Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/aCbmgsphxO3H1D8D2dBP8z-06oU.roa
File: aCbmgsphxO3H1D8D2dBP8z-06oU.roa (raw, json)
Hash identifier: nzv7KBaljcYZ3rbnabaK7zYxgz70pKQLqWMU2vb/aDw=
Subject key identifier: 68:26:E6:82:CA:61:C4:ED:C7:D4:3F:03:D9:D0:4F:F3:3F:B4:EA:85
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4A2B
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/aCbmgsphxO3H1D8D2dBP8z-06oU.roa
Signing time: Sat 27 Apr 2024 11:23:23 +0000
ROA not before: Sat 27 Apr 2024 11:23:23 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18987 (0x4a2b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 27 11:23:23 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=6826E682CA61C4EDC7D43F03D9D04FF33FB4EA85
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:08:0e:2e:fb:28:11:d8:af:25:87:69:dd:74:
29:3e:cc:5f:f0:e7:d5:ab:79:e5:9e:a9:43:32:b3:
85:a5:32:dc:ce:21:05:a5:3f:48:5c:84:54:ce:ee:
ec:23:89:69:be:65:58:d7:9b:ac:e4:47:92:23:a7:
2a:cc:ba:f4:0b:0d:60:f8:10:c7:7a:fc:18:c5:a4:
54:fd:73:ec:8a:bb:8a:bc:84:fb:80:ea:8c:82:ad:
d2:35:03:1c:78:c8:f5:99:f7:97:d3:37:62:0c:48:
48:cf:4a:55:17:17:8a:c0:ab:03:22:d5:26:1c:ba:
ae:a3:fc:52:32:37:49:94:35:b9:85:28:c4:a0:0a:
7c:35:15:1f:7c:dc:5b:3c:c9:5c:8c:b2:a6:11:24:
53:ba:51:3d:c1:45:25:cd:f4:ee:2b:b1:d3:45:c1:
23:3c:3b:5e:73:85:82:a8:0b:00:e3:7e:52:c3:76:
c6:1a:a7:6d:a3:3d:41:de:ad:7e:c1:dc:13:d6:c2:
5b:07:74:94:fb:63:6b:c5:a5:90:c5:c8:14:67:24:
26:9e:c2:35:57:73:c2:84:41:40:ef:94:2d:f6:a3:
39:24:58:f3:9b:e6:f2:5e:96:05:f1:e2:47:b2:91:
ea:e2:a7:03:45:45:5d:24:59:57:c4:3c:ba:46:cb:
c8:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:26:E6:82:CA:61:C4:ED:C7:D4:3F:03:D9:D0:4F:F3:3F:B4:EA:85
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/aCbmgsphxO3H1D8D2dBP8z-06oU.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
16:b7:6c:84:70:12:f0:d3:e5:9b:33:6d:84:ba:df:8e:0d:3b:
96:8a:9b:34:c0:f2:d0:5d:73:fb:25:56:a2:e8:36:47:e8:0e:
95:eb:ee:62:b2:19:97:ab:3e:a4:dc:ee:ec:7b:94:35:14:f1:
69:ea:35:84:bd:3e:cb:df:90:1b:d1:9c:14:93:e4:51:30:42:
5d:63:ae:e2:b0:65:75:fd:71:f3:49:75:7b:8f:d5:68:42:27:
21:f3:8c:b6:dc:f3:a1:28:c5:5f:9c:c1:ec:94:b5:5e:a7:a0:
3f:45:32:1a:7d:b4:ac:ab:67:19:b8:93:89:4c:de:96:ac:22:
ea:d6:1f:22:13:64:ed:4b:8d:1b:43:76:65:81:85:cd:92:5c:
54:78:f9:da:51:10:a0:00:00:0e:d7:9b:a8:08:ed:5b:68:1f:
cc:78:f1:da:3e:0b:c9:12:3c:e2:36:c6:67:27:c7:84:09:15:
48:55:5e:06:b5:25:5f:d0:9a:f9:41:de:ca:23:61:65:e6:40:
c6:dd:e2:16:54:10:6c:ca:31:2c:90:b7:5a:8d:67:bd:29:7c:
e2:99:17:80:f8:d1:a9:6d:ea:88:37:95:dc:e8:eb:1d:77:0c:
00:33:1b:af:56:24:8a:32:30:9f:5f:8a:62:8b:fc:7f:90:61:
c9:88:6d:d5
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICSiswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0Mjcx
MTIzMjNaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDY4MjZFNjgyQ0E2MUM0
RURDN0Q0M0YwM0Q5RDA0RkYzM0ZCNEVBODUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDVCA4u+ygR2K8lh2nddCk+zF/w59WreeWeqUMys4WlMtzOIQWl
P0hchFTO7uwjiWm+ZVjXm6zkR5IjpyrMuvQLDWD4EMd6/BjFpFT9c+yKu4q8hPuA
6oyCrdI1Axx4yPWZ95fTN2IMSEjPSlUXF4rAqwMi1SYcuq6j/FIyN0mUNbmFKMSg
Cnw1FR983Fs8yVyMsqYRJFO6UT3BRSXN9O4rsdNFwSM8O15zhYKoCwDjflLDdsYa
p22jPUHerX7B3BPWwlsHdJT7Y2vFpZDFyBRnJCaewjVXc8KEQUDvlC32ozkkWPOb
5vJelgXx4keykeripwNFRV0kWVfEPLpGy8j3AgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUaCbmgsphxO3H1D8D2dBP8z+06oUwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2FDYm1nc3BoeE8zSDFE
OEQyZEJQOHotMDZvVS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBABa3bIRwEvDT5ZszbYS6344NO5aKmzTA
8tBdc/slVqLoNkfoDpXr7mKyGZerPqTc7ux7lDUU8WnqNYS9PsvfkBvRnBST5FEw
Ql1jruKwZXX9cfNJdXuP1WhCJyHzjLbc86EoxV+cweyUtV6noD9FMhp9tKyrZxm4
k4lM3pasIurWHyITZO1LjRtDdmWBhc2SXFR4+dpREKAAAA7Xm6gI7VtoH8x48do+
C8kSPOI2xmcnx4QJFUhVXga1JV/QmvlB3sojYWXmQMbd4hZUEGzKMSyQt1qNZ70p
fOKZF4D40alt6og3ldzo6x13DAAzG69WJIoyMJ9fimKL/H+QYcmIbdU=
-----END CERTIFICATE-----
Generated at Sat Apr 27 16:48:26 2024 by rpki-client on console.sobornost.net