Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/YdrBAA9TITKQBCWN5MT8sfJkad0.roa
File: YdrBAA9TITKQBCWN5MT8sfJkad0.roa (raw, json)
Hash identifier: Xgu0AT4oz0EGa0paopMF1h6tXdqOUm22ck8cgWFXAR8=
Subject key identifier: 61:DA:C1:00:0F:53:21:32:90:04:25:8D:E4:C4:FC:B1:F2:64:69:DD
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 37A3
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/YdrBAA9TITKQBCWN5MT8sfJkad0.roa
Signing time: Tue 02 Apr 2024 18:22:15 +0000
ROA not before: Tue 02 Apr 2024 18:22:15 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14243 (0x37a3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 2 18:22:15 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=61DAC1000F5321329004258DE4C4FCB1F26469DD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:33:68:3c:77:55:cb:9d:19:eb:90:2e:19:23:
dd:1f:4c:9e:80:55:21:9c:b1:b8:e5:31:dc:14:ff:
a4:9e:ef:de:bd:93:07:14:78:f8:e9:3d:a7:74:15:
47:83:ef:85:88:d3:02:18:e3:31:09:fb:20:11:ed:
f0:7a:2a:1c:e6:ef:34:3b:e0:a7:ee:c6:48:62:40:
bf:5e:e8:76:55:29:11:d1:5c:c2:f3:a3:1f:fd:be:
6d:93:22:88:e3:db:8d:2e:87:20:6e:59:93:73:cc:
b2:97:e4:ba:31:03:74:26:ee:34:7a:ff:c4:a3:ac:
80:2b:a2:cb:ae:3c:d8:b6:30:e1:38:7d:f4:2a:2a:
3f:07:b7:ce:89:9a:df:3c:8c:56:1a:da:73:72:9d:
61:fb:99:5c:17:d4:af:97:07:de:52:ca:09:b6:71:
00:24:93:2d:89:e7:e5:04:5f:06:8e:ca:86:ac:a6:
88:32:3c:36:3e:64:c7:18:bf:ed:d0:e1:c7:85:a9:
c1:78:05:7b:bf:8b:c8:fe:d3:e3:2d:1f:3f:f8:be:
43:3d:98:bd:f6:5f:51:70:54:89:76:cf:02:9d:41:
1e:e0:b2:70:66:38:06:31:08:bc:49:91:ac:4e:a8:
d4:2a:41:d8:05:a8:98:03:2c:77:81:62:7b:53:c7:
63:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:DA:C1:00:0F:53:21:32:90:04:25:8D:E4:C4:FC:B1:F2:64:69:DD
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/YdrBAA9TITKQBCWN5MT8sfJkad0.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
5d:9b:33:85:55:1b:3a:c0:a1:57:b9:07:35:78:9d:63:be:d5:
ff:e3:ad:2d:f0:9c:57:43:86:4f:ec:5c:ec:af:0e:d6:1c:c2:
45:a6:c5:58:81:df:70:05:ba:f0:1b:1b:ef:5c:b8:61:5d:e2:
fb:00:02:66:83:71:f1:f3:a2:c5:03:70:d6:51:f5:23:3d:01:
d2:27:15:95:28:9d:d5:46:62:c8:d2:53:6c:b1:02:3e:da:6f:
e3:9c:b2:a4:80:95:4b:f1:45:ed:07:d2:68:4a:f3:d4:e1:10:
9f:24:28:e2:8b:1d:c9:d7:fe:e7:20:e6:06:9d:92:f5:35:3c:
f8:cc:cd:2c:8e:cd:2d:a2:a4:20:79:27:a1:a9:6f:44:78:ac:
5c:5e:b6:d0:8f:c6:b2:4e:1e:40:ac:7a:0f:cf:56:a0:6b:ae:
b8:88:fb:99:f3:21:fb:c8:46:6e:f8:9e:c4:da:22:3a:59:f4:
f2:96:de:f9:5d:b7:76:56:ec:ff:4d:c1:ed:8c:0b:9d:61:f7:
19:35:4e:d6:74:93:80:87:85:cf:4f:a0:7d:63:90:02:ac:0d:
58:12:15:fe:bd:a8:b4:93:e1:4f:a6:47:7a:e3:fb:d4:f9:91:
6d:78:4c:ad:c6:63:7f:83:4d:ce:91:bd:f6:cc:d5:4e:10:67:
74:ab:bc:13
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICN6MwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDIx
ODIyMTVaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDYxREFDMTAwMEY1MzIx
MzI5MDA0MjU4REU0QzRGQ0IxRjI2NDY5REQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC+M2g8d1XLnRnrkC4ZI90fTJ6AVSGcsbjlMdwU/6Se7969kwcU
ePjpPad0FUeD74WI0wIY4zEJ+yAR7fB6Khzm7zQ74KfuxkhiQL9e6HZVKRHRXMLz
ox/9vm2TIojj240uhyBuWZNzzLKX5LoxA3Qm7jR6/8SjrIArosuuPNi2MOE4ffQq
Kj8Ht86Jmt88jFYa2nNynWH7mVwX1K+XB95Sygm2cQAkky2J5+UEXwaOyoaspogy
PDY+ZMcYv+3Q4ceFqcF4BXu/i8j+0+MtHz/4vkM9mL32X1FwVIl2zwKdQR7gsnBm
OAYxCLxJkaxOqNQqQdgFqJgDLHeBYntTx2NjAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUYdrBAA9TITKQBCWN5MT8sfJkad0wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1lkckJBQTlUSVRLUUJD
V041TVQ4c2ZKa2FkMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAF2bM4VVGzrAoVe5BzV4nWO+1f/jrS3w
nFdDhk/sXOyvDtYcwkWmxViB33AFuvAbG+9cuGFd4vsAAmaDcfHzosUDcNZR9SM9
AdInFZUondVGYsjSU2yxAj7ab+OcsqSAlUvxRe0H0mhK89ThEJ8kKOKLHcnX/ucg
5gadkvU1PPjMzSyOzS2ipCB5J6Gpb0R4rFxettCPxrJOHkCseg/PVqBrrriI+5nz
IfvIRm74nsTaIjpZ9PKW3vldt3ZW7P9Nwe2MC51h9xk1TtZ0k4CHhc9PoH1jkAKs
DVgSFf69qLST4U+mR3rj+9T5kW14TK3GY3+DTc6RvfbM1U4QZ3SrvBM=
-----END CERTIFICATE-----
Generated at Wed Apr 3 01:44:26 2024 by rpki-client on console.sobornost.net