Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/VXI7lcIwNSn3me5qIIgb686RhEg.roa
File: VXI7lcIwNSn3me5qIIgb686RhEg.roa (raw, json)
Hash identifier: HKFAwTFsDnuSxB8dTMDOwgWjJu97RIr9GceMysAqj2I=
Subject key identifier: 55:72:3B:95:C2:30:35:29:F7:99:EE:6A:20:88:1B:EB:CE:91:84:48
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3BFB
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/VXI7lcIwNSn3me5qIIgb686RhEg.roa
Signing time: Mon 08 Apr 2024 13:22:36 +0000
ROA not before: Mon 08 Apr 2024 13:22:36 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15355 (0x3bfb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 8 13:22:36 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=55723B95C2303529F799EE6A20881BEBCE918448
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:cf:53:c3:63:09:c1:4f:d5:b3:98:75:1e:42:
11:90:03:16:a1:c5:93:5a:63:7d:48:63:cc:00:29:
a5:b6:4b:e2:a3:64:c0:af:0c:c3:f6:6d:a6:3a:35:
47:8f:bb:21:7f:b2:dc:20:51:dc:f8:00:37:cc:d2:
de:9c:8a:07:e1:b3:f6:2d:52:9d:81:6d:ca:38:f1:
e5:08:af:b9:87:8e:42:7d:1e:cd:a1:03:6e:63:1d:
35:ab:70:eb:df:65:c5:58:8e:d9:1a:b6:81:da:99:
ca:6a:2a:a7:e9:6f:84:f2:26:15:9c:2a:96:22:37:
88:ce:19:07:f8:59:5f:66:be:e0:51:ee:cc:74:41:
23:46:0d:1f:5a:c8:38:2c:67:6d:93:f4:94:e4:3d:
82:41:c0:74:55:fe:74:ad:92:31:53:e0:01:90:06:
6a:6f:2c:98:e0:48:90:e5:48:2e:19:97:38:77:b7:
c2:cd:79:48:60:f6:91:09:cd:0f:b4:9b:c2:9a:37:
ab:14:62:ca:fc:bf:bd:d0:8d:f2:cf:63:de:48:a2:
3e:e7:3a:bb:f5:02:83:fd:48:30:da:2c:d0:7d:c9:
b6:1e:e4:9f:40:e7:b0:c2:d3:10:ee:13:5a:64:e0:
6d:18:26:7f:69:6d:8e:2a:e6:15:43:49:8d:d7:75:
ae:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:72:3B:95:C2:30:35:29:F7:99:EE:6A:20:88:1B:EB:CE:91:84:48
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/VXI7lcIwNSn3me5qIIgb686RhEg.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
7e:58:cb:d5:24:bd:7d:ae:fd:cd:51:ce:0a:a8:2a:bb:bd:d7:
3d:4d:8f:43:ef:ff:cf:0b:f6:1e:8e:40:38:6f:15:a1:e7:f6:
74:a3:71:13:d7:bc:09:27:45:a8:a4:c7:f9:31:bc:07:9d:dc:
8a:92:56:02:13:19:c5:29:ee:d2:ba:4b:eb:6f:71:61:1a:f6:
0b:20:5a:b7:ac:de:ca:65:1c:4d:9f:d2:76:56:11:e4:9c:f0:
6d:26:2f:54:c7:0d:1c:dd:7d:aa:eb:47:7a:de:4e:27:e3:4f:
cf:56:0e:42:73:ee:dd:88:f1:97:7f:f9:cd:98:18:11:d2:1d:
2e:f8:30:ad:9d:2e:11:e1:cb:a3:c2:68:b1:ef:a5:00:dc:dc:
f2:0d:92:39:69:38:e2:da:fe:ad:c3:7a:b6:70:49:6b:c2:28:
6a:0c:48:40:a6:68:4a:35:5b:fb:30:33:27:78:68:40:c2:51:
b0:f3:a5:9e:49:64:ad:e2:32:0c:5f:77:ce:98:0d:d1:33:0e:
03:f9:4c:87:8f:6a:54:67:be:a6:10:dd:86:f8:da:58:9b:42:
d8:74:ac:1b:35:a2:ba:40:e7:bf:92:d4:ae:bf:3b:09:88:b4:
b8:e9:70:8b:bf:8d:9e:f0:38:26:e8:7c:c7:c6:0b:7c:88:6e:
01:79:f6:ee
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICO/swDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDgx
MzIyMzZaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDU1NzIzQjk1QzIzMDM1
MjlGNzk5RUU2QTIwODgxQkVCQ0U5MTg0NDgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDKz1PDYwnBT9WzmHUeQhGQAxahxZNaY31IY8wAKaW2S+KjZMCv
DMP2baY6NUePuyF/stwgUdz4ADfM0t6cigfhs/YtUp2Bbco48eUIr7mHjkJ9Hs2h
A25jHTWrcOvfZcVYjtkatoHamcpqKqfpb4TyJhWcKpYiN4jOGQf4WV9mvuBR7sx0
QSNGDR9ayDgsZ22T9JTkPYJBwHRV/nStkjFT4AGQBmpvLJjgSJDlSC4Zlzh3t8LN
eUhg9pEJzQ+0m8KaN6sUYsr8v73QjfLPY95Ioj7nOrv1AoP9SDDaLNB9ybYe5J9A
57DC0xDuE1pk4G0YJn9pbY4q5hVDSY3Xda7rAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUVXI7lcIwNSn3me5qIIgb686RhEgwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1ZYSTdsY0l3TlNuM21l
NXFJSWdiNjg2UmhFZy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAH5Yy9UkvX2u/c1RzgqoKru91z1Nj0Pv
/88L9h6OQDhvFaHn9nSjcRPXvAknRaikx/kxvAed3IqSVgITGcUp7tK6S+tvcWEa
9gsgWres3splHE2f0nZWEeSc8G0mL1THDRzdfarrR3reTifjT89WDkJz7t2I8Zd/
+c2YGBHSHS74MK2dLhHhy6PCaLHvpQDc3PINkjlpOOLa/q3DerZwSWvCKGoMSECm
aEo1W/swMyd4aEDCUbDzpZ5JZK3iMgxfd86YDdEzDgP5TIePalRnvqYQ3Yb42lib
Qth0rBs1orpA57+S1K6/OwmItLjpcIu/jZ7wOCbofMfGC3yIbgF59u4=
-----END CERTIFICATE-----
Generated at Mon Apr 8 20:06:37 2024 by rpki-client on console.sobornost.net