Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/jruRdXtpxgeCvCgFUY-3rbNKgjw.roa
File: jruRdXtpxgeCvCgFUY-3rbNKgjw.roa (raw, json)
Hash identifier: aUz9JZJlCK5SU/pfLbVeMBHj6lOpnGwKCFf35TUj0K8=
Subject key identifier: 8E:BB:91:75:7B:69:C6:07:82:BC:28:05:51:8F:B7:AD:B3:4A:82:3C
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3557
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/jruRdXtpxgeCvCgFUY-3rbNKgjw.roa
Signing time: Sat 30 Mar 2024 16:52:21 +0000
ROA not before: Sat 30 Mar 2024 16:52:21 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13655 (0x3557)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Mar 30 16:52:21 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=8EBB91757B69C60782BC2805518FB7ADB34A823C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:5b:27:d6:43:63:0f:bb:0f:b1:d5:4e:c9:b8:
7a:d5:c0:0e:39:76:ee:05:a3:7d:85:1a:60:4a:b3:
30:e0:b2:e8:a8:43:3a:14:e5:ee:ba:f3:6c:1a:25:
5c:99:b1:c8:91:52:38:87:29:12:81:b2:58:e0:19:
2c:37:70:2b:2b:2c:fa:4e:8c:0d:cf:03:5d:b9:d8:
ea:80:3d:70:ec:c2:ec:c4:5f:a0:bc:b4:92:ba:af:
d9:b8:fd:b9:31:16:8d:07:23:f0:fb:91:76:46:83:
65:ab:7d:3a:30:3f:3e:6b:65:76:b3:2d:cb:33:4f:
9e:40:e2:cb:b2:82:2f:a4:ce:63:90:83:be:0b:a4:
a8:84:fd:20:02:a3:a9:85:0e:99:91:f6:b4:17:a1:
5b:c5:26:d7:f2:60:cb:b8:b5:5a:67:8e:57:b1:ea:
60:54:5f:db:01:af:49:3e:60:0b:6e:3d:29:40:a1:
01:5c:4a:85:6e:90:9f:0e:b5:1a:08:01:f0:eb:b0:
87:0f:97:72:d2:2a:ba:d7:5e:27:40:f0:73:f9:c5:
dd:eb:ee:f3:0a:13:06:dc:ae:66:8a:ab:a4:c5:01:
3d:14:46:bb:ad:ec:6f:e3:e0:b3:dc:b7:79:89:a0:
bc:06:37:ed:2a:f9:47:32:3a:42:15:6c:14:66:ad:
fa:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:BB:91:75:7B:69:C6:07:82:BC:28:05:51:8F:B7:AD:B3:4A:82:3C
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/jruRdXtpxgeCvCgFUY-3rbNKgjw.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
48:d6:36:60:67:02:ce:a1:59:26:bd:00:79:30:ca:8d:47:50:
ed:05:0b:cc:72:e9:fb:33:66:63:c1:ca:84:18:bc:f1:58:dc:
dc:c6:d9:8c:84:ec:f6:19:69:b9:e2:72:23:ea:94:2f:9f:18:
7e:5d:b7:fe:42:50:5d:c8:76:59:de:2e:0c:44:13:6e:ba:04:
b3:f0:6d:a2:fb:90:ef:7a:19:5a:44:67:dd:5a:c6:39:b1:ed:
2f:2b:6e:29:b0:50:26:f9:2e:db:a0:d1:e6:a2:63:66:c7:81:
1f:90:1d:55:83:42:f9:74:d0:89:52:5c:ef:b8:ae:fa:e7:ac:
6b:75:bc:01:c3:e2:5e:08:9e:7e:34:da:cb:09:10:a6:b7:bc:
83:d6:90:fd:98:7f:7c:cd:09:72:bf:0e:4d:a7:2a:97:bb:17:
d1:05:92:5f:91:03:73:a0:af:69:cc:04:10:0e:fd:26:ab:0d:
33:47:65:e3:cb:15:47:70:b4:99:26:7c:16:fe:9b:d2:dc:6e:
ad:5f:07:db:da:13:fe:e9:b2:9b:c5:75:9c:d4:77:fe:d1:68:
94:2a:66:12:2e:ab:72:c5:ca:d9:22:70:06:a9:90:12:25:46:
9f:05:45:2d:0a:a2:b7:6c:55:75:c6:eb:bf:e5:f4:23:91:98:
27:5f:75:aa
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICNVcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDAzMzAx
NjUyMjFaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDhFQkI5MTc1N0I2OUM2
MDc4MkJDMjgwNTUxOEZCN0FEQjM0QTgyM0MwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDUWyfWQ2MPuw+x1U7JuHrVwA45du4Fo32FGmBKszDgsuioQzoU
5e6682waJVyZsciRUjiHKRKBsljgGSw3cCsrLPpOjA3PA1252OqAPXDswuzEX6C8
tJK6r9m4/bkxFo0HI/D7kXZGg2WrfTowPz5rZXazLcszT55A4suygi+kzmOQg74L
pKiE/SACo6mFDpmR9rQXoVvFJtfyYMu4tVpnjlex6mBUX9sBr0k+YAtuPSlAoQFc
SoVukJ8OtRoIAfDrsIcPl3LSKrrXXidA8HP5xd3r7vMKEwbcrmaKq6TFAT0URrut
7G/j4LPct3mJoLwGN+0q+UcyOkIVbBRmrfqtAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUjruRdXtpxgeCvCgFUY+3rbNKgjwwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2pydVJkWHRweGdlQ3ZD
Z0ZVWS0zcmJOS2dqdy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAEjWNmBnAs6hWSa9AHkwyo1HUO0FC8xy
6fszZmPByoQYvPFY3NzG2YyE7PYZabniciPqlC+fGH5dt/5CUF3IdlneLgxEE266
BLPwbaL7kO96GVpEZ91axjmx7S8rbimwUCb5Ltug0eaiY2bHgR+QHVWDQvl00IlS
XO+4rvrnrGt1vAHD4l4Inn402ssJEKa3vIPWkP2Yf3zNCXK/Dk2nKpe7F9EFkl+R
A3Ogr2nMBBAO/SarDTNHZePLFUdwtJkmfBb+m9Lcbq1fB9vaE/7pspvFdZzUd/7R
aJQqZhIuq3LFytkicAapkBIlRp8FRS0KordsVXXG67/l9CORmCdfdao=
-----END CERTIFICATE-----
Generated at Sat Mar 30 19:50:24 2024 by rpki-client on console.sobornost.net