Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/YG_hPdIBhTBNtR1I4FmogAWtqXA.roa
File: YG_hPdIBhTBNtR1I4FmogAWtqXA.roa (raw, json)
Hash identifier: 2dVcrL0jLcnYkrH8iSjETXsbUIfq8m5u/oN4qcu5uPI=
Subject key identifier: 60:6F:E1:3D:D2:01:85:30:4D:B5:1D:48:E0:59:A8:80:05:AD:A9:70
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 564F
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/YG_hPdIBhTBNtR1I4FmogAWtqXA.roa
Signing time: Mon 13 May 2024 15:54:15 +0000
ROA not before: Mon 13 May 2024 15:54:15 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 22095 (0x564f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 13 15:54:15 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=606FE13DD20185304DB51D48E059A88005ADA970
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:1a:0f:e6:3c:db:09:e7:86:e9:33:62:96:76:
dd:0d:5f:f3:a2:f3:f1:ce:aa:7b:0d:e7:14:87:c3:
0d:02:90:30:b8:4e:d1:9d:0d:47:ae:9d:f5:00:b3:
4a:50:8f:e3:a6:8d:b1:7c:8f:f6:2d:90:65:2b:5a:
f5:0e:3a:2e:27:55:7c:a5:7e:c9:c6:e7:d9:0c:d4:
c0:3e:96:fa:32:e1:c0:d4:ef:10:8a:c2:bf:4a:44:
cd:3b:5b:95:20:66:71:06:a7:7f:ef:e8:a1:1a:90:
23:11:3b:e3:50:aa:98:16:b0:0c:3a:47:31:69:47:
75:9e:ac:27:3f:39:af:1f:a9:38:0b:a0:fa:16:d3:
39:61:5f:81:c0:df:1b:8c:3a:9a:53:bb:16:3c:40:
6c:37:a0:02:51:9b:e7:73:b4:8d:64:7e:23:9a:f1:
87:fc:7f:f8:7f:bb:26:5d:23:da:41:d2:0b:b6:a0:
cb:1d:16:a9:95:9a:4c:35:8b:8f:c8:88:40:7a:06:
9d:c7:9e:b0:65:0a:21:53:34:22:af:d2:18:9b:99:
02:f3:72:c8:30:e9:06:e7:ef:b4:15:0c:df:d0:96:
90:2d:0e:a1:66:44:75:7f:07:48:14:69:0a:b7:15:
04:dc:c0:4a:d3:4f:08:55:90:47:ab:85:19:ba:dd:
0f:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:6F:E1:3D:D2:01:85:30:4D:B5:1D:48:E0:59:A8:80:05:AD:A9:70
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/YG_hPdIBhTBNtR1I4FmogAWtqXA.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
b8:61:f4:d5:c9:7d:2c:da:b8:4b:7c:1b:4c:21:d1:47:f1:06:
5c:0a:46:ab:0a:44:78:48:b2:45:f3:86:23:1e:f9:83:37:0c:
41:13:c6:28:4d:d0:61:70:35:d3:c7:7c:bc:fa:4e:a3:7e:df:
91:b2:1c:4a:c4:66:98:60:3a:df:ec:24:0c:d7:6c:06:e2:24:
79:79:7f:0d:60:03:52:88:60:22:96:ff:35:50:d7:e4:7a:dd:
3a:22:da:ed:9d:01:3b:a0:a3:0f:d9:27:32:3f:09:c9:43:c6:
7f:b1:a6:ff:5b:77:42:94:97:26:de:79:b6:fe:34:0d:c6:91:
cb:4e:2c:fa:14:86:21:27:ae:7a:ed:78:e9:ff:26:a6:bd:3a:
a0:74:58:f6:56:a3:6b:10:b1:f6:0c:e9:6b:36:61:9e:7a:a7:
4a:1e:35:b8:b1:46:aa:26:04:b1:40:2e:64:f6:1e:f3:ea:3b:
9f:4c:aa:12:84:12:bd:fc:29:f2:3a:61:05:8e:71:cc:19:43:
d8:5a:71:65:39:1f:82:cb:35:49:7c:36:f5:61:e3:cc:b3:e9:
5d:bb:7e:4b:86:38:35:f7:f4:a6:ae:45:8c:e9:2d:83:0c:c9:
e7:01:c7:57:de:1d:12:9d:b4:85:f1:20:98:5c:39:05:b3:f6:
49:58:00:fd
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICVk8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MTMx
NTU0MTVaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDYwNkZFMTNERDIwMTg1
MzA0REI1MUQ0OEUwNTlBODgwMDVBREE5NzAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDEGg/mPNsJ54bpM2KWdt0NX/Oi8/HOqnsN5xSHww0CkDC4TtGd
DUeunfUAs0pQj+OmjbF8j/YtkGUrWvUOOi4nVXylfsnG59kM1MA+lvoy4cDU7xCK
wr9KRM07W5UgZnEGp3/v6KEakCMRO+NQqpgWsAw6RzFpR3WerCc/Oa8fqTgLoPoW
0zlhX4HA3xuMOppTuxY8QGw3oAJRm+dztI1kfiOa8Yf8f/h/uyZdI9pB0gu2oMsd
FqmVmkw1i4/IiEB6Bp3HnrBlCiFTNCKv0hibmQLzcsgw6Qbn77QVDN/QlpAtDqFm
RHV/B0gUaQq3FQTcwErTTwhVkEerhRm63Q+5AgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUYG/hPdIBhTBNtR1I4FmogAWtqXAwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1lHX2hQZElCaFRCTnRS
MUk0Rm1vZ0FXdHFYQS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBALhh9NXJfSzauEt8G0wh0UfxBlwKRqsK
RHhIskXzhiMe+YM3DEETxihN0GFwNdPHfLz6TqN+35GyHErEZphgOt/sJAzXbAbi
JHl5fw1gA1KIYCKW/zVQ1+R63Toi2u2dATugow/ZJzI/CclDxn+xpv9bd0KUlybe
ebb+NA3GkctOLPoUhiEnrnrteOn/Jqa9OqB0WPZWo2sQsfYM6Ws2YZ56p0oeNbix
RqomBLFALmT2HvPqO59MqhKEEr38KfI6YQWOccwZQ9hacWU5H4LLNUl8NvVh48yz
6V27fkuGODX39KauRYzpLYMMyecBx1feHRKdtIXxIJhcOQWz9klYAP0=
-----END CERTIFICATE-----
Generated at Mon May 13 19:40:33 2024 by rpki-client on console.sobornost.net