Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/W5Vc0tQGGXCqlZ7Fa_C0SUjPkv0.roa
File: W5Vc0tQGGXCqlZ7Fa_C0SUjPkv0.roa (raw, json)
Hash identifier: 1/UVyhkYOwkORyQ2SpITXI+8nzBppK/gHLTDGnGhxdk=
Subject key identifier: 5B:95:5C:D2:D4:06:19:70:AA:95:9E:C5:6B:F0:B4:49:48:CF:92:FD
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 54A3
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/W5Vc0tQGGXCqlZ7Fa_C0SUjPkv0.roa
Signing time: Sat 11 May 2024 10:24:04 +0000
ROA not before: Sat 11 May 2024 10:24:04 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21667 (0x54a3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 11 10:24:04 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=5B955CD2D4061970AA959EC56BF0B44948CF92FD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:79:ae:c3:17:eb:72:41:d1:69:5a:2c:e8:f5:
64:da:f0:e4:da:e1:2b:0c:a3:c7:19:b0:48:e7:d2:
d2:48:53:e9:e6:a8:a7:b1:74:0c:47:9e:a3:12:a4:
82:09:fb:4b:e7:4b:03:6e:fd:81:67:61:30:62:80:
2b:04:33:36:09:4b:d8:b8:86:49:24:5b:0a:b1:ea:
1d:46:22:3e:67:a6:7a:9c:12:98:9f:54:b2:a3:06:
ba:07:73:8c:32:bc:f3:8f:33:93:72:17:e3:37:c7:
7b:a5:e1:93:48:7c:b6:6e:8b:21:e5:19:28:8c:8f:
bc:c5:42:a3:c7:2c:b7:f6:8b:6e:99:fd:ab:3f:3a:
2e:4b:08:ed:69:a7:bc:8e:be:0d:64:fa:e5:54:2a:
a9:32:35:29:94:97:d8:c7:3f:77:32:20:7f:b6:a2:
0e:00:06:82:56:e7:28:87:32:4e:e2:51:80:f8:cd:
3c:82:1a:5c:b6:4f:60:71:bd:b4:d5:f8:69:44:36:
a5:00:bc:f6:08:fd:fb:d2:bc:18:37:61:55:92:c3:
11:98:a1:59:75:4d:e5:1b:a0:f2:33:8d:ab:21:39:
5d:a2:ff:e3:8c:3d:e5:f5:8a:dc:c3:d1:96:9e:ea:
bd:27:08:db:d0:04:7c:01:b0:95:8a:da:be:90:b2:
c7:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:95:5C:D2:D4:06:19:70:AA:95:9E:C5:6B:F0:B4:49:48:CF:92:FD
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/W5Vc0tQGGXCqlZ7Fa_C0SUjPkv0.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
ac:60:ba:1c:cf:12:4a:e0:b8:95:5d:a8:d0:e1:d6:fc:81:0e:
05:80:70:79:d5:46:7c:77:04:07:04:dc:09:fa:84:d7:ec:be:
76:cf:8a:d0:4a:ef:2f:11:ff:17:fe:2d:15:37:61:bd:a7:c8:
d3:fc:d9:de:6c:77:00:bb:5d:e0:85:62:44:a9:6f:80:56:12:
4c:87:bd:18:34:e4:8b:f0:c0:e7:3a:04:99:28:02:d0:2c:75:
54:b8:f8:ff:b9:81:28:62:25:6f:6d:08:c8:3d:e4:8c:a0:82:
c4:3f:4b:2c:5d:74:e2:a6:29:cb:d9:36:d4:8e:13:ac:40:c2:
1b:f0:6d:57:25:63:b6:0a:a0:c5:b5:7d:dc:3a:99:4a:c3:7b:
89:18:3c:09:7b:4a:a5:79:a6:39:d1:20:8b:68:5e:df:eb:cf:
22:80:cd:e1:ed:cd:09:75:8c:cb:9e:91:4b:d6:8b:85:eb:67:
07:c6:7c:49:a2:97:97:b9:ea:12:92:52:45:15:c4:57:a5:32:
28:d3:3b:4a:e9:f9:3e:70:4a:f9:3e:80:7e:fc:f0:55:36:12:
16:d9:07:7b:4c:f7:53:5d:54:f8:71:c6:28:ae:a2:f7:61:30:
b5:2e:9f:9b:b5:38:b0:33:17:32:eb:03:73:2a:61:e4:a2:ce:
86:2f:74:17
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICVKMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MTEx
MDI0MDRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDVCOTU1Q0QyRDQwNjE5
NzBBQTk1OUVDNTZCRjBCNDQ5NDhDRjkyRkQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC0ea7DF+tyQdFpWizo9WTa8OTa4SsMo8cZsEjn0tJIU+nmqKex
dAxHnqMSpIIJ+0vnSwNu/YFnYTBigCsEMzYJS9i4hkkkWwqx6h1GIj5npnqcEpif
VLKjBroHc4wyvPOPM5NyF+M3x3ul4ZNIfLZuiyHlGSiMj7zFQqPHLLf2i26Z/as/
Oi5LCO1pp7yOvg1k+uVUKqkyNSmUl9jHP3cyIH+2og4ABoJW5yiHMk7iUYD4zTyC
Gly2T2BxvbTV+GlENqUAvPYI/fvSvBg3YVWSwxGYoVl1TeUboPIzjashOV2i/+OM
PeX1itzD0Zae6r0nCNvQBHwBsJWK2r6QssdBAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUW5Vc0tQGGXCqlZ7Fa/C0SUjPkv0wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1c1VmMwdFFHR1hDcWxa
N0ZhX0MwU1VqUGt2MC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAKxguhzPEkrguJVdqNDh1vyBDgWAcHnV
Rnx3BAcE3An6hNfsvnbPitBK7y8R/xf+LRU3Yb2nyNP82d5sdwC7XeCFYkSpb4BW
EkyHvRg05IvwwOc6BJkoAtAsdVS4+P+5gShiJW9tCMg95IyggsQ/SyxddOKmKcvZ
NtSOE6xAwhvwbVclY7YKoMW1fdw6mUrDe4kYPAl7SqV5pjnRIItoXt/rzyKAzeHt
zQl1jMuekUvWi4XrZwfGfEmil5e56hKSUkUVxFelMijTO0rp+T5wSvk+gH788FU2
EhbZB3tM91NdVPhxxiiuovdhMLUun5u1OLAzFzLrA3MqYeSizoYvdBc=
-----END CERTIFICATE-----
Generated at Sat May 11 14:26:45 2024 by rpki-client on console.sobornost.net