Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/epK3Dtjuki44adEnDwMHVGEpV-4.roa
File: epK3Dtjuki44adEnDwMHVGEpV-4.roa (raw, json)
Hash identifier: wt6Gn23jZp6AFV6YRB74YzLiv1VAq21bvjMhMgSkusY=
Subject key identifier: 7A:92:B7:0E:D8:EE:92:2E:38:69:D1:27:0F:03:07:54:61:29:57:EE
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 32FB
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/epK3Dtjuki44adEnDwMHVGEpV-4.roa
Signing time: Wed 27 Mar 2024 13:22:02 +0000
ROA not before: Wed 27 Mar 2024 13:22:02 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13051 (0x32fb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Mar 27 13:22:02 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=7A92B70ED8EE922E3869D1270F030754612957EE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:36:0e:a7:6d:02:21:d0:cf:e1:66:45:8f:35:
eb:b9:8b:ec:60:8e:fd:8f:8b:b4:88:61:a2:b3:6a:
39:01:7b:9e:04:ab:27:1e:65:19:4e:14:85:fb:7e:
8b:be:45:1d:00:a5:47:00:3b:aa:58:1f:58:3d:79:
97:93:4a:ee:cc:f5:20:31:f5:d4:28:b3:36:f6:91:
72:0f:0c:2f:cf:74:09:52:e8:b1:bf:a1:b2:d7:2a:
aa:bb:0e:f0:5a:03:03:35:86:ad:12:a4:1d:fc:de:
b0:d1:02:d1:6f:10:d0:7f:8c:55:51:87:fb:71:86:
76:4f:db:e4:a4:9c:a4:08:74:2e:c2:71:0b:35:07:
76:b1:00:50:31:f8:7c:12:2b:03:22:81:19:9c:b6:
32:2a:4d:8e:05:f7:3d:b8:ac:d0:9a:e1:41:a4:bd:
12:b9:14:5b:40:a8:b4:e6:9f:d0:89:23:f0:02:5e:
1f:81:18:7c:60:19:fe:3c:ac:3b:23:15:06:f0:99:
3f:3c:61:6e:d7:87:18:0f:68:03:9d:95:69:55:b3:
b2:71:60:0a:99:db:37:7f:ff:11:88:dc:f2:2f:79:
b3:04:3c:56:d4:06:e1:12:f6:29:57:70:14:d1:5a:
94:8e:1a:0c:3a:f2:00:d6:9f:fe:fb:21:fe:ba:f2:
05:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:92:B7:0E:D8:EE:92:2E:38:69:D1:27:0F:03:07:54:61:29:57:EE
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/epK3Dtjuki44adEnDwMHVGEpV-4.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
4b:c3:b6:10:c1:e7:53:86:19:2f:0f:44:15:b1:d0:00:72:08:
73:5a:bf:76:58:9d:20:d6:9f:be:af:69:1d:7a:3c:be:2a:3d:
4e:f0:13:2f:95:97:a2:d6:c1:65:4e:08:68:59:d4:84:7b:73:
94:ee:83:75:aa:b1:ce:84:71:7e:ae:7c:2e:72:9f:be:f7:01:
b6:c0:83:93:81:76:b1:fa:56:d9:88:b1:70:e0:ff:56:59:71:
b1:74:a4:08:db:de:3a:41:57:8b:f0:a0:70:8d:45:b3:b4:3f:
62:61:03:5a:b3:2b:e8:fe:8c:21:82:66:c0:07:15:e4:3d:65:
a0:ed:58:40:b6:2e:70:a1:55:27:b8:6c:39:ba:fe:cc:a6:2e:
7d:10:00:cb:c4:7f:98:6e:5d:ca:db:5d:d0:4d:77:f5:ac:54:
31:90:15:4a:eb:38:b8:8f:b4:cb:ab:8c:bb:9d:41:93:c3:75:
02:10:93:dd:79:d8:ce:77:41:fb:23:47:3e:5a:81:0d:aa:af:
c7:12:e4:e3:3f:f3:09:da:29:35:16:01:5e:95:0c:99:16:83:
96:1c:05:e0:8f:d8:5f:31:50:d3:6b:21:ae:0d:0c:54:1d:a1:
f5:69:a1:dc:b9:38:11:aa:78:90:8c:32:84:8a:d3:f4:05:83:
8a:f0:d1:d5
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICMvswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDAzMjcx
MzIyMDJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDdBOTJCNzBFRDhFRTky
MkUzODY5RDEyNzBGMDMwNzU0NjEyOTU3RUUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCTNg6nbQIh0M/hZkWPNeu5i+xgjv2Pi7SIYaKzajkBe54Eqyce
ZRlOFIX7fou+RR0ApUcAO6pYH1g9eZeTSu7M9SAx9dQoszb2kXIPDC/PdAlS6LG/
obLXKqq7DvBaAwM1hq0SpB383rDRAtFvENB/jFVRh/txhnZP2+SknKQIdC7CcQs1
B3axAFAx+HwSKwMigRmctjIqTY4F9z24rNCa4UGkvRK5FFtAqLTmn9CJI/ACXh+B
GHxgGf48rDsjFQbwmT88YW7XhxgPaAOdlWlVs7JxYAqZ2zd//xGI3PIvebMEPFbU
BuES9ilXcBTRWpSOGgw68gDWn/77If668gVhAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUepK3Dtjuki44adEnDwMHVGEpV+4wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2VwSzNEdGp1a2k0NGFk
RW5Ed01IVkdFcFYtNC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAEvDthDB51OGGS8PRBWx0AByCHNav3ZY
nSDWn76vaR16PL4qPU7wEy+Vl6LWwWVOCGhZ1IR7c5Tug3Wqsc6EcX6ufC5yn773
AbbAg5OBdrH6VtmIsXDg/1ZZcbF0pAjb3jpBV4vwoHCNRbO0P2JhA1qzK+j+jCGC
ZsAHFeQ9ZaDtWEC2LnChVSe4bDm6/symLn0QAMvEf5huXcrbXdBNd/WsVDGQFUrr
OLiPtMurjLudQZPDdQIQk9152M53QfsjRz5agQ2qr8cS5OM/8wnaKTUWAV6VDJkW
g5YcBeCP2F8xUNNrIa4NDFQdofVpody5OBGqeJCMMoSK0/QFg4rw0dU=
-----END CERTIFICATE-----
Generated at Wed Mar 27 20:11:32 2024 by rpki-client on console.sobornost.net