Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/boi690HtUC5D2OeBf7Ue8zkc4MU.roa
File: boi690HtUC5D2OeBf7Ue8zkc4MU.roa (raw, json)
Hash identifier: ivFrvg/wJ2O6DhshLnIYHAVkRkBT+XEF9QdykmXM8Z8=
Subject key identifier: 6E:88:BA:F7:41:ED:50:2E:43:D8:E7:81:7F:B5:1E:F3:39:1C:E0:C5
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 5313
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/boi690HtUC5D2OeBf7Ue8zkc4MU.roa
Signing time: Thu 09 May 2024 08:23:58 +0000
ROA not before: Thu 09 May 2024 08:23:58 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21267 (0x5313)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 9 08:23:58 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=6E88BAF741ED502E43D8E7817FB51EF3391CE0C5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:b3:30:f4:6a:56:fe:e5:6e:a2:cb:73:7c:13:
10:c6:57:36:33:aa:ee:3f:2e:b0:e9:53:73:7d:bc:
e3:24:ab:76:35:28:ac:37:bb:6b:ff:60:83:46:02:
95:47:1e:b6:c1:a7:3a:f1:2d:b0:c4:fa:f1:e6:56:
bf:dc:a4:66:90:f0:79:8e:07:0a:9a:34:a3:d2:f3:
d4:ba:db:f8:28:20:21:b0:38:3c:08:6e:94:25:b4:
6e:44:e5:cd:47:1b:c0:cc:79:2b:89:c4:16:c5:82:
75:54:2e:3b:62:a8:40:87:3c:65:a2:e2:25:cf:f1:
68:e8:95:9f:ea:f4:83:4d:80:ee:7c:27:ae:a4:ee:
9d:83:bb:7a:d3:50:88:83:a9:36:bd:06:ad:45:96:
05:2e:74:20:48:b7:17:f8:cf:63:20:3a:5b:15:a7:
d5:18:ed:e7:e2:0b:39:a5:10:45:f9:8a:9a:4b:c4:
54:76:a1:16:8f:9e:c6:03:ff:9e:42:97:57:19:95:
50:d1:21:a3:79:a1:f5:06:29:36:be:16:94:fa:aa:
c4:34:24:ab:76:b0:0d:17:d9:9d:8a:d8:31:03:b3:
2e:53:37:05:70:13:c0:0f:64:d7:60:39:79:52:6a:
97:a8:0d:d7:b4:27:5f:00:ad:ab:51:3b:05:c7:3e:
55:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:88:BA:F7:41:ED:50:2E:43:D8:E7:81:7F:B5:1E:F3:39:1C:E0:C5
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/boi690HtUC5D2OeBf7Ue8zkc4MU.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
01:bb:f2:2f:44:96:d6:88:83:71:b7:8a:7b:38:69:37:7a:61:
ef:4f:74:4e:55:ba:7e:73:79:6f:5e:a0:6f:26:64:11:77:53:
5f:a9:96:39:94:c2:9e:9b:2b:33:fd:16:5e:b4:0a:74:a1:a1:
f4:cb:0f:b2:2e:12:9c:3b:d1:45:3e:d0:fe:e4:48:76:04:2a:
bc:72:dd:4c:7f:3e:42:74:91:30:5b:ec:09:f5:09:82:a2:ca:
7a:f9:bd:08:32:c9:7b:f9:e1:93:0b:ec:ef:84:13:3a:e7:1c:
c5:92:80:ee:48:f7:72:c8:92:aa:b1:58:8e:b7:6d:27:0e:17:
50:80:3b:40:87:5b:71:cb:4a:00:f4:01:49:99:9c:0f:b9:b9:
82:a0:0c:b9:38:29:eb:c7:12:59:fb:8b:0a:c8:f5:9a:6e:7c:
0b:e5:81:1b:ae:15:2a:fe:db:88:87:97:f2:68:10:96:24:c7:
45:53:fd:b5:35:98:87:15:66:9f:fc:03:5f:60:3a:fe:97:09:
15:6a:3a:cf:04:f3:3d:8d:bd:c5:9a:ef:1d:1a:80:f5:d5:74:
25:bb:84:04:8a:f5:5b:55:13:b4:13:c0:78:75:45:51:5a:1f:
62:7e:6f:ff:ce:65:30:9a:42:33:34:4c:26:25:5b:84:f5:58:
b2:c2:56:4d
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICUxMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDkw
ODIzNThaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDZFODhCQUY3NDFFRDUw
MkU0M0Q4RTc4MTdGQjUxRUYzMzkxQ0UwQzUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC0szD0alb+5W6iy3N8ExDGVzYzqu4/LrDpU3N9vOMkq3Y1KKw3
u2v/YINGApVHHrbBpzrxLbDE+vHmVr/cpGaQ8HmOBwqaNKPS89S62/goICGwODwI
bpQltG5E5c1HG8DMeSuJxBbFgnVULjtiqECHPGWi4iXP8WjolZ/q9INNgO58J66k
7p2Du3rTUIiDqTa9Bq1FlgUudCBItxf4z2MgOlsVp9UY7efiCzmlEEX5ippLxFR2
oRaPnsYD/55Cl1cZlVDRIaN5ofUGKTa+FpT6qsQ0JKt2sA0X2Z2K2DEDsy5TNwVw
E8APZNdgOXlSapeoDde0J18AratROwXHPlW1AgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUboi690HtUC5D2OeBf7Ue8zkc4MUwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2JvaTY5MEh0VUM1RDJP
ZUJmN1VlOHprYzRNVS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAAG78i9EltaIg3G3ins4aTd6Ye9PdE5V
un5zeW9eoG8mZBF3U1+pljmUwp6bKzP9Fl60CnShofTLD7IuEpw70UU+0P7kSHYE
Krxy3Ux/PkJ0kTBb7An1CYKiynr5vQgyyXv54ZML7O+EEzrnHMWSgO5I93LIkqqx
WI63bScOF1CAO0CHW3HLSgD0AUmZnA+5uYKgDLk4KevHEln7iwrI9ZpufAvlgRuu
FSr+24iHl/JoEJYkx0VT/bU1mIcVZp/8A19gOv6XCRVqOs8E8z2NvcWa7x0agPXV
dCW7hASK9VtVE7QTwHh1RVFaH2J+b//OZTCaQjM0TCYlW4T1WLLCVk0=
-----END CERTIFICATE-----
Generated at Thu May 9 14:22:49 2024 by rpki-client on console.sobornost.net