Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/dLgwq3uLztlKHUkI6Na25b3hR-I.roa
File: dLgwq3uLztlKHUkI6Na25b3hR-I.roa (raw, json)
Hash identifier: HaD4DRekgpDm9OW/UgspLMl2qxjpi8gj7CZ0AumZqE4=
Subject key identifier: 74:B8:30:AB:7B:8B:CE:D9:4A:1D:49:08:E8:D6:B6:E5:BD:E1:47:E2
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4C1F
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/dLgwq3uLztlKHUkI6Na25b3hR-I.roa
Signing time: Tue 30 Apr 2024 01:53:31 +0000
ROA not before: Tue 30 Apr 2024 01:53:31 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 19487 (0x4c1f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 30 01:53:31 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=74B830AB7B8BCED94A1D4908E8D6B6E5BDE147E2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:a8:a4:6e:45:14:01:42:ef:31:69:b1:3a:17:
ab:a2:3c:71:81:10:18:13:12:ed:6f:ec:e3:28:46:
90:c0:a8:c3:7b:82:2b:7b:45:d1:75:64:77:da:2c:
e2:93:ea:8e:7f:b8:23:07:47:d7:95:0c:ae:17:3b:
d2:a5:31:3c:5a:c0:05:9b:6d:cf:81:ab:71:3d:8d:
17:74:a5:0b:8f:cc:b4:00:42:8c:2d:94:d3:66:36:
84:1b:e2:b8:97:e4:1e:84:b6:12:92:be:e0:e0:8c:
b1:77:b3:3f:bf:30:fd:28:f3:8c:61:82:e9:34:e3:
f9:37:ce:d3:e1:fd:53:db:fa:01:6e:50:60:82:70:
7f:99:68:b8:f6:c5:12:b5:dc:43:cf:10:c6:ec:c5:
c8:7f:a2:49:8a:30:25:1c:25:3c:79:3b:43:41:fc:
c5:8c:38:9c:d0:2e:6e:22:fa:69:a0:67:5a:95:88:
cc:4f:f4:b6:46:f7:1b:0a:c2:7e:97:4e:b9:19:1e:
37:48:78:9d:14:e1:5e:99:0f:cc:fa:f9:ec:9d:e9:
17:c0:47:70:40:c8:0e:39:a9:07:fa:38:dc:86:e1:
d0:8e:8f:f1:6c:3e:d5:57:8c:94:dd:5a:ac:d0:cc:
ff:cb:90:b7:93:11:91:9c:e9:2c:59:dd:e7:10:db:
f0:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:B8:30:AB:7B:8B:CE:D9:4A:1D:49:08:E8:D6:B6:E5:BD:E1:47:E2
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/dLgwq3uLztlKHUkI6Na25b3hR-I.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
b6:c3:47:13:63:1a:8a:27:e1:f2:7a:95:9c:4f:4b:fb:b2:ac:
dc:9e:e7:fa:27:54:92:e4:ec:84:57:0a:cd:88:f0:e7:75:9e:
09:95:ad:f4:3d:01:e4:cb:ec:a1:98:c0:cc:61:27:52:9d:4a:
ce:46:9b:0e:7b:64:8c:2b:19:c2:01:62:b6:30:01:ee:0d:11:
c2:0f:69:6e:84:64:92:77:f1:c7:d4:62:2a:6b:33:ac:f5:ee:
93:88:3a:1e:ae:70:6f:71:cf:9f:82:5e:c8:d6:5c:8b:b1:d4:
d1:1d:f3:eb:1b:97:29:eb:f8:95:4e:77:8b:74:06:92:99:cf:
9a:3c:18:83:7a:87:d4:51:6d:db:7c:a2:c0:05:fd:25:ee:05:
29:d1:20:0d:10:30:de:52:40:ac:ff:3d:1d:88:e6:d3:7a:84:
ee:be:f0:c8:5d:1e:32:f3:cc:21:df:cd:12:20:c9:92:c7:86:
39:97:ab:c2:bb:e7:c8:c9:8b:8d:df:a6:fb:00:3b:1a:a6:f0:
21:32:11:7f:0f:d9:25:b6:67:5d:98:28:6f:67:f8:32:6b:86:
b0:89:2e:f4:4f:d9:0a:41:78:1d:28:be:f3:c9:c2:89:a6:c1:
57:14:c0:13:43:57:01:a7:c0:45:73:2f:77:41:fc:16:74:cf:
68:96:b5:0f
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICTB8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MzAw
MTUzMzFaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDc0QjgzMEFCN0I4QkNF
RDk0QTFENDkwOEU4RDZCNkU1QkRFMTQ3RTIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDbqKRuRRQBQu8xabE6F6uiPHGBEBgTEu1v7OMoRpDAqMN7git7
RdF1ZHfaLOKT6o5/uCMHR9eVDK4XO9KlMTxawAWbbc+Bq3E9jRd0pQuPzLQAQowt
lNNmNoQb4riX5B6EthKSvuDgjLF3sz+/MP0o84xhguk04/k3ztPh/VPb+gFuUGCC
cH+ZaLj2xRK13EPPEMbsxch/okmKMCUcJTx5O0NB/MWMOJzQLm4i+mmgZ1qViMxP
9LZG9xsKwn6XTrkZHjdIeJ0U4V6ZD8z6+eyd6RfAR3BAyA45qQf6ONyG4dCOj/Fs
PtVXjJTdWqzQzP/LkLeTEZGc6SxZ3ecQ2/DPAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUdLgwq3uLztlKHUkI6Na25b3hR+IwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2RMZ3dxM3VMenRsS0hV
a0k2TmEyNWIzaFItSS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBALbDRxNjGoon4fJ6lZxPS/uyrNye5/on
VJLk7IRXCs2I8Od1ngmVrfQ9AeTL7KGYwMxhJ1KdSs5Gmw57ZIwrGcIBYrYwAe4N
EcIPaW6EZJJ38cfUYiprM6z17pOIOh6ucG9xz5+CXsjWXIux1NEd8+sblynr+JVO
d4t0BpKZz5o8GIN6h9RRbdt8osAF/SXuBSnRIA0QMN5SQKz/PR2I5tN6hO6+8Mhd
HjLzzCHfzRIgyZLHhjmXq8K758jJi43fpvsAOxqm8CEyEX8P2SW2Z12YKG9n+DJr
hrCJLvRP2QpBeB0ovvPJwommwVcUwBNDVwGnwEVzL3dB/BZ0z2iWtQ8=
-----END CERTIFICATE-----
Generated at Tue Apr 30 14:15:40 2024 by rpki-client on console.sobornost.net