Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/k8dPqEpfuGNxdpWzfiYsFpx3U88.roa
File: k8dPqEpfuGNxdpWzfiYsFpx3U88.roa (raw, json)
Hash identifier: FiGrCOkxeryawmLsWR6ioCQ2QKPz9yi2kDHL+3dvTbs=
Subject key identifier: 93:C7:4F:A8:4A:5F:B8:63:71:76:95:B3:7E:26:2C:16:9C:77:53:CF
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 442B
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/k8dPqEpfuGNxdpWzfiYsFpx3U88.roa
Signing time: Fri 19 Apr 2024 11:23:03 +0000
ROA not before: Fri 19 Apr 2024 11:23:03 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17451 (0x442b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 19 11:23:03 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=93C74FA84A5FB863717695B37E262C169C7753CF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:96:73:d5:0d:d4:6e:b8:6f:bf:c2:a5:4f:72:
05:cd:b7:92:ea:06:0d:b7:d3:cf:3b:2d:1b:f2:e3:
91:08:63:fb:80:9f:92:82:39:41:89:3f:4d:3b:6c:
f9:57:2e:c6:75:10:a3:d5:07:e4:46:7c:18:94:75:
0f:a3:c1:5a:e3:4c:86:01:72:51:53:0c:33:23:b2:
27:92:5a:6d:b4:21:40:32:2d:f2:58:b3:da:dd:7b:
cd:05:4e:aa:b2:34:da:cc:2a:8f:3d:0f:b9:37:60:
7e:0a:e5:3e:c5:6a:86:a3:6b:5f:8c:c8:c5:f1:16:
25:4a:bf:3f:01:4a:7e:97:c4:51:2b:f7:e8:c6:91:
7a:8d:49:04:60:2d:17:e1:d2:3f:0d:19:9b:16:a3:
ad:2d:cc:19:62:25:69:02:95:83:52:86:4f:69:3f:
44:e1:4f:f6:81:41:b4:d1:53:bf:a7:16:bc:20:55:
41:c5:31:5c:cf:b2:d6:f0:b6:e1:f7:9e:19:4f:13:
74:38:61:e6:a4:b1:c7:d5:5d:ed:93:d5:70:cd:80:
cf:ac:92:8a:90:1a:78:5c:24:d4:4e:76:4d:03:cb:
b6:28:6d:57:41:00:57:11:55:53:51:1f:ed:39:b9:
f4:51:56:99:1e:b7:11:fc:aa:c8:18:74:ca:7c:f5:
7a:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:C7:4F:A8:4A:5F:B8:63:71:76:95:B3:7E:26:2C:16:9C:77:53:CF
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/k8dPqEpfuGNxdpWzfiYsFpx3U88.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
b5:7a:a9:65:d3:29:d2:7e:6b:d5:28:cf:37:da:0b:e6:4b:af:
b8:61:17:b1:d1:21:f9:b6:56:3b:c6:69:61:32:bd:93:8a:b9:
d5:e7:16:d3:4c:80:95:77:97:8f:26:bb:5f:1d:8c:e3:94:05:
f9:bc:ea:ec:5d:52:70:33:15:87:6e:04:d3:01:8d:9c:0d:cf:
1e:f0:e7:d1:75:97:73:a8:a8:ed:28:0e:f2:0f:f2:09:a1:46:
f0:06:03:98:f2:11:85:3c:15:eb:57:d7:a8:f5:9d:31:dd:01:
f4:5f:18:87:b2:63:32:0b:2f:dd:a8:a5:5c:bf:3a:c5:09:bd:
f8:c6:29:6e:8b:e5:f3:63:0a:44:6c:b9:91:87:59:66:3d:c4:
6b:db:8b:75:10:1e:9c:d5:14:4c:35:96:d8:aa:b1:8b:21:bd:
2b:48:e2:fd:be:62:2b:d4:f2:3c:c0:ab:a7:96:21:8f:d1:01:
d2:b2:a8:86:88:a6:83:59:78:86:9d:85:70:32:61:ec:b8:bc:
db:80:61:52:e0:29:7e:f2:d9:57:c1:b4:f3:be:6d:0c:a6:6d:
79:7e:31:8c:c7:0e:d2:5a:98:d6:37:50:b5:bf:e3:ed:2e:eb:
4f:21:ff:7b:93:8f:b0:91:f0:f8:46:ed:b8:1d:e5:0b:cf:b1:
50:0c:96:fb
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICRCswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTkx
MTIzMDNaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDkzQzc0RkE4NEE1RkI4
NjM3MTc2OTVCMzdFMjYyQzE2OUM3NzUzQ0YwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC1lnPVDdRuuG+/wqVPcgXNt5LqBg230887LRvy45EIY/uAn5KC
OUGJP007bPlXLsZ1EKPVB+RGfBiUdQ+jwVrjTIYBclFTDDMjsieSWm20IUAyLfJY
s9rde80FTqqyNNrMKo89D7k3YH4K5T7Faoaja1+MyMXxFiVKvz8BSn6XxFEr9+jG
kXqNSQRgLRfh0j8NGZsWo60tzBliJWkClYNShk9pP0ThT/aBQbTRU7+nFrwgVUHF
MVzPstbwtuH3nhlPE3Q4YeakscfVXe2T1XDNgM+skoqQGnhcJNROdk0Dy7YobVdB
AFcRVVNRH+05ufRRVpketxH8qsgYdMp89XppAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUk8dPqEpfuGNxdpWzfiYsFpx3U88wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2s4ZFBxRXBmdUdOeGRw
V3pmaVlzRnB4M1U4OC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBALV6qWXTKdJ+a9UozzfaC+ZLr7hhF7HR
Ifm2VjvGaWEyvZOKudXnFtNMgJV3l48mu18djOOUBfm86uxdUnAzFYduBNMBjZwN
zx7w59F1l3OoqO0oDvIP8gmhRvAGA5jyEYU8FetX16j1nTHdAfRfGIeyYzILL92o
pVy/OsUJvfjGKW6L5fNjCkRsuZGHWWY9xGvbi3UQHpzVFEw1ltiqsYshvStI4v2+
YivU8jzAq6eWIY/RAdKyqIaIpoNZeIadhXAyYey4vNuAYVLgKX7y2VfBtPO+bQym
bXl+MYzHDtJamNY3ULW/4+0u608h/3uTj7CR8PhG7bgd5QvPsVAMlvs=
-----END CERTIFICATE-----
Generated at Fri Apr 19 15:09:47 2024 by rpki-client on console.sobornost.net