Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/TS6FHs0RtELcvN4gZz6lM06OVik.roa
File: TS6FHs0RtELcvN4gZz6lM06OVik.roa (raw, json)
Hash identifier: BZJqO17iA+JQmjOHJEy0nzTpvzY3PfcMEcdFsHUzrpY=
Subject key identifier: 4D:2E:85:1E:CD:11:B4:42:DC:BC:DE:20:67:3E:A5:33:4E:8E:56:29
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4C0B
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/TS6FHs0RtELcvN4gZz6lM06OVik.roa
Signing time: Mon 29 Apr 2024 23:23:54 +0000
ROA not before: Mon 29 Apr 2024 23:23:54 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 19467 (0x4c0b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 29 23:23:54 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=4D2E851ECD11B442DCBCDE20673EA5334E8E5629
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:a7:0a:22:fb:f7:54:2f:16:05:b9:b3:b3:33:
c6:89:ff:19:9d:fd:ed:59:12:61:20:ba:a9:e9:26:
41:f2:78:10:ad:e6:c1:b6:d8:1e:08:43:3f:ca:3d:
d2:ee:22:b1:78:74:f2:eb:0d:73:34:ab:38:b3:28:
9b:7b:1f:e4:9f:84:6d:7b:5e:e9:87:ca:ab:1d:b9:
3f:a7:ba:ae:12:cb:d8:43:13:36:46:3a:bd:b3:d8:
fb:3b:18:bd:9f:f4:38:80:7a:63:43:60:00:b6:4d:
aa:3e:04:4b:67:8c:83:e1:31:b1:92:59:19:ba:7f:
08:99:e6:19:9d:2d:ef:a0:2d:9a:77:38:fd:5a:64:
42:fb:3f:26:3e:c6:6e:84:eb:9a:e4:d8:23:14:7c:
2b:4b:0b:59:31:2f:48:6d:42:c4:33:71:bf:15:f4:
c0:9d:a0:08:61:85:99:52:7e:8b:b6:0b:b6:12:3d:
5a:f6:8f:47:39:92:9f:10:54:b3:2d:9b:f1:91:12:
b3:90:12:e3:ff:9c:49:81:2a:45:47:01:0d:9f:da:
78:78:5c:0f:d1:af:69:a6:d5:aa:b8:09:fd:17:c9:
00:8b:a4:a3:15:48:b8:4c:27:5f:36:35:1c:78:06:
df:f9:92:0f:07:51:93:c2:2e:34:cf:9c:92:07:82:
0d:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:2E:85:1E:CD:11:B4:42:DC:BC:DE:20:67:3E:A5:33:4E:8E:56:29
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/TS6FHs0RtELcvN4gZz6lM06OVik.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
5c:40:36:8b:19:1c:df:a9:75:0a:00:39:b3:2a:d9:49:2b:09:
b2:80:9d:2a:bc:85:94:b2:4a:6e:22:f8:72:b9:3d:7f:94:35:
c6:fa:d6:98:5e:36:9b:b0:fe:a4:fd:fb:8d:e4:01:ac:41:7c:
69:9c:0e:1b:07:1e:5a:b0:f1:7b:98:af:61:b0:09:6c:68:84:
c6:c3:56:f6:c9:f7:a0:8a:cc:33:54:d2:fa:28:e2:db:94:d2:
ae:bb:f1:95:0a:c1:74:69:4c:fe:d9:ba:71:81:40:39:4d:d5:
56:67:4b:25:05:5f:2a:48:ae:62:5e:29:11:f1:3c:4b:b6:19:
5a:7b:eb:85:e9:05:84:49:20:35:78:db:50:16:46:65:62:f5:
55:ea:38:6a:1b:2b:e7:5a:c6:15:fa:25:bd:50:b0:37:53:d9:
94:6d:a8:ed:95:64:9b:18:10:80:b5:d7:3c:fb:d5:c9:aa:7c:
e5:dd:ff:d3:d0:a4:de:93:d8:06:d4:5b:d3:a4:a8:d3:5a:ff:
a3:32:62:69:a8:d2:d7:8a:e4:fe:eb:c9:df:6a:43:40:cd:d4:
88:e4:33:db:36:12:8e:ad:7e:3f:a5:41:d1:c4:c8:e2:da:f9:
d8:2e:0a:d1:c0:73:7d:db:3d:ed:3a:5f:b5:e9:ef:b8:3c:1a:
c7:fd:9c:32
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICTAswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0Mjky
MzIzNTRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDREMkU4NTFFQ0QxMUI0
NDJEQ0JDREUyMDY3M0VBNTMzNEU4RTU2MjkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCrpwoi+/dULxYFubOzM8aJ/xmd/e1ZEmEguqnpJkHyeBCt5sG2
2B4IQz/KPdLuIrF4dPLrDXM0qzizKJt7H+SfhG17XumHyqsduT+nuq4Sy9hDEzZG
Or2z2Ps7GL2f9DiAemNDYAC2Tao+BEtnjIPhMbGSWRm6fwiZ5hmdLe+gLZp3OP1a
ZEL7PyY+xm6E65rk2CMUfCtLC1kxL0htQsQzcb8V9MCdoAhhhZlSfou2C7YSPVr2
j0c5kp8QVLMtm/GRErOQEuP/nEmBKkVHAQ2f2nh4XA/Rr2mm1aq4Cf0XyQCLpKMV
SLhMJ182NRx4Bt/5kg8HUZPCLjTPnJIHgg2ZAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUTS6FHs0RtELcvN4gZz6lM06OVikwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1RTNkZIczBSdEVMY3ZO
NGdaejZsTTA2T1Zpay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAFxANosZHN+pdQoAObMq2UkrCbKAnSq8
hZSySm4i+HK5PX+UNcb61pheNpuw/qT9+43kAaxBfGmcDhsHHlqw8XuYr2GwCWxo
hMbDVvbJ96CKzDNU0voo4tuU0q678ZUKwXRpTP7ZunGBQDlN1VZnSyUFXypIrmJe
KRHxPEu2GVp764XpBYRJIDV421AWRmVi9VXqOGobK+daxhX6Jb1QsDdT2ZRtqO2V
ZJsYEIC11zz71cmqfOXd/9PQpN6T2AbUW9OkqNNa/6MyYmmo0teK5P7ryd9qQ0DN
1IjkM9s2Eo6tfj+lQdHEyOLa+dguCtHAc33bPe06X7Xp77g8Gsf9nDI=
-----END CERTIFICATE-----
Generated at Tue Apr 30 04:46:15 2024 by rpki-client on console.sobornost.net