Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/ULBhZOWfJTPyifLhI1KDKqAPhjM.roa
File: ULBhZOWfJTPyifLhI1KDKqAPhjM.roa (raw, json)
Hash identifier: LoBJOaDd/IXGlLBAciPZ8yox4ZgmU0InN5F+n+PLde4=
Subject key identifier: 50:B0:61:64:E5:9F:25:33:F2:89:F2:E1:23:52:83:2A:A0:0F:86:33
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4BCF
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/ULBhZOWfJTPyifLhI1KDKqAPhjM.roa
Signing time: Mon 29 Apr 2024 15:53:34 +0000
ROA not before: Mon 29 Apr 2024 15:53:34 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 19407 (0x4bcf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 29 15:53:34 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=50B06164E59F2533F289F2E12352832AA00F8633
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:0f:ef:94:e0:01:7c:d5:89:bf:b7:3b:bd:90:
07:8b:33:35:18:7d:85:55:71:e4:0a:28:60:9d:b4:
dc:df:63:d5:82:e6:7d:5f:15:37:bf:4d:8a:16:e9:
3f:57:86:32:38:1f:18:b1:0b:f8:3f:f0:3e:0a:11:
7d:58:20:2b:fa:a7:cc:f4:0f:e7:50:ea:f8:a3:d2:
ec:38:7d:58:36:ec:0c:6d:65:ca:27:34:a1:cc:e2:
97:b7:8a:be:ae:f2:7c:fa:24:17:2d:dc:cc:bb:26:
3b:df:ed:16:fe:5f:62:55:98:a4:e3:58:74:14:87:
31:e1:90:6d:63:53:21:3e:6f:73:88:ad:da:89:85:
a3:d3:97:52:01:de:c5:39:c6:be:62:d3:9e:92:56:
3b:98:63:0e:5b:85:0e:58:56:50:dc:71:d3:d5:f1:
23:9f:fe:6d:bd:78:90:ab:15:9a:27:59:72:1a:1e:
27:a7:44:f3:d9:c9:8a:85:cd:54:28:72:ef:a8:03:
b9:08:f3:bf:aa:92:5e:71:0f:3c:08:be:f3:36:08:
97:1a:ce:37:1d:31:0a:bf:93:b0:00:ad:06:e8:2d:
48:2a:22:5e:8d:96:2a:7e:e5:f5:c9:c4:80:36:b4:
c9:6b:73:93:ad:49:cc:7d:8d:45:9a:da:f7:4b:a9:
2c:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:B0:61:64:E5:9F:25:33:F2:89:F2:E1:23:52:83:2A:A0:0F:86:33
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/ULBhZOWfJTPyifLhI1KDKqAPhjM.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
a2:44:11:22:8c:c5:34:8e:0c:4e:dc:bc:d4:9b:ea:8b:0d:4d:
02:0d:1a:61:e2:f3:19:c1:33:b7:79:30:73:0c:93:84:66:f8:
63:a0:90:0d:8b:83:a5:ed:5c:54:a7:8f:24:fa:f9:c0:5d:5a:
f8:4e:fd:fd:35:85:f1:07:eb:e7:27:4a:9e:05:20:3f:a6:1d:
71:4e:8d:89:4a:4c:07:0b:ca:2f:c0:a2:76:aa:d7:d7:73:fe:
77:c8:59:54:2f:6d:ab:90:32:b8:49:fa:44:2b:1a:e6:e8:a5:
45:1f:46:bf:2a:5f:26:1c:1f:c3:e1:05:26:29:6b:ab:3f:4a:
11:c9:f3:f6:0b:9b:d3:64:ae:ca:01:51:2f:ad:ee:99:36:59:
a0:e1:a9:64:f6:b7:cd:b4:9f:b7:ad:22:47:64:3a:49:02:6f:
05:4b:86:a3:cd:1e:29:1c:c9:a9:c3:0b:10:e9:7d:cd:9e:af:
d6:ec:92:8b:53:a2:19:c8:d6:91:92:42:f5:ed:18:af:91:84:
00:1c:0a:6d:4a:79:7c:00:be:df:f1:8e:ad:4e:79:fe:b5:56:
75:ad:6b:aa:c6:e6:4d:b1:29:e2:e4:97:ab:27:79:f4:38:36:
2c:a1:40:3b:ab:30:d4:8b:8c:f8:ce:bd:8a:03:34:f2:47:4a:
5a:e1:34:9f
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICS88wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0Mjkx
NTUzMzRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDUwQjA2MTY0RTU5RjI1
MzNGMjg5RjJFMTIzNTI4MzJBQTAwRjg2MzMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCcD++U4AF81Ym/tzu9kAeLMzUYfYVVceQKKGCdtNzfY9WC5n1f
FTe/TYoW6T9XhjI4HxixC/g/8D4KEX1YICv6p8z0D+dQ6vij0uw4fVg27AxtZcon
NKHM4pe3ir6u8nz6JBct3My7Jjvf7Rb+X2JVmKTjWHQUhzHhkG1jUyE+b3OIrdqJ
haPTl1IB3sU5xr5i056SVjuYYw5bhQ5YVlDccdPV8SOf/m29eJCrFZonWXIaHien
RPPZyYqFzVQocu+oA7kI87+qkl5xDzwIvvM2CJcazjcdMQq/k7AArQboLUgqIl6N
lip+5fXJxIA2tMlrc5OtScx9jUWa2vdLqSydAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUULBhZOWfJTPyifLhI1KDKqAPhjMwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1VMQmhaT1dmSlRQeWlm
TGhJMUtES3FBUGhqTS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAKJEESKMxTSODE7cvNSb6osNTQINGmHi
8xnBM7d5MHMMk4Rm+GOgkA2Lg6XtXFSnjyT6+cBdWvhO/f01hfEH6+cnSp4FID+m
HXFOjYlKTAcLyi/Aonaq19dz/nfIWVQvbauQMrhJ+kQrGubopUUfRr8qXyYcH8Ph
BSYpa6s/ShHJ8/YLm9NkrsoBUS+t7pk2WaDhqWT2t820n7etIkdkOkkCbwVLhqPN
HikcyanDCxDpfc2er9bskotTohnI1pGSQvXtGK+RhAAcCm1KeXwAvt/xjq1Oef61
VnWta6rG5k2xKeLkl6snefQ4NiyhQDurMNSLjPjOvYoDNPJHSlrhNJ8=
-----END CERTIFICATE-----
Generated at Mon Apr 29 22:52:33 2024 by rpki-client on console.sobornost.net