Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/irZ_xhFdYltu3J_zVYbUKcMzCEc.roa
File: irZ_xhFdYltu3J_zVYbUKcMzCEc.roa (raw, json)
Hash identifier: e8OnDxXfFXteLICmZQYZ1S2LaVwIR1/qwVPcmZv7F6E=
Subject key identifier: 8A:B6:7F:C6:11:5D:62:5B:6E:DC:9F:F3:55:86:D4:29:C3:33:08:47
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4C9B
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/irZ_xhFdYltu3J_zVYbUKcMzCEc.roa
Signing time: Tue 30 Apr 2024 17:23:35 +0000
ROA not before: Tue 30 Apr 2024 17:23:35 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 19611 (0x4c9b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 30 17:23:35 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=8AB67FC6115D625B6EDC9FF35586D429C3330847
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:ad:2c:13:92:ea:3f:6d:74:43:54:12:8c:e6:
c9:b9:f5:5f:59:10:b7:1e:d2:f9:21:83:a6:af:3b:
ae:6a:c1:6a:72:0b:bb:9f:42:44:83:0b:ef:7a:9f:
56:39:3e:d7:d5:5d:f8:b9:29:73:2f:cc:4b:84:f3:
9c:5f:0d:f5:d6:0d:d8:b5:df:f7:4d:a8:1e:4c:b7:
08:d1:1d:18:a0:46:07:cb:19:6b:aa:c0:ef:ff:66:
1d:e7:ac:69:ac:ff:6c:ec:b2:fd:57:02:c2:0d:77:
42:e8:a7:41:0f:a6:a7:6c:57:10:4c:aa:9c:90:8a:
22:0f:eb:54:4d:ca:08:1f:9f:08:dc:4a:23:e5:66:
21:7b:52:3d:7e:52:fe:55:60:ff:cf:9b:09:cb:95:
99:ad:98:2d:57:2e:18:2e:d0:61:a1:19:1a:79:92:
f0:e7:54:7e:31:ea:d8:10:b2:b4:9b:2f:4c:63:68:
11:b7:b1:a4:de:ab:c1:76:25:75:d6:03:67:7a:b5:
da:68:ee:94:e3:20:ce:fc:6e:d8:1f:95:f2:a4:29:
8c:10:15:2c:ec:ee:ca:c9:bb:37:ce:23:da:4d:a2:
7d:2d:1d:1e:29:57:a8:ed:08:c5:7e:37:af:06:de:
60:b3:3f:0c:5a:6b:69:8b:05:90:3b:a3:57:b6:10:
fb:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:B6:7F:C6:11:5D:62:5B:6E:DC:9F:F3:55:86:D4:29:C3:33:08:47
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/irZ_xhFdYltu3J_zVYbUKcMzCEc.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
99:4a:a6:c4:c0:51:54:f3:f7:28:0f:9b:48:1a:d1:88:ca:f9:
e9:c2:7d:7b:7b:1a:f1:f9:8c:76:9f:59:ef:69:d4:b1:ee:d3:
5c:30:ca:53:ae:39:87:f0:60:f1:c5:32:c1:bd:12:9d:5e:b4:
7d:00:a6:28:50:ac:a5:6d:4f:73:a3:a6:e6:a8:88:d7:aa:74:
7b:56:15:64:0b:5a:d0:3e:d1:a5:57:8f:61:fc:c7:54:a0:b2:
b2:40:f5:4f:91:c9:f7:ea:c9:9e:ef:cd:01:52:eb:20:8f:b6:
71:dc:85:b3:1d:a4:91:f8:f2:d5:ad:a4:17:14:f5:61:c5:9b:
f0:e9:3f:bf:02:40:c5:3c:19:05:07:15:84:26:90:39:62:c6:
90:30:8c:04:6a:a8:79:10:f9:2a:e3:cc:ea:94:a0:49:b3:1a:
3a:41:d3:95:7d:24:b7:f6:d1:41:02:7c:55:12:d0:8e:28:e0:
ec:a9:80:5d:69:3c:ff:3a:3a:ca:67:58:25:6f:ae:40:7c:02:
f4:3c:6e:a7:18:05:b6:86:64:15:85:88:60:1b:c6:d0:6d:7c:
00:d9:67:5a:d0:ec:b9:7a:d0:56:e0:87:fe:c9:2c:62:94:9c:
61:1f:22:ed:0c:32:55:ee:01:99:54:ca:28:e6:bc:4f:7f:ac:
a0:a8:5d:26
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICTJswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MzAx
NzIzMzVaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDhBQjY3RkM2MTE1RDYy
NUI2RURDOUZGMzU1ODZENDI5QzMzMzA4NDcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDJrSwTkuo/bXRDVBKM5sm59V9ZELce0vkhg6avO65qwWpyC7uf
QkSDC+96n1Y5PtfVXfi5KXMvzEuE85xfDfXWDdi13/dNqB5MtwjRHRigRgfLGWuq
wO//Zh3nrGms/2zssv1XAsINd0Lop0EPpqdsVxBMqpyQiiIP61RNyggfnwjcSiPl
ZiF7Uj1+Uv5VYP/PmwnLlZmtmC1XLhgu0GGhGRp5kvDnVH4x6tgQsrSbL0xjaBG3
saTeq8F2JXXWA2d6tdpo7pTjIM78btgflfKkKYwQFSzs7srJuzfOI9pNon0tHR4p
V6jtCMV+N68G3mCzPwxaa2mLBZA7o1e2EPvRAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUirZ/xhFdYltu3J/zVYbUKcMzCEcwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2lyWl94aEZkWWx0dTNK
X3pWWWJVS2NNekNFYy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAJlKpsTAUVTz9ygPm0ga0YjK+enCfXt7
GvH5jHafWe9p1LHu01wwylOuOYfwYPHFMsG9Ep1etH0ApihQrKVtT3OjpuaoiNeq
dHtWFWQLWtA+0aVXj2H8x1SgsrJA9U+RyffqyZ7vzQFS6yCPtnHchbMdpJH48tWt
pBcU9WHFm/DpP78CQMU8GQUHFYQmkDlixpAwjARqqHkQ+SrjzOqUoEmzGjpB05V9
JLf20UECfFUS0I4o4OypgF1pPP86OspnWCVvrkB8AvQ8bqcYBbaGZBWFiGAbxtBt
fADZZ1rQ7Ll60Fbgh/7JLGKUnGEfIu0MMlXuAZlUyijmvE9/rKCoXSY=
-----END CERTIFICATE-----
Generated at Tue Apr 30 22:25:24 2024 by rpki-client on console.sobornost.net