Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/l_dU8r1ILdx0wY2SQpqKywp1x14.roa
File: l_dU8r1ILdx0wY2SQpqKywp1x14.roa (raw, json)
Hash identifier: TGb6r/dUD4jF4xJf/YZfepfsEumvftsDHTMnE3eoNVE=
Subject key identifier: 97:F7:54:F2:BD:48:2D:DC:74:C1:8D:92:42:9A:8A:CB:0A:75:C7:5E
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 33E3
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/l_dU8r1ILdx0wY2SQpqKywp1x14.roa
Signing time: Thu 28 Mar 2024 18:22:03 +0000
ROA not before: Thu 28 Mar 2024 18:22:03 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13283 (0x33e3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Mar 28 18:22:03 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=97F754F2BD482DDC74C18D92429A8ACB0A75C75E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:1a:c3:95:5f:df:fd:27:15:ed:2f:38:49:10:
a4:b6:2f:dc:83:6b:69:57:77:42:d9:e8:8b:f8:e2:
ae:5e:09:26:5f:ba:8f:64:b0:7f:1b:08:80:a6:32:
ca:9b:5a:7e:af:c7:ad:78:25:22:9d:18:28:13:3f:
a4:aa:da:15:d9:40:be:1f:3f:2b:ab:95:08:72:95:
6d:9f:c7:9d:4d:9a:76:4a:8d:aa:76:52:01:39:95:
ad:cc:eb:65:67:c9:7e:4b:8b:83:4c:75:2e:70:0c:
23:c7:5d:bd:3c:e6:72:cc:0e:16:ee:f8:2c:bc:5d:
76:9b:55:5b:32:dc:9c:cc:c5:36:05:d0:9a:39:b0:
9c:4f:15:d2:40:24:7d:be:37:38:a7:71:2b:f7:58:
65:e5:05:c8:bb:36:ed:35:1e:bc:f2:cc:60:c9:a4:
3b:39:bb:34:d5:10:ab:60:6e:93:b6:66:1e:6b:0c:
5b:ab:95:f5:01:79:48:02:79:91:13:6f:31:9e:a9:
0a:2c:13:da:21:5d:e5:47:1e:a8:0e:51:e8:4d:d1:
3e:e4:56:d4:44:8f:5e:cd:a5:c8:f5:59:02:26:7b:
48:95:bf:eb:53:a9:b8:b1:79:1a:a4:49:1e:c6:f7:
18:72:65:eb:54:e7:06:85:8a:70:68:a4:3a:d2:72:
46:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:F7:54:F2:BD:48:2D:DC:74:C1:8D:92:42:9A:8A:CB:0A:75:C7:5E
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/l_dU8r1ILdx0wY2SQpqKywp1x14.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
48:ff:fe:8d:89:24:56:dc:6d:da:59:0a:e7:ea:f4:f1:ae:d4:
f2:94:fe:c1:b6:88:67:3c:4f:7a:7c:39:fd:31:01:a1:df:d3:
79:ae:82:7c:9b:7d:95:7a:49:53:56:e3:46:ed:c6:7a:a0:04:
fe:13:6a:02:5b:11:f4:8e:f2:42:0f:92:4f:ba:d3:0e:64:3d:
b7:96:5e:fa:ea:df:e8:56:31:75:bc:41:90:a9:30:57:0e:38:
ca:5d:eb:c0:b2:b2:c1:47:5c:33:10:ef:93:a3:0f:29:48:c5:
a1:ec:e3:3d:a2:79:25:56:34:d3:10:95:d8:32:b4:c1:09:10:
68:35:98:10:7b:4a:75:3d:60:47:f1:39:f7:f5:ad:e8:7f:0d:
bd:0e:69:d1:17:4e:a0:6e:69:4c:ff:14:03:80:c5:1d:b2:6a:
ff:47:27:95:43:2b:a0:9e:f1:00:4d:84:59:9b:19:8e:37:9c:
76:15:3a:60:1a:5c:0d:33:e3:d8:15:fb:da:04:83:7b:db:42:
18:a6:14:d7:3c:d0:a5:85:62:46:e3:b0:78:e7:8f:db:76:7d:
cc:36:65:e3:72:dc:9d:ea:4a:d2:ce:b7:52:90:25:e6:08:c3:
57:bb:0c:2f:c3:7e:d9:2e:71:91:87:4c:8c:ae:f8:03:d0:88:
cf:d8:91:e5
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICM+MwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDAzMjgx
ODIyMDNaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDk3Rjc1NEYyQkQ0ODJE
REM3NEMxOEQ5MjQyOUE4QUNCMEE3NUM3NUUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDgGsOVX9/9JxXtLzhJEKS2L9yDa2lXd0LZ6Iv44q5eCSZfuo9k
sH8bCICmMsqbWn6vx614JSKdGCgTP6Sq2hXZQL4fPyurlQhylW2fx51NmnZKjap2
UgE5la3M62VnyX5Li4NMdS5wDCPHXb085nLMDhbu+Cy8XXabVVsy3JzMxTYF0Jo5
sJxPFdJAJH2+NzincSv3WGXlBci7Nu01HrzyzGDJpDs5uzTVEKtgbpO2Zh5rDFur
lfUBeUgCeZETbzGeqQosE9ohXeVHHqgOUehN0T7kVtREj17Npcj1WQIme0iVv+tT
qbixeRqkSR7G9xhyZetU5waFinBopDrSckYlAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUl/dU8r1ILdx0wY2SQpqKywp1x14wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2xfZFU4cjFJTGR4MHdZ
MlNRcHFLeXdwMXgxNC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAEj//o2JJFbcbdpZCufq9PGu1PKU/sG2
iGc8T3p8Of0xAaHf03mugnybfZV6SVNW40btxnqgBP4TagJbEfSO8kIPkk+60w5k
PbeWXvrq3+hWMXW8QZCpMFcOOMpd68CyssFHXDMQ75OjDylIxaHs4z2ieSVWNNMQ
ldgytMEJEGg1mBB7SnU9YEfxOff1reh/Db0OadEXTqBuaUz/FAOAxR2yav9HJ5VD
K6Ce8QBNhFmbGY43nHYVOmAaXA0z49gV+9oEg3vbQhimFNc80KWFYkbjsHjnj9t2
fcw2ZeNy3J3qStLOt1KQJeYIw1e7DC/DftkucZGHTIyu+APQiM/YkeU=
-----END CERTIFICATE-----
Generated at Fri Mar 29 01:32:39 2024 by rpki-client on console.sobornost.net