Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/TihYeXX69soYYWyPPu2Vf2hiWGM.roa
File: TihYeXX69soYYWyPPu2Vf2hiWGM.roa (raw, json)
Hash identifier: 20GX3HSz/ZZL+2VO2sNlDFQn4J2T4/Mekczocry1W+8=
Subject key identifier: 4E:28:58:79:75:FA:F6:CA:18:61:6C:8F:3E:ED:95:7F:68:62:58:63
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3873
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/TihYeXX69soYYWyPPu2Vf2hiWGM.roa
Signing time: Wed 03 Apr 2024 20:22:23 +0000
ROA not before: Wed 03 Apr 2024 20:22:23 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14451 (0x3873)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 3 20:22:23 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=4E28587975FAF6CA18616C8F3EED957F68625863
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:b5:ab:65:dd:d0:e3:da:55:77:14:af:0b:b0:
ce:de:e6:a6:d0:ef:c9:a8:2e:08:c0:eb:9b:0a:5c:
ad:a1:f2:11:89:85:7f:b1:c8:81:21:ed:00:1a:e4:
7f:da:3c:b9:2f:bc:19:aa:2c:4d:3c:ed:cd:56:7a:
64:d1:96:55:7f:b7:49:53:60:cb:5a:2b:cc:47:29:
1a:c3:da:d9:e7:1c:0e:22:b2:ae:02:59:c2:e0:f8:
13:51:fd:f5:62:6b:1a:60:3c:d0:83:60:bf:e8:56:
7d:0f:67:fc:19:c6:ed:f8:fd:dd:89:e3:72:b9:db:
a0:99:59:c1:70:16:91:fd:62:69:b9:e7:18:d4:91:
a8:3e:26:23:58:fe:5b:85:7d:a4:ca:7d:b1:48:d3:
b2:4c:ee:94:79:e3:c5:d5:04:2e:91:ff:98:6c:05:
e2:37:06:6d:58:83:2d:1f:8c:9e:31:0e:39:f5:f0:
b3:39:33:a8:83:92:7c:fd:db:9b:4c:27:d4:7e:32:
64:f8:d6:5a:f9:7e:ee:43:74:74:bb:c1:c5:fd:22:
31:1c:15:d8:c6:05:f8:32:4c:ae:6b:9e:e6:18:c5:
08:bc:8f:76:fc:e1:ce:24:73:84:46:1f:c8:87:f5:
cf:6f:5c:12:a7:ce:92:d7:2b:07:f0:8d:76:94:d6:
2d:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:28:58:79:75:FA:F6:CA:18:61:6C:8F:3E:ED:95:7F:68:62:58:63
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/TihYeXX69soYYWyPPu2Vf2hiWGM.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
2a:21:a7:21:a2:ee:50:05:98:c2:c6:34:a7:66:a6:a2:95:bb:
f0:16:42:9f:ac:c6:ae:06:7c:5e:34:6b:8b:e1:5c:71:3a:51:
77:7f:5f:ae:92:8e:df:be:fc:f1:81:d8:c7:3d:ee:60:75:27:
3a:75:24:54:c8:ae:75:43:03:5d:62:0e:cb:1b:f3:a2:d2:50:
98:5c:2a:ac:a0:00:8d:62:92:c5:26:4a:1a:0c:32:69:34:89:
66:da:72:ab:ee:6a:26:7d:44:9a:af:73:cc:9c:c8:c0:23:99:
bc:10:d6:ae:eb:3e:04:24:f1:f7:56:85:c6:f0:01:e8:ed:61:
70:3c:cc:36:fa:06:aa:0c:01:79:ee:c2:bf:f6:c2:2e:15:72:
3e:b0:3a:8d:39:6d:18:77:e0:f8:60:4b:0c:b2:c2:2d:7c:87:
88:c4:f8:91:5c:7f:4a:94:d5:16:ea:bb:63:c9:f9:dd:c6:31:
13:ae:d4:a3:e4:50:b7:3c:4b:d9:86:d8:c5:45:8c:4b:e5:68:
01:51:4e:75:3a:7a:0f:4f:ad:c6:78:10:49:3c:6d:65:e8:e3:
a5:60:64:d0:fd:a9:92:dc:f3:ee:80:1f:b5:4e:72:60:4e:be:
06:b9:19:93:e0:35:a5:82:15:c5:16:ea:fc:46:d9:83:87:81:
a4:8a:7a:86
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICOHMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDMy
MDIyMjNaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDRFMjg1ODc5NzVGQUY2
Q0ExODYxNkM4RjNFRUQ5NTdGNjg2MjU4NjMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCjtatl3dDj2lV3FK8LsM7e5qbQ78moLgjA65sKXK2h8hGJhX+x
yIEh7QAa5H/aPLkvvBmqLE087c1WemTRllV/t0lTYMtaK8xHKRrD2tnnHA4isq4C
WcLg+BNR/fViaxpgPNCDYL/oVn0PZ/wZxu34/d2J43K526CZWcFwFpH9Ymm55xjU
kag+JiNY/luFfaTKfbFI07JM7pR548XVBC6R/5hsBeI3Bm1Ygy0fjJ4xDjn18LM5
M6iDknz925tMJ9R+MmT41lr5fu5DdHS7wcX9IjEcFdjGBfgyTK5rnuYYxQi8j3b8
4c4kc4RGH8iH9c9vXBKnzpLXKwfwjXaU1i2jAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUTihYeXX69soYYWyPPu2Vf2hiWGMwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1RpaFllWFg2OXNvWVlX
eVBQdTJWZjJoaVdHTS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBACohpyGi7lAFmMLGNKdmpqKVu/AWQp+s
xq4GfF40a4vhXHE6UXd/X66Sjt++/PGB2Mc97mB1Jzp1JFTIrnVDA11iDssb86LS
UJhcKqygAI1iksUmShoMMmk0iWbacqvuaiZ9RJqvc8ycyMAjmbwQ1q7rPgQk8fdW
hcbwAejtYXA8zDb6BqoMAXnuwr/2wi4Vcj6wOo05bRh34PhgSwyywi18h4jE+JFc
f0qU1Rbqu2PJ+d3GMROu1KPkULc8S9mG2MVFjEvlaAFRTnU6eg9PrcZ4EEk8bWXo
46VgZND9qZLc8+6AH7VOcmBOvga5GZPgNaWCFcUW6vxG2YOHgaSKeoY=
-----END CERTIFICATE-----
Generated at Thu Apr 4 04:53:47 2024 by rpki-client on console.sobornost.net