Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/_fkatOogPc5Uxh0H1HxzpHChYec.roa
File: _fkatOogPc5Uxh0H1HxzpHChYec.roa (raw, json)
Hash identifier: ImmrNLKz6VPaM2w5jUF42xXxcpyrNLvWy6YK8GyZARg=
Subject key identifier: FD:F9:1A:B4:EA:20:3D:CE:54:C6:1D:07:D4:7C:73:A4:70:A1:61:E7
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 44E3
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/_fkatOogPc5Uxh0H1HxzpHChYec.roa
Signing time: Sat 20 Apr 2024 10:23:04 +0000
ROA not before: Sat 20 Apr 2024 10:23:04 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17635 (0x44e3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 20 10:23:04 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=FDF91AB4EA203DCE54C61D07D47C73A470A161E7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:73:65:e8:8a:33:24:69:c6:f1:15:3c:4d:03:
ef:b9:79:e1:c6:81:96:38:cb:33:50:8c:dd:1e:ff:
6e:b9:7f:9a:c3:6e:7a:40:64:0f:43:b0:5d:ef:35:
5e:34:95:09:e8:bf:d4:b9:02:8b:ca:11:6e:5e:f9:
da:f8:be:f8:82:64:e7:7e:45:cd:58:72:21:cf:3b:
ec:d4:4e:61:d3:cf:b9:eb:5e:59:04:b2:ce:b2:cb:
1d:36:c8:6e:d9:8f:a5:7a:8e:73:a5:6c:50:4b:e2:
96:64:4a:fc:07:5f:68:c9:72:81:33:24:82:15:03:
4e:92:43:a5:52:03:38:04:a7:e1:34:bc:50:eb:64:
f1:39:a4:00:a4:1b:99:5b:44:27:f2:33:f6:e2:fc:
38:b6:c9:c6:74:f4:4d:29:5c:b1:a1:8e:3e:e8:e4:
8e:c2:14:da:3b:a9:40:3f:70:4c:d6:85:11:c3:b4:
9e:1c:85:6e:b5:61:a7:a7:ba:1a:fe:e6:c4:1f:86:
49:b2:3d:3c:67:fa:96:34:9f:4c:44:fe:a0:0d:5b:
61:9d:95:da:01:72:e6:b1:2a:81:81:ac:44:62:9c:
49:85:ff:ce:1b:6a:cd:e7:90:6c:ed:b1:1a:4e:ae:
a6:93:d2:1f:7a:5b:1c:b4:58:bc:69:e3:e2:40:40:
5a:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:F9:1A:B4:EA:20:3D:CE:54:C6:1D:07:D4:7C:73:A4:70:A1:61:E7
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/_fkatOogPc5Uxh0H1HxzpHChYec.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
1d:d5:b5:4a:59:52:cd:d9:89:2a:20:ed:48:6f:ac:48:aa:b5:
8c:d4:43:0f:dc:24:a8:e8:70:b7:09:5b:31:a2:2b:c0:4b:a0:
46:85:b3:eb:be:92:51:cc:3a:1f:06:ba:a7:14:66:a5:20:1d:
1b:7c:71:72:85:83:01:51:04:8d:b2:21:3c:f2:de:c1:b4:59:
bc:5f:37:db:c6:8d:97:1b:85:7c:ee:9b:b9:75:40:1d:a1:d7:
73:39:fd:6a:3c:5e:c4:30:38:7e:2a:c3:df:0f:47:8c:1f:77:
d3:12:a8:a0:6d:68:75:c8:cd:5d:69:75:0f:a9:11:7e:b1:1b:
e3:87:d8:c0:fc:25:2c:78:ed:2d:fc:5a:5f:99:47:42:16:8e:
a7:0d:6b:a8:be:f1:4e:b2:27:7d:1a:38:5f:6d:b4:85:3f:48:
51:6e:e1:e4:04:26:fb:34:ff:c1:a3:8c:5b:32:49:69:af:b3:
60:b1:ef:3a:57:90:a4:fd:e3:f6:2a:7b:1f:c0:d0:b9:ad:52:
f1:cb:2c:b0:fe:6b:9d:5c:e0:55:12:51:01:64:5b:91:d9:3f:
7e:2b:fb:58:cc:36:66:9c:48:22:13:d5:44:0a:c0:c8:0c:97:
0f:36:10:ac:f0:79:66:28:b3:dc:a0:08:41:01:30:fb:80:c0:
ba:92:f9:0c
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICROMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MjAx
MDIzMDRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEZERjkxQUI0RUEyMDNE
Q0U1NEM2MUQwN0Q0N0M3M0E0NzBBMTYxRTcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDQc2XoijMkacbxFTxNA++5eeHGgZY4yzNQjN0e/265f5rDbnpA
ZA9DsF3vNV40lQnov9S5AovKEW5e+dr4vviCZOd+Rc1YciHPO+zUTmHTz7nrXlkE
ss6yyx02yG7Zj6V6jnOlbFBL4pZkSvwHX2jJcoEzJIIVA06SQ6VSAzgEp+E0vFDr
ZPE5pACkG5lbRCfyM/bi/Di2ycZ09E0pXLGhjj7o5I7CFNo7qUA/cEzWhRHDtJ4c
hW61Yaenuhr+5sQfhkmyPTxn+pY0n0xE/qANW2GdldoBcuaxKoGBrERinEmF/84b
as3nkGztsRpOrqaT0h96Wxy0WLxp4+JAQFrRAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQU/fkatOogPc5Uxh0H1HxzpHChYecwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L19ma2F0T29nUGM1VXho
MEgxSHh6cEhDaFllYy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAB3VtUpZUs3ZiSog7UhvrEiqtYzUQw/c
JKjocLcJWzGiK8BLoEaFs+u+klHMOh8GuqcUZqUgHRt8cXKFgwFRBI2yITzy3sG0
WbxfN9vGjZcbhXzum7l1QB2h13M5/Wo8XsQwOH4qw98PR4wfd9MSqKBtaHXIzV1p
dQ+pEX6xG+OH2MD8JSx47S38Wl+ZR0IWjqcNa6i+8U6yJ30aOF9ttIU/SFFu4eQE
Jvs0/8GjjFsySWmvs2Cx7zpXkKT94/Yqex/A0LmtUvHLLLD+a51c4FUSUQFkW5HZ
P34r+1jMNmacSCIT1UQKwMgMlw82EKzweWYos9ygCEEBMPuAwLqS+Qw=
-----END CERTIFICATE-----
Generated at Sat Apr 20 15:20:44 2024 by rpki-client on console.sobornost.net