Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/ZrZnQfMLLbLj56enMOv6Hzr1nlc.roa
File: ZrZnQfMLLbLj56enMOv6Hzr1nlc.roa (raw, json)
Hash identifier: t5b8vndiUQMrfwQWtIhUTezzAQ25XKGlUPJurojTYkU=
Subject key identifier: 66:B6:67:41:F3:0B:2D:B2:E3:E7:A7:A7:30:EB:FA:1F:3A:F5:9E:57
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 541B
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/ZrZnQfMLLbLj56enMOv6Hzr1nlc.roa
Signing time: Fri 10 May 2024 17:24:28 +0000
ROA not before: Fri 10 May 2024 17:24:28 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21531 (0x541b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 10 17:24:28 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=66B66741F30B2DB2E3E7A7A730EBFA1F3AF59E57
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:c0:ba:16:33:09:b5:e0:97:1f:c5:47:66:a7:
c7:0d:7e:a1:94:5f:f3:d8:f7:e1:63:f0:45:6a:21:
d1:5f:2f:07:a9:7a:6f:f7:70:9b:04:7a:3c:9a:ac:
cc:ee:f0:72:ac:51:a5:b4:48:54:5b:1d:c4:f2:d0:
53:12:cc:08:13:a9:39:02:92:d5:ac:6c:47:c9:6c:
c8:3a:aa:24:b4:28:0e:4d:82:64:6a:1e:31:b2:6e:
31:95:d3:e3:60:bc:03:95:06:b5:55:76:7c:3c:18:
21:d5:98:3c:24:48:18:9e:6d:87:be:99:04:a0:5f:
00:40:49:f5:90:ae:98:4b:81:8a:71:8b:93:b0:97:
b2:5f:bb:9a:88:78:9d:bb:3e:10:9e:3a:29:b0:eb:
11:19:ff:db:48:c7:a1:a8:cf:5b:77:54:f4:2d:de:
07:60:fa:1d:7d:83:ca:0c:a3:18:99:48:17:bf:77:
a0:2b:d5:7e:55:b8:a1:62:7a:77:13:c8:6d:9b:a4:
b7:b1:3f:d6:46:bc:bc:06:c5:4d:38:7b:1b:08:44:
15:33:4a:83:19:fc:9c:bd:a6:28:65:d0:93:89:9f:
b3:fc:97:c4:f7:c9:cf:d1:bc:ce:c3:c6:28:31:02:
81:74:7a:fb:7f:89:11:84:7b:f5:55:1f:36:90:2a:
b3:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:B6:67:41:F3:0B:2D:B2:E3:E7:A7:A7:30:EB:FA:1F:3A:F5:9E:57
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/ZrZnQfMLLbLj56enMOv6Hzr1nlc.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
51:d4:a9:6d:ca:a1:7c:f7:5f:36:83:3c:63:21:28:16:6e:cc:
dd:f0:73:59:08:10:73:75:95:cd:d4:01:00:9b:88:17:74:24:
38:29:f3:99:7f:21:eb:f4:da:a9:31:4b:c9:38:27:f7:af:24:
66:bc:14:16:f3:2e:6b:f4:cc:e3:d5:f7:d6:13:9e:32:1a:21:
0f:b6:bf:f8:9c:08:de:66:c4:75:20:56:88:1d:d5:4c:76:4b:
df:3a:a0:60:45:11:60:01:e3:a8:40:f1:10:ec:2a:fc:6b:2d:
1a:c3:6c:d1:88:d8:8f:63:26:90:38:da:59:9c:11:e1:3b:e3:
78:39:11:b8:3f:7c:9c:95:5b:b7:bb:44:b2:cf:34:c6:0b:25:
94:37:7a:82:7c:36:92:3b:c1:f9:18:8e:b4:d9:65:e5:96:f9:
bc:ec:b6:ea:85:64:43:f7:99:28:65:b5:ae:6e:b9:09:ce:fa:
9a:b6:1d:4f:45:9d:f5:e9:11:ab:56:82:76:ee:a9:52:bc:3b:
fa:c4:7d:39:d2:75:d4:55:ce:e4:f2:9c:85:3e:0c:8c:be:5c:
7b:4f:57:eb:7b:09:12:6e:37:9c:1b:d7:88:67:ab:db:6c:f6:
39:a9:d6:38:a9:e0:70:99:7f:e7:8d:83:d5:7f:96:d0:cc:b2:
5d:60:de:d6
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICVBswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MTAx
NzI0MjhaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDY2QjY2NzQxRjMwQjJE
QjJFM0U3QTdBNzMwRUJGQTFGM0FGNTlFNTcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDbwLoWMwm14JcfxUdmp8cNfqGUX/PY9+Fj8EVqIdFfLwepem/3
cJsEejyarMzu8HKsUaW0SFRbHcTy0FMSzAgTqTkCktWsbEfJbMg6qiS0KA5NgmRq
HjGybjGV0+NgvAOVBrVVdnw8GCHVmDwkSBiebYe+mQSgXwBASfWQrphLgYpxi5Ow
l7Jfu5qIeJ27PhCeOimw6xEZ/9tIx6Goz1t3VPQt3gdg+h19g8oMoxiZSBe/d6Ar
1X5VuKFiencTyG2bpLexP9ZGvLwGxU04exsIRBUzSoMZ/Jy9pihl0JOJn7P8l8T3
yc/RvM7DxigxAoF0evt/iRGEe/VVHzaQKrOLAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUZrZnQfMLLbLj56enMOv6Hzr1nlcwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1pyWm5RZk1MTGJMajU2
ZW5NT3Y2SHpyMW5sYy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAFHUqW3KoXz3XzaDPGMhKBZuzN3wc1kI
EHN1lc3UAQCbiBd0JDgp85l/Iev02qkxS8k4J/evJGa8FBbzLmv0zOPV99YTnjIa
IQ+2v/icCN5mxHUgVogd1Ux2S986oGBFEWAB46hA8RDsKvxrLRrDbNGI2I9jJpA4
2lmcEeE743g5Ebg/fJyVW7e7RLLPNMYLJZQ3eoJ8NpI7wfkYjrTZZeWW+bzstuqF
ZEP3mShlta5uuQnO+pq2HU9FnfXpEatWgnbuqVK8O/rEfTnSddRVzuTynIU+DIy+
XHtPV+t7CRJuN5wb14hnq9ts9jmp1jip4HCZf+eNg9V/ltDMsl1g3tY=
-----END CERTIFICATE-----
Generated at Fri May 10 21:04:12 2024 by rpki-client on console.sobornost.net