Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/eWRfdvr0w0bpByrxMIAzKT0NPjk.roa
File: eWRfdvr0w0bpByrxMIAzKT0NPjk.roa (raw, json)
Hash identifier: E8VZWsFXKNV7j8UDfLbLWFY/DTfIXUSQaGtmVrP4slk=
Subject key identifier: 79:64:5F:76:FA:F4:C3:46:E9:07:2A:F1:30:80:33:29:3D:0D:3E:39
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 32E3
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/eWRfdvr0w0bpByrxMIAzKT0NPjk.roa
Signing time: Wed 27 Mar 2024 10:22:23 +0000
ROA not before: Wed 27 Mar 2024 10:22:23 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13027 (0x32e3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Mar 27 10:22:23 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=79645F76FAF4C346E9072AF1308033293D0D3E39
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:76:5f:84:53:2f:fe:4f:76:78:c9:35:a8:6a:
ba:d4:c0:f6:2f:08:e2:3e:81:99:d2:32:bc:83:ce:
d9:0e:92:2e:8a:76:e5:7d:5d:3b:d5:ce:53:9b:c7:
3a:54:2a:c0:72:3e:fe:dd:ca:37:3f:95:3e:ec:69:
5b:66:ec:81:ff:85:df:bb:aa:46:39:91:ad:19:8b:
9b:d7:a5:1b:12:83:9c:c4:7d:f1:84:50:c9:e6:b9:
ed:25:b2:0e:12:27:bf:49:83:f2:46:54:f7:4b:40:
04:d8:d7:21:5c:ea:c5:6b:b5:5c:4a:9b:9e:75:e4:
df:d6:bb:38:ad:3e:f4:2c:6e:a4:87:51:bd:ca:19:
ff:f2:d8:80:bc:bb:f5:9f:f6:f0:c1:e4:33:1e:0b:
3f:4d:66:c8:83:30:95:60:0b:a6:42:69:5e:fe:cb:
db:54:86:af:8a:c3:c6:89:52:7a:45:f1:c0:42:1d:
83:7e:e4:04:1d:d3:6c:81:8e:c3:0e:60:1a:50:4d:
3a:aa:13:72:32:43:0f:98:b5:02:61:d8:08:54:a1:
85:94:1c:db:39:e7:ee:a1:d6:ba:5b:27:67:21:0e:
0f:d8:ee:d1:77:27:49:1b:87:30:d3:6a:47:71:19:
3e:62:bb:2a:a0:31:ac:ba:37:79:a0:e0:40:35:32:
f2:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:64:5F:76:FA:F4:C3:46:E9:07:2A:F1:30:80:33:29:3D:0D:3E:39
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/eWRfdvr0w0bpByrxMIAzKT0NPjk.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
32:08:24:93:f7:16:b6:8b:66:b9:e3:db:d7:9c:7a:7d:ac:65:
c9:b9:71:37:44:30:16:b6:d9:c7:3f:17:3c:78:9c:84:59:0a:
9f:0c:d4:e1:4b:3a:15:2e:3c:77:e2:61:2f:97:8d:b2:0d:c9:
bc:f8:3a:25:8b:71:a2:43:e6:80:45:59:d7:bc:45:a8:e5:17:
ac:73:32:4f:21:bc:06:c7:68:41:72:3e:81:bd:6e:86:90:6f:
d1:ac:c4:3a:ab:59:65:68:3f:d9:eb:52:29:ea:83:1f:ce:d0:
94:97:7d:ad:06:f2:84:ef:2a:22:ef:91:05:41:9a:32:24:b3:
a6:07:97:8c:bc:58:21:fc:2e:00:4c:52:0c:bb:1a:05:6c:81:
ae:55:1c:97:3e:32:db:48:3a:bc:23:a7:bd:73:e1:97:37:33:
75:8b:fe:70:35:f6:32:66:b0:bd:ee:2f:40:1b:73:19:6c:fd:
82:f3:03:89:6d:a4:55:aa:ef:1b:bd:96:78:9b:29:55:d0:7c:
cc:de:ad:da:51:11:ff:05:c6:e7:48:66:ae:6c:c7:d0:a5:02:
4c:75:56:95:e1:02:26:e6:27:d6:02:10:59:cd:75:70:45:22:
2a:30:ef:cc:67:ab:77:8c:18:9c:c1:04:21:16:2c:55:4f:9e:
f3:a8:0a:e8
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICMuMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDAzMjcx
MDIyMjNaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDc5NjQ1Rjc2RkFGNEMz
NDZFOTA3MkFGMTMwODAzMzI5M0QwRDNFMzkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDEdl+EUy/+T3Z4yTWoarrUwPYvCOI+gZnSMryDztkOki6KduV9
XTvVzlObxzpUKsByPv7dyjc/lT7saVtm7IH/hd+7qkY5ka0Zi5vXpRsSg5zEffGE
UMnmue0lsg4SJ79Jg/JGVPdLQATY1yFc6sVrtVxKm5515N/WuzitPvQsbqSHUb3K
Gf/y2IC8u/Wf9vDB5DMeCz9NZsiDMJVgC6ZCaV7+y9tUhq+Kw8aJUnpF8cBCHYN+
5AQd02yBjsMOYBpQTTqqE3IyQw+YtQJh2AhUoYWUHNs55+6h1rpbJ2chDg/Y7tF3
J0kbhzDTakdxGT5iuyqgMay6N3mg4EA1MvLHAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUeWRfdvr0w0bpByrxMIAzKT0NPjkwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2VXUmZkdnIwdzBicEJ5
cnhNSUF6S1QwTlBqay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBADIIJJP3FraLZrnj29ecen2sZcm5cTdE
MBa22cc/Fzx4nIRZCp8M1OFLOhUuPHfiYS+XjbINybz4OiWLcaJD5oBFWde8Rajl
F6xzMk8hvAbHaEFyPoG9boaQb9GsxDqrWWVoP9nrUinqgx/O0JSXfa0G8oTvKiLv
kQVBmjIks6YHl4y8WCH8LgBMUgy7GgVsga5VHJc+MttIOrwjp71z4Zc3M3WL/nA1
9jJmsL3uL0Abcxls/YLzA4ltpFWq7xu9lnibKVXQfMzerdpREf8FxudIZq5sx9Cl
Akx1VpXhAibmJ9YCEFnNdXBFIiow78xnq3eMGJzBBCEWLFVPnvOoCug=
-----END CERTIFICATE-----
Generated at Wed Mar 27 16:40:20 2024 by rpki-client on console.sobornost.net