Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/lzee5726BmcPSBkPGhiCZwLFVMY.roa
File: lzee5726BmcPSBkPGhiCZwLFVMY.roa (raw, json)
Hash identifier: R11Q8NbvKkpmivUHFXHe3E5K2gkue/GJ3a9MD0TP0qM=
Subject key identifier: 97:37:9E:E7:BD:BA:06:67:0F:48:19:0F:1A:18:82:67:02:C5:54:C6
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4933
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/lzee5726BmcPSBkPGhiCZwLFVMY.roa
Signing time: Fri 26 Apr 2024 04:23:33 +0000
ROA not before: Fri 26 Apr 2024 04:23:33 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18739 (0x4933)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 26 04:23:33 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=97379EE7BDBA06670F48190F1A18826702C554C6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:90:fb:ed:d0:ec:fd:ed:92:d0:33:4c:bb:bb:
e0:ed:51:c3:22:67:33:43:cf:16:a6:fb:c5:0d:7d:
64:1c:72:bc:a3:e6:6d:f3:9e:bd:40:f2:5a:cf:be:
f0:ca:86:3b:79:ca:ad:9e:0f:1c:8f:96:45:83:67:
65:ba:da:32:12:a0:5f:23:2b:17:81:50:93:7b:28:
6b:fa:50:fd:0c:fb:53:3c:6b:50:ee:d3:1d:15:4f:
cb:7b:d6:f4:7c:4d:d7:ac:d5:ce:e2:a9:a4:e0:58:
a5:e1:ab:3b:a0:90:33:aa:02:6e:b5:33:7e:4f:d7:
14:87:fb:62:fa:3b:a7:30:e4:82:11:25:97:9e:12:
f1:b8:d3:7a:e9:9b:11:ca:09:3e:bb:49:32:c5:35:
a9:ee:2c:a6:99:6a:12:05:60:91:0a:58:d4:e6:18:
2c:52:32:5c:c4:08:09:75:bd:d3:0c:b0:d3:0a:e9:
2c:dd:b7:eb:bb:07:3c:a4:ee:ac:0a:1b:ce:3e:b5:
40:17:53:76:5b:0d:88:a7:31:95:ff:c2:49:d9:14:
ce:59:80:4d:a1:c9:29:e6:89:48:aa:00:de:38:ce:
17:ce:d1:36:32:55:a3:42:f9:84:22:a0:1d:93:75:
2f:41:04:5f:24:d9:ce:ae:c9:42:e9:e0:bb:10:05:
03:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:37:9E:E7:BD:BA:06:67:0F:48:19:0F:1A:18:82:67:02:C5:54:C6
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/lzee5726BmcPSBkPGhiCZwLFVMY.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
93:ee:4a:fc:f6:54:6e:1a:b4:27:7e:e2:40:22:53:68:3b:a7:
0f:68:9e:14:ed:29:ae:45:c6:ac:ab:b7:b4:c3:0d:73:1e:9a:
6f:4b:3d:0a:30:56:e1:72:fd:59:f1:9c:4a:38:19:12:cb:22:
76:08:fa:b1:64:70:96:8b:b5:19:fe:64:42:c3:5e:30:75:39:
66:0d:6e:60:68:c1:7d:08:5c:e1:32:c3:89:d9:2d:23:a8:70:
dd:37:f1:40:09:50:55:e8:24:12:3b:1c:2c:b8:a0:33:4c:59:
76:28:2a:b3:fe:34:4d:7f:1b:22:d9:34:69:2c:5a:4b:9d:62:
c4:d2:b8:cc:a2:fb:1a:90:d9:e1:14:d7:8a:aa:10:56:44:ae:
ac:01:26:82:1a:4f:1a:ad:fb:6e:fc:1d:f5:c5:8d:97:d8:c1:
a7:c9:17:7b:7a:eb:23:46:9e:4c:9c:80:35:26:ac:ab:77:b9:
6f:9b:82:35:6b:64:aa:58:1e:10:1a:2e:6c:77:46:7a:5c:6c:
de:69:ff:35:ff:8b:d3:5f:1f:65:06:70:51:85:14:bf:26:eb:
6a:09:90:a4:42:17:64:fc:df:4e:32:2c:76:53:b9:f6:30:3d:
8b:df:c3:ed:ef:a7:d1:5d:75:23:ff:4d:a7:9d:2b:2c:7f:36:
b5:a3:46:77
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICSTMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MjYw
NDIzMzNaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDk3Mzc5RUU3QkRCQTA2
NjcwRjQ4MTkwRjFBMTg4MjY3MDJDNTU0QzYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDnkPvt0Oz97ZLQM0y7u+DtUcMiZzNDzxam+8UNfWQccryj5m3z
nr1A8lrPvvDKhjt5yq2eDxyPlkWDZ2W62jISoF8jKxeBUJN7KGv6UP0M+1M8a1Du
0x0VT8t71vR8Tdes1c7iqaTgWKXhqzugkDOqAm61M35P1xSH+2L6O6cw5IIRJZee
EvG403rpmxHKCT67STLFNanuLKaZahIFYJEKWNTmGCxSMlzECAl1vdMMsNMK6Szd
t+u7Bzyk7qwKG84+tUAXU3ZbDYinMZX/wknZFM5ZgE2hySnmiUiqAN44zhfO0TYy
VaNC+YQioB2TdS9BBF8k2c6uyULp4LsQBQNtAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUlzee5726BmcPSBkPGhiCZwLFVMYwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2x6ZWU1NzI2Qm1jUFNC
a1BHaGlDWndMRlZNWS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAJPuSvz2VG4atCd+4kAiU2g7pw9onhTt
Ka5Fxqyrt7TDDXMemm9LPQowVuFy/VnxnEo4GRLLInYI+rFkcJaLtRn+ZELDXjB1
OWYNbmBowX0IXOEyw4nZLSOocN038UAJUFXoJBI7HCy4oDNMWXYoKrP+NE1/GyLZ
NGksWkudYsTSuMyi+xqQ2eEU14qqEFZErqwBJoIaTxqt+278HfXFjZfYwafJF3t6
6yNGnkycgDUmrKt3uW+bgjVrZKpYHhAaLmx3RnpcbN5p/zX/i9NfH2UGcFGFFL8m
62oJkKRCF2T8304yLHZTufYwPYvfw+3vp9FddSP/TaedKyx/NrWjRnc=
-----END CERTIFICATE-----
Generated at Fri Apr 26 11:11:40 2024 by rpki-client on console.sobornost.net