Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/bkl3aKowfyzaOaNJFJK94mGBCVE.roa
File: bkl3aKowfyzaOaNJFJK94mGBCVE.roa (raw, json)
Hash identifier: cFYeMwXEFjQl3jugDOOiqx7rNR586FB77c7zfTURG1g=
Subject key identifier: 6E:49:77:68:AA:30:7F:2C:DA:39:A3:49:14:92:BD:E2:61:81:09:51
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4E97
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/bkl3aKowfyzaOaNJFJK94mGBCVE.roa
Signing time: Fri 03 May 2024 08:53:44 +0000
ROA not before: Fri 03 May 2024 08:53:44 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 20119 (0x4e97)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 3 08:53:44 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=6E497768AA307F2CDA39A3491492BDE261810951
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:06:bf:c6:68:43:42:80:5c:c4:e4:6b:e4:cf:
c7:51:e9:0c:1a:0f:d7:c0:ad:12:e1:91:4f:7e:e4:
d8:ea:43:4a:ff:fb:da:b4:3d:48:85:de:77:84:0c:
09:76:64:90:54:c5:12:3c:a9:d3:20:db:0e:13:13:
83:5e:5c:6d:ca:a4:05:fd:36:da:c7:ec:a8:10:bf:
a7:9b:b2:d3:8d:3f:d9:9d:0a:43:9f:a5:91:20:e6:
63:47:82:cf:3f:9b:59:ea:53:ef:f5:74:38:6a:20:
b8:91:fc:47:80:ff:36:a1:c3:e1:4d:d3:5c:9b:f4:
06:29:39:38:75:44:1c:c5:77:4d:c0:06:55:fd:9b:
0e:67:6a:b4:da:dd:9c:67:1d:14:ce:15:24:98:f5:
4e:23:05:0c:e3:51:24:44:a5:ab:5a:8b:74:18:4e:
b3:5f:32:99:7d:a3:59:ac:3c:63:b9:7f:15:33:52:
a1:32:2d:7a:c1:6a:c5:45:ca:be:c2:73:b4:24:d7:
5d:75:86:c4:2c:dc:02:87:8b:72:3d:b5:b5:a0:53:
18:69:94:4d:ae:e1:19:89:42:bc:a8:05:dd:5e:3e:
b0:16:c8:f7:b0:df:ce:c9:43:52:d4:92:4a:81:b9:
d0:3b:0a:36:66:fb:2d:c0:46:f1:08:be:65:fd:b8:
5c:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:49:77:68:AA:30:7F:2C:DA:39:A3:49:14:92:BD:E2:61:81:09:51
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/bkl3aKowfyzaOaNJFJK94mGBCVE.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
98:34:1e:a5:70:b8:e0:ab:47:f7:4e:5c:9b:a8:ad:4a:1e:20:
e0:6b:27:ef:8b:28:0d:f8:99:68:0b:18:d8:7c:ad:dc:b5:dd:
3c:bb:d6:37:5b:28:c5:4a:0e:33:46:3e:62:6e:dc:ac:ae:8f:
f6:29:91:75:e3:33:a9:e3:b2:0f:08:4a:3b:55:d6:0e:05:fd:
44:c4:c5:19:41:1d:ab:0b:e6:55:f3:bf:50:65:58:4b:e0:b2:
44:57:bb:e0:8f:3e:ad:d9:46:09:09:82:73:3a:cb:89:cd:59:
8c:42:9d:80:ee:50:f7:d2:91:5c:91:d7:ee:aa:73:ea:08:a5:
0f:ae:53:65:6f:59:4e:af:3d:bf:7a:9a:24:f6:87:08:e2:d3:
7b:ef:03:b4:90:88:57:8c:1d:3c:4c:b3:45:40:1a:be:1d:65:
71:97:3f:b7:e9:9c:cf:34:94:cf:b3:39:97:65:3b:9d:6c:f8:
87:18:70:82:d8:63:04:2b:94:53:8e:16:f5:61:31:a7:ee:8d:
38:0c:b9:91:fc:bc:15:f8:fb:49:20:f9:a0:f7:61:c2:14:d2:
2b:f1:32:8f:7f:f5:b5:1f:a0:24:30:6b:6d:05:89:4a:17:37:
fb:8c:b5:69:78:06:f3:a7:96:65:85:1e:4d:8e:8e:b7:29:88:
07:b8:72:5b
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICTpcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDMw
ODUzNDRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDZFNDk3NzY4QUEzMDdG
MkNEQTM5QTM0OTE0OTJCREUyNjE4MTA5NTEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCwBr/GaENCgFzE5Gvkz8dR6QwaD9fArRLhkU9+5NjqQ0r/+9q0
PUiF3neEDAl2ZJBUxRI8qdMg2w4TE4NeXG3KpAX9NtrH7KgQv6ebstONP9mdCkOf
pZEg5mNHgs8/m1nqU+/1dDhqILiR/EeA/zahw+FN01yb9AYpOTh1RBzFd03ABlX9
mw5narTa3ZxnHRTOFSSY9U4jBQzjUSREpatai3QYTrNfMpl9o1msPGO5fxUzUqEy
LXrBasVFyr7Cc7Qk1111hsQs3AKHi3I9tbWgUxhplE2u4RmJQryoBd1ePrAWyPew
387JQ1LUkkqBudA7CjZm+y3ARvEIvmX9uFzZAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUbkl3aKowfyzaOaNJFJK94mGBCVEwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2JrbDNhS293Znl6YU9h
TkpGSks5NG1HQkNWRS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAJg0HqVwuOCrR/dOXJuorUoeIOBrJ++L
KA34mWgLGNh8rdy13Ty71jdbKMVKDjNGPmJu3Kyuj/YpkXXjM6njsg8ISjtV1g4F
/UTExRlBHasL5lXzv1BlWEvgskRXu+CPPq3ZRgkJgnM6y4nNWYxCnYDuUPfSkVyR
1+6qc+oIpQ+uU2VvWU6vPb96miT2hwji03vvA7SQiFeMHTxMs0VAGr4dZXGXP7fp
nM80lM+zOZdlO51s+IcYcILYYwQrlFOOFvVhMafujTgMuZH8vBX4+0kg+aD3YcIU
0ivxMo9/9bUfoCQwa20FiUoXN/uMtWl4BvOnlmWFHk2OjrcpiAe4cls=
-----END CERTIFICATE-----
Generated at Fri May 3 14:44:29 2024 by rpki-client on console.sobornost.net