Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/WBZLyVk57mhRJAPWFRXDCqobE3o.roa
File: WBZLyVk57mhRJAPWFRXDCqobE3o.roa (raw, json)
Hash identifier: 4bYNl1mlDY9crupv8RpISw/WHS7cPvx0W/VVHLfMijE=
Subject key identifier: 58:16:4B:C9:59:39:EE:68:51:24:03:D6:15:15:C3:0A:AA:1B:13:7A
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 35C7
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/WBZLyVk57mhRJAPWFRXDCqobE3o.roa
Signing time: Sun 31 Mar 2024 06:52:10 +0000
ROA not before: Sun 31 Mar 2024 06:52:10 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13767 (0x35c7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Mar 31 06:52:10 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=58164BC95939EE68512403D61515C30AAA1B137A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:89:b1:56:b2:04:b9:41:88:45:eb:e4:45:bf:
1e:07:cd:42:e9:f0:e4:0b:6e:7f:de:aa:77:b5:55:
8e:bb:e7:48:7d:cf:6c:95:51:83:e9:0b:46:20:7b:
8d:df:5a:3f:06:6a:ac:2e:2a:54:96:a3:5c:7a:a8:
8e:c4:e3:0a:eb:39:07:bd:b4:dd:7e:df:3b:47:a5:
cc:a9:f6:96:f8:7b:45:89:da:5c:27:f5:f3:d0:49:
d8:6f:d6:bf:6d:97:de:fb:c0:99:be:cb:94:aa:5b:
db:5d:c7:2e:12:ec:d3:70:88:3d:94:dd:14:44:a9:
3f:0b:20:62:87:18:e0:20:e1:af:65:11:c3:36:b3:
be:58:1d:ca:9f:3c:c9:fe:26:00:bb:9c:c9:ac:25:
10:73:53:22:8b:ca:33:07:d3:41:b1:9b:c1:28:54:
bd:fa:9c:c2:44:c4:74:9a:09:c1:33:ab:99:0a:b4:
c2:40:4c:0b:a5:0a:ed:3e:42:70:1c:51:4e:c8:d2:
35:ca:99:bb:88:77:5a:55:f6:5c:12:b6:d0:e6:7b:
93:73:6f:4d:67:10:ae:b0:24:a1:18:62:65:ea:ef:
b5:18:ad:c1:23:4c:57:b1:a4:c8:23:8d:be:4f:b7:
28:82:1c:55:db:20:2c:eb:a8:3e:18:76:ce:e6:96:
ea:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:16:4B:C9:59:39:EE:68:51:24:03:D6:15:15:C3:0A:AA:1B:13:7A
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/WBZLyVk57mhRJAPWFRXDCqobE3o.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
81:0b:01:29:38:28:f1:a3:f7:3a:44:bd:b3:23:f1:0a:e7:a1:
8a:ed:a3:43:0a:62:84:b7:ab:e0:c6:20:d8:f6:09:31:62:38:
42:9c:5a:ee:a5:40:a0:04:b2:3b:74:91:83:79:c1:31:f1:57:
4d:8f:3d:f6:41:4d:b0:9c:af:cd:00:e6:63:e1:07:6c:e7:dc:
46:63:c9:bb:a9:bc:8f:17:fc:cb:e5:07:13:8b:0a:9e:85:c4:
87:2f:26:d4:09:38:73:fe:55:4e:0f:7f:28:ed:84:ef:f0:3d:
52:b8:c1:f7:9a:28:94:15:6a:b9:71:c6:7f:6f:0a:f1:39:8d:
35:b2:b8:57:78:e2:b9:26:e1:f0:55:a9:07:2f:68:c1:1f:d3:
3a:00:01:1c:89:b8:6e:95:62:2b:9e:da:cd:f6:4b:47:49:59:
19:6d:21:c8:27:28:02:6d:f8:50:03:df:54:ac:a0:7a:85:c8:
d5:5b:b9:5a:66:67:8c:ec:19:a8:ec:37:89:f3:57:f3:f2:74:
7a:49:1b:a0:c7:60:b5:5b:43:a6:6a:b2:5c:b8:a8:e4:d7:9b:
ec:57:1a:a1:64:1d:9d:e3:e9:31:d0:06:c8:97:54:43:40:53:
da:70:46:eb:be:40:ff:62:51:cd:2c:79:4c:c9:07:df:ee:42:
1d:23:68:0b
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICNccwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDAzMzEw
NjUyMTBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDU4MTY0QkM5NTkzOUVF
Njg1MTI0MDNENjE1MTVDMzBBQUExQjEzN0EwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCtibFWsgS5QYhF6+RFvx4HzULp8OQLbn/eqne1VY6750h9z2yV
UYPpC0Yge43fWj8GaqwuKlSWo1x6qI7E4wrrOQe9tN1+3ztHpcyp9pb4e0WJ2lwn
9fPQSdhv1r9tl977wJm+y5SqW9tdxy4S7NNwiD2U3RREqT8LIGKHGOAg4a9lEcM2
s75YHcqfPMn+JgC7nMmsJRBzUyKLyjMH00Gxm8EoVL36nMJExHSaCcEzq5kKtMJA
TAulCu0+QnAcUU7I0jXKmbuId1pV9lwSttDme5Nzb01nEK6wJKEYYmXq77UYrcEj
TFexpMgjjb5PtyiCHFXbICzrqD4Yds7mlupjAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUWBZLyVk57mhRJAPWFRXDCqobE3owHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1dCWkx5Vms1N21oUkpB
UFdGUlhEQ3FvYkUzby5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAIELASk4KPGj9zpEvbMj8QrnoYrto0MK
YoS3q+DGINj2CTFiOEKcWu6lQKAEsjt0kYN5wTHxV02PPfZBTbCcr80A5mPhB2zn
3EZjybupvI8X/MvlBxOLCp6FxIcvJtQJOHP+VU4PfyjthO/wPVK4wfeaKJQVarlx
xn9vCvE5jTWyuFd44rkm4fBVqQcvaMEf0zoAARyJuG6VYiue2s32S0dJWRltIcgn
KAJt+FAD31SsoHqFyNVbuVpmZ4zsGajsN4nzV/PydHpJG6DHYLVbQ6Zqsly4qOTX
m+xXGqFkHZ3j6THQBsiXVENAU9pwRuu+QP9iUc0seUzJB9/uQh0jaAs=
-----END CERTIFICATE-----
Generated at Sun Mar 31 12:03:00 2024 by rpki-client on console.sobornost.net