Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/VNduW5Yude1V1cUIMfI0VaIOW5c.roa
File: VNduW5Yude1V1cUIMfI0VaIOW5c.roa (raw, json)
Hash identifier: JUMXg+3pLAf9joP5Dvfmbq06/7RVH8TyRxQofaY5TBg=
Subject key identifier: 54:D7:6E:5B:96:2E:75:ED:55:D5:C5:08:31:F2:34:55:A2:0E:5B:97
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4C77
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/VNduW5Yude1V1cUIMfI0VaIOW5c.roa
Signing time: Tue 30 Apr 2024 12:53:35 +0000
ROA not before: Tue 30 Apr 2024 12:53:35 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 19575 (0x4c77)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 30 12:53:35 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=54D76E5B962E75ED55D5C50831F23455A20E5B97
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:6c:9f:58:a0:fa:c8:c3:ba:cc:ec:bb:43:22:
de:94:9d:c5:6f:27:2d:74:9f:cd:ed:d0:bd:38:1e:
72:92:e2:fa:15:12:84:7d:46:43:35:84:4a:85:b0:
b6:02:6e:95:d1:9c:a2:3b:8d:4c:1b:06:d5:ef:56:
7f:ef:35:79:39:a1:e3:d6:e7:13:67:0d:45:fa:a4:
db:63:b3:b2:56:7b:16:ae:80:8c:dd:21:d2:02:8b:
39:09:d1:b5:9e:8a:37:69:c8:ea:38:b4:dc:98:b3:
50:0c:30:e3:3c:3a:ca:42:7b:8e:e9:c3:dc:f4:1a:
1f:ef:f7:0f:1d:3d:8c:cd:34:5e:89:6e:86:19:70:
47:46:2a:11:c7:dd:0b:a8:e2:cf:84:6e:80:02:7b:
f2:56:c3:54:c8:fb:d7:2b:93:bf:f1:57:98:1e:db:
c1:7e:3f:d7:68:b6:8c:5c:b9:bb:14:77:7c:9a:63:
2b:c3:da:3c:7d:8f:f6:97:c8:56:1a:08:7b:fd:f5:
99:50:98:3e:ab:c4:7d:85:4b:29:3e:d2:0b:1e:03:
1f:01:f9:07:e7:ca:ac:2d:5a:19:ff:d2:b6:a0:2d:
95:8a:c4:1c:6f:94:f8:81:2f:97:c4:9d:a6:6f:7e:
31:38:01:db:f6:c6:2d:db:ed:f1:69:3e:de:72:a8:
9e:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:D7:6E:5B:96:2E:75:ED:55:D5:C5:08:31:F2:34:55:A2:0E:5B:97
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/VNduW5Yude1V1cUIMfI0VaIOW5c.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
42:33:a2:ec:43:aa:16:26:bd:f7:2c:dc:57:05:3d:37:0f:46:
a4:b8:1a:72:0b:eb:7e:73:15:73:d0:a5:a1:58:1f:f7:0e:e9:
ee:1a:4a:45:34:0e:1d:70:8f:71:83:f7:82:d5:df:74:aa:e4:
d4:da:9a:2a:0c:1b:42:f7:95:69:1e:fa:cd:93:94:e8:65:c7:
2d:21:ab:c4:6e:6c:42:84:ad:15:c1:b7:fa:14:07:e9:a7:96:
10:b7:11:fb:1f:97:0b:f8:82:84:2c:0e:e3:23:5f:06:17:c0:
74:d0:91:01:c5:6b:0f:8b:ce:9d:a9:c0:14:ab:f4:da:4b:a6:
74:fe:f4:9e:f5:bc:d9:d2:6e:0b:3d:c3:5f:53:e0:68:88:5a:
52:d7:99:15:75:0b:27:d6:b6:2f:7f:26:3a:cf:01:aa:0e:dc:
63:01:bd:71:cd:3f:19:2b:b2:67:33:05:63:e6:14:4a:32:a9:
26:78:82:d5:8a:b5:71:91:81:f7:70:a7:d4:1d:b4:65:77:38:
19:10:eb:f0:84:0f:bd:ec:4d:73:3a:ad:b5:cd:1e:c1:9a:69:
cc:3c:70:13:de:5e:76:ba:b5:ae:51:20:77:b3:77:f4:2e:7b:
20:78:f9:e7:45:dd:e8:bd:a7:37:6e:ca:f3:58:3d:52:46:9a:
41:d0:e9:40
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICTHcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MzAx
MjUzMzVaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDU0RDc2RTVCOTYyRTc1
RUQ1NUQ1QzUwODMxRjIzNDU1QTIwRTVCOTcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDUbJ9YoPrIw7rM7LtDIt6UncVvJy10n83t0L04HnKS4voVEoR9
RkM1hEqFsLYCbpXRnKI7jUwbBtXvVn/vNXk5oePW5xNnDUX6pNtjs7JWexaugIzd
IdICizkJ0bWeijdpyOo4tNyYs1AMMOM8OspCe47pw9z0Gh/v9w8dPYzNNF6JboYZ
cEdGKhHH3Quo4s+EboACe/JWw1TI+9crk7/xV5ge28F+P9dotoxcubsUd3yaYyvD
2jx9j/aXyFYaCHv99ZlQmD6rxH2FSyk+0gseAx8B+QfnyqwtWhn/0ragLZWKxBxv
lPiBL5fEnaZvfjE4Adv2xi3b7fFpPt5yqJ5vAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUVNduW5Yude1V1cUIMfI0VaIOW5cwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1ZOZHVXNVl1ZGUxVjFj
VUlNZkkwVmFJT1c1Yy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAEIzouxDqhYmvfcs3FcFPTcPRqS4GnIL
635zFXPQpaFYH/cO6e4aSkU0Dh1wj3GD94LV33Sq5NTamioMG0L3lWke+s2TlOhl
xy0hq8RubEKErRXBt/oUB+mnlhC3Efsflwv4goQsDuMjXwYXwHTQkQHFaw+Lzp2p
wBSr9NpLpnT+9J71vNnSbgs9w19T4GiIWlLXmRV1CyfWti9/JjrPAaoO3GMBvXHN
PxkrsmczBWPmFEoyqSZ4gtWKtXGRgfdwp9QdtGV3OBkQ6/CED73sTXM6rbXNHsGa
acw8cBPeXna6ta5RIHezd/QueyB4+edF3ei9pzduyvNYPVJGmkHQ6UA=
-----END CERTIFICATE-----
Generated at Tue Apr 30 16:38:53 2024 by rpki-client on console.sobornost.net