Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/SzSwKeulsXTTWYZ_9x0epthwcz8.roa
File: SzSwKeulsXTTWYZ_9x0epthwcz8.roa (raw, json)
Hash identifier: iWVfLL2FGCQbsVkZaTAkDrBaYMDXZH65G8c8twJOPW0=
Subject key identifier: 4B:34:B0:29:EB:A5:B1:74:D3:59:86:7F:F7:1D:1E:A6:D8:70:73:3F
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 5363
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/SzSwKeulsXTTWYZ_9x0epthwcz8.roa
Signing time: Thu 09 May 2024 18:23:59 +0000
ROA not before: Thu 09 May 2024 18:23:59 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21347 (0x5363)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 9 18:23:59 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=4B34B029EBA5B174D359867FF71D1EA6D870733F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:b4:e6:3b:ca:e9:a7:02:88:e3:a9:3c:a0:c1:
10:3c:55:e6:5e:3a:5a:14:59:46:84:8c:ef:67:3b:
17:6c:9b:55:44:fb:77:b7:7c:21:66:00:28:5f:8f:
4f:ec:cc:8d:7b:05:d9:6e:73:4d:89:85:40:7d:f4:
9e:79:0a:63:22:2e:06:49:97:ae:5f:ea:2b:ea:b2:
f4:5b:68:5a:fe:b9:16:20:0e:f3:6c:ba:6b:54:9d:
cf:66:37:0c:5d:17:07:78:93:34:c5:d7:be:b0:62:
c4:31:b2:bb:45:b5:89:c5:90:ab:ae:22:d5:5c:0d:
f4:76:e0:5a:87:96:38:1f:34:12:55:0e:58:82:0c:
80:11:ac:ea:36:62:a2:98:b8:6c:1e:30:28:aa:1d:
3b:3e:6f:95:8b:1b:a8:d7:55:64:40:e1:c7:ab:29:
6e:72:34:0a:83:a7:f9:84:ad:6b:36:22:cf:87:57:
d3:dc:6e:f7:1e:52:d7:d3:2c:2f:38:3e:42:1c:6e:
89:5d:89:81:9b:4f:68:bc:d2:19:66:26:52:3d:40:
03:3d:57:87:a1:cf:c2:8c:78:07:b8:25:1a:0b:55:
67:7f:fa:ae:f5:99:b6:71:41:bc:e8:f8:23:85:58:
96:c8:ea:0f:ef:3d:7f:1e:3e:ff:88:44:a3:d5:5c:
39:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:34:B0:29:EB:A5:B1:74:D3:59:86:7F:F7:1D:1E:A6:D8:70:73:3F
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/SzSwKeulsXTTWYZ_9x0epthwcz8.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
27:c2:3f:3b:8c:6e:fc:df:42:ab:78:6b:7e:d3:74:79:a9:7d:
37:9a:4c:c0:a4:99:bd:32:04:4e:38:fb:2b:6c:dc:c9:e6:fe:
c6:c8:0e:6a:4d:1b:cd:60:17:0a:cb:a4:a0:bb:13:d1:c1:0e:
c0:88:3c:25:96:a1:42:67:cc:ad:02:d3:cf:ed:0b:f5:d4:a2:
ef:d7:5b:60:01:3f:48:8b:1e:b0:e9:55:9e:2c:fb:4b:38:fd:
6c:44:90:19:4a:78:73:a0:84:86:45:66:41:ff:b5:ff:b0:4f:
29:21:20:6a:c9:ff:45:5b:dd:0a:61:15:68:3c:74:d8:d0:14:
18:24:af:c6:64:25:67:d3:9e:e9:95:41:74:61:98:6d:5a:2d:
8f:a8:90:6c:92:da:64:31:d8:3d:9f:b8:fd:8d:80:d0:3b:a6:
29:2b:12:21:a7:e6:fc:31:e2:51:08:3a:3d:1a:74:78:f3:cf:
c3:d0:5a:55:e8:6e:9e:df:72:cf:85:4c:8b:6d:1d:b9:67:0e:
7c:d6:d2:a8:6d:61:6b:76:60:79:4a:b1:e0:5c:bf:f2:35:db:
3f:a4:fc:cb:57:4d:94:94:0c:77:fa:8c:f1:c8:3d:ba:8b:92:
fa:7a:a3:db:64:a8:a1:a4:f4:b3:92:8f:ad:51:22:54:da:a1:
8f:7f:b3:bd
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICU2MwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDkx
ODIzNTlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDRCMzRCMDI5RUJBNUIx
NzREMzU5ODY3RkY3MUQxRUE2RDg3MDczM0YwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDStOY7yumnAojjqTygwRA8VeZeOloUWUaEjO9nOxdsm1VE+3e3
fCFmAChfj0/szI17Bdluc02JhUB99J55CmMiLgZJl65f6ivqsvRbaFr+uRYgDvNs
umtUnc9mNwxdFwd4kzTF176wYsQxsrtFtYnFkKuuItVcDfR24FqHljgfNBJVDliC
DIARrOo2YqKYuGweMCiqHTs+b5WLG6jXVWRA4cerKW5yNAqDp/mErWs2Is+HV9Pc
bvceUtfTLC84PkIcboldiYGbT2i80hlmJlI9QAM9V4ehz8KMeAe4JRoLVWd/+q71
mbZxQbzo+COFWJbI6g/vPX8ePv+IRKPVXDnxAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUSzSwKeulsXTTWYZ/9x0epthwcz8wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1N6U3dLZXVsc1hUVFdZ
Wl85eDBlcHRod2N6OC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBACfCPzuMbvzfQqt4a37TdHmpfTeaTMCk
mb0yBE44+yts3Mnm/sbIDmpNG81gFwrLpKC7E9HBDsCIPCWWoUJnzK0C08/tC/XU
ou/XW2ABP0iLHrDpVZ4s+0s4/WxEkBlKeHOghIZFZkH/tf+wTykhIGrJ/0Vb3Qph
FWg8dNjQFBgkr8ZkJWfTnumVQXRhmG1aLY+okGyS2mQx2D2fuP2NgNA7pikrEiGn
5vwx4lEIOj0adHjzz8PQWlXobp7fcs+FTIttHblnDnzW0qhtYWt2YHlKseBcv/I1
2z+k/MtXTZSUDHf6jPHIPbqLkvp6o9tkqKGk9LOSj61RIlTaoY9/s70=
-----END CERTIFICATE-----
Generated at Fri May 10 00:19:25 2024 by rpki-client on console.sobornost.net