Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/UDCEVqIinTowJpEl5s5iIY_AYns.roa
File: UDCEVqIinTowJpEl5s5iIY_AYns.roa (raw, json)
Hash identifier: 5hIpieKsLWtzbKgqO5Qe8pRUdMZzqqQEBBoCJWlFccs=
Subject key identifier: 50:30:84:56:A2:22:9D:3A:30:26:91:25:E6:CE:62:21:8F:C0:62:7B
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 383B
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/UDCEVqIinTowJpEl5s5iIY_AYns.roa
Signing time: Wed 03 Apr 2024 13:22:19 +0000
ROA not before: Wed 03 Apr 2024 13:22:19 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14395 (0x383b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 3 13:22:19 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=50308456A2229D3A30269125E6CE62218FC0627B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:89:02:6c:49:dc:4b:97:93:0f:da:d7:86:6a:
f0:6e:6d:cc:e1:f7:d2:d9:ef:f2:7a:4a:36:f7:d1:
13:97:8f:3a:95:f5:b6:ab:9c:27:01:4e:19:e3:49:
3c:0a:03:7c:9f:a0:95:ba:47:48:b6:2a:fc:3a:1d:
f4:7e:ec:a2:5a:a5:22:5a:fe:5f:d1:a1:1f:f0:8e:
8d:07:ac:e5:6e:3e:0d:22:38:e5:db:08:a5:b5:49:
91:0a:80:b3:42:64:3e:75:87:67:0a:d9:16:b0:d3:
e8:97:72:d3:49:fd:fe:54:96:96:f5:ad:d8:cd:b6:
38:ae:3a:1c:69:8a:fe:9c:02:98:6a:57:8b:bc:df:
94:db:04:48:e0:5f:bd:c7:92:49:57:3f:ca:0b:e2:
86:ab:ab:9c:53:70:76:9f:10:3a:46:e5:47:c4:61:
45:6d:23:a1:83:f8:09:b5:43:5d:cc:06:8c:c1:18:
22:a9:38:3c:ff:d1:e3:7f:5b:1e:28:4d:02:3d:88:
05:7c:6f:b9:13:cb:8d:4b:92:10:13:50:6c:8b:45:
12:c8:94:09:0c:d9:ac:ea:6c:a2:b8:ce:37:f9:36:
5d:89:54:be:77:4e:38:1a:64:da:53:64:06:42:07:
6a:dd:ec:83:66:a0:23:9f:3f:72:84:f1:20:a7:e8:
1a:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:30:84:56:A2:22:9D:3A:30:26:91:25:E6:CE:62:21:8F:C0:62:7B
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/UDCEVqIinTowJpEl5s5iIY_AYns.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
6f:8a:9f:ee:19:e8:76:5f:42:f8:05:b0:0e:fd:87:f6:9a:3a:
ec:73:43:ca:f6:01:4f:fb:28:1f:00:81:1e:76:47:44:f5:f5:
b9:87:c4:af:01:53:26:1d:8f:3c:cb:20:55:49:8c:3d:09:b5:
17:b4:47:d0:0b:8b:3b:6b:b4:83:1c:ea:75:8a:0d:10:a8:87:
93:d6:22:dc:b0:ed:c7:24:e9:95:5d:92:44:37:a2:22:c3:19:
02:d4:40:20:82:f3:89:80:5a:51:70:51:9b:0b:a9:0a:46:47:
b9:36:39:1d:42:b9:eb:35:19:3c:08:49:71:b7:7e:27:d7:e4:
8b:eb:51:a8:8f:70:48:cc:d0:56:26:b2:9e:5b:bd:b6:32:6a:
6d:cf:f7:7a:20:25:18:cc:75:b5:ec:5a:b2:fa:89:e6:c7:91:
5d:26:b8:84:52:52:5a:51:6e:24:bd:bf:97:28:68:72:c9:05:
1e:d1:9a:bf:e9:8a:16:c3:5b:9c:12:0a:63:f2:3b:42:f8:de:
bf:5e:ee:2e:40:09:56:ec:fa:85:52:bf:f7:6b:e4:f2:64:c0:
ba:ee:81:60:cd:45:12:6f:0e:69:43:5b:96:59:4c:64:97:b2:
44:11:36:e5:2d:53:fd:c6:b4:24:62:fe:0a:39:dd:e9:cd:5c:
29:51:6e:aa
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICODswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDMx
MzIyMTlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDUwMzA4NDU2QTIyMjlE
M0EzMDI2OTEyNUU2Q0U2MjIxOEZDMDYyN0IwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDQiQJsSdxLl5MP2teGavBubczh99LZ7/J6Sjb30ROXjzqV9bar
nCcBThnjSTwKA3yfoJW6R0i2Kvw6HfR+7KJapSJa/l/RoR/wjo0HrOVuPg0iOOXb
CKW1SZEKgLNCZD51h2cK2Raw0+iXctNJ/f5Ulpb1rdjNtjiuOhxpiv6cAphqV4u8
35TbBEjgX73HkklXP8oL4oarq5xTcHafEDpG5UfEYUVtI6GD+Am1Q13MBozBGCKp
ODz/0eN/Wx4oTQI9iAV8b7kTy41LkhATUGyLRRLIlAkM2azqbKK4zjf5Nl2JVL53
TjgaZNpTZAZCB2rd7INmoCOfP3KE8SCn6BqtAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUUDCEVqIinTowJpEl5s5iIY/AYnswHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1VEQ0VWcUlpblRvd0pw
RWw1czVpSVlfQVlucy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAG+Kn+4Z6HZfQvgFsA79h/aaOuxzQ8r2
AU/7KB8AgR52R0T19bmHxK8BUyYdjzzLIFVJjD0JtRe0R9ALiztrtIMc6nWKDRCo
h5PWItyw7cck6ZVdkkQ3oiLDGQLUQCCC84mAWlFwUZsLqQpGR7k2OR1Cues1GTwI
SXG3fifX5IvrUaiPcEjM0FYmsp5bvbYyam3P93ogJRjMdbXsWrL6iebHkV0muIRS
UlpRbiS9v5coaHLJBR7Rmr/pihbDW5wSCmPyO0L43r9e7i5ACVbs+oVSv/dr5PJk
wLrugWDNRRJvDmlDW5ZZTGSXskQRNuUtU/3GtCRi/go53enNXClRbqo=
-----END CERTIFICATE-----
Generated at Wed Apr 3 20:02:37 2024 by rpki-client on console.sobornost.net