgR
wTmZvKLePs6/F/X/ydhybaifwPuRK2eOY7FiKGRHrsnhfADKyg/NmPikgUigVZ1y
ePBjSTOehy4Edm/+7RmO3JSV9pI9UOUN2dBnF6g4gPuGkQv4uZ/8jko=
-----END CERTIFICATE-----
Generated at Tue May 14 04:12:07 2024 by rpki-client on console.sobornost.net