Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/mtbK3d2dmdSFGTKoLLya5gbXG7U.roa
File: mtbK3d2dmdSFGTKoLLya5gbXG7U.roa (raw, json)
Hash identifier: c0NNO4pJWQj1qu0TV37oDetioFtiLxTA5baTczQ9p7U=
Subject key identifier: 9A:D6:CA:DD:DD:9D:99:D4:85:19:32:A8:2C:BC:9A:E6:06:D7:1B:B5
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 491F
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/mtbK3d2dmdSFGTKoLLya5gbXG7U.roa
Signing time: Fri 26 Apr 2024 01:53:21 +0000
ROA not before: Fri 26 Apr 2024 01:53:21 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18719 (0x491f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 26 01:53:21 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=9AD6CADDDD9D99D4851932A82CBC9AE606D71BB5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:33:d3:d7:b1:71:76:09:c7:e8:e8:3f:8f:24:
84:0e:19:64:94:fb:f8:49:ca:74:ee:60:24:50:c2:
eb:88:5d:40:a9:ef:15:d7:00:f5:7a:f8:5d:5d:7f:
c8:4f:b6:8e:cf:03:e0:22:84:b0:67:ba:14:43:04:
35:45:52:3f:78:04:89:68:93:00:7a:bf:ab:1b:c1:
9a:ed:d6:8c:e3:9c:98:f2:3b:39:5f:7f:e2:37:23:
0b:d5:a2:2d:53:a2:6b:44:fc:4d:23:7b:c5:41:35:
de:e1:81:9a:48:36:4a:9e:db:8e:03:45:5f:0e:c6:
29:00:84:1f:c8:6e:2a:e0:e5:87:a1:0d:d3:ff:3d:
99:a8:58:4b:43:82:ff:9e:c0:79:9f:f3:3d:05:5d:
eb:8d:35:ef:5b:68:14:cc:a1:e7:bb:28:8e:96:55:
04:fe:0b:8a:64:07:87:35:61:44:df:6f:7c:9d:05:
09:cc:fc:91:0a:6b:11:57:46:6a:c0:10:3e:11:ae:
f4:65:26:05:b7:c7:66:24:c1:43:a4:53:67:7c:64:
98:d8:d3:5e:2c:c4:be:fa:b7:a3:55:e0:3a:12:7f:
cc:1e:97:aa:0f:40:cd:28:97:54:ac:33:bb:1b:87:
f7:34:0d:10:06:0e:b4:3b:9e:99:c3:83:6b:fb:33:
62:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:D6:CA:DD:DD:9D:99:D4:85:19:32:A8:2C:BC:9A:E6:06:D7:1B:B5
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/mtbK3d2dmdSFGTKoLLya5gbXG7U.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
0a:3d:b4:d2:16:fe:22:19:6c:4f:ae:f8:2d:8d:15:63:bd:88:
e9:0e:75:f8:aa:f1:39:40:3f:dd:6d:27:7c:03:09:9b:28:21:
5e:cf:da:6f:fe:22:b6:54:cb:ed:0e:26:99:a1:c0:31:3f:93:
14:c3:64:fd:d0:48:c1:d1:96:f2:d8:f7:83:e1:49:0e:f1:3c:
32:e8:28:30:3d:61:14:d6:65:8e:29:e5:bf:3b:7c:e4:c7:98:
02:75:15:cd:53:53:9f:49:e6:59:f1:47:8e:aa:d7:4c:2c:5e:
ed:0c:76:35:95:db:ae:df:84:4d:e5:fc:13:9b:16:05:04:85:
f9:f0:64:71:8d:c7:a8:2f:4e:64:30:1e:ef:4e:33:2d:0f:8a:
85:23:14:1e:fd:be:ed:85:d6:68:df:79:63:cd:fd:9d:35:df:
21:b5:06:a7:c0:fd:77:0c:a6:f1:34:a6:28:c5:cb:eb:db:6f:
79:c1:0a:8a:7c:18:1b:33:97:80:04:6c:77:30:e9:9a:7c:80:
6d:9d:67:34:be:73:65:82:80:07:97:c4:a3:15:c0:87:7d:14:
1f:61:66:4e:d0:08:4d:e7:77:bd:fb:3b:1e:64:1c:5d:4b:6c:
f1:5c:29:d9:1f:e6:75:3e:32:ca:3d:61:3e:8c:19:06:50:d8:
36:99:3c:68
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICSR8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MjYw
MTUzMjFaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDlBRDZDQUREREQ5RDk5
RDQ4NTE5MzJBODJDQkM5QUU2MDZENzFCQjUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDiM9PXsXF2Ccfo6D+PJIQOGWSU+/hJynTuYCRQwuuIXUCp7xXX
APV6+F1df8hPto7PA+AihLBnuhRDBDVFUj94BIlokwB6v6sbwZrt1ozjnJjyOzlf
f+I3IwvVoi1TomtE/E0je8VBNd7hgZpINkqe244DRV8OxikAhB/Ibirg5YehDdP/
PZmoWEtDgv+ewHmf8z0FXeuNNe9baBTMoee7KI6WVQT+C4pkB4c1YUTfb3ydBQnM
/JEKaxFXRmrAED4RrvRlJgW3x2YkwUOkU2d8ZJjY014sxL76t6NV4DoSf8wel6oP
QM0ol1SsM7sbh/c0DRAGDrQ7npnDg2v7M2KZAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUmtbK3d2dmdSFGTKoLLya5gbXG7UwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L210YkszZDJkbWRTRkdU
S29MTHlhNWdiWEc3VS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAAo9tNIW/iIZbE+u+C2NFWO9iOkOdfiq
8TlAP91tJ3wDCZsoIV7P2m/+IrZUy+0OJpmhwDE/kxTDZP3QSMHRlvLY94PhSQ7x
PDLoKDA9YRTWZY4p5b87fOTHmAJ1Fc1TU59J5lnxR46q10wsXu0MdjWV267fhE3l
/BObFgUEhfnwZHGNx6gvTmQwHu9OMy0PioUjFB79vu2F1mjfeWPN/Z013yG1BqfA
/XcMpvE0pijFy+vbb3nBCop8GBszl4AEbHcw6Zp8gG2dZzS+c2WCgAeXxKMVwId9
FB9hZk7QCE3nd737Ox5kHF1LbPFcKdkf5nU+Mso9YT6MGQZQ2DaZPGg=
-----END CERTIFICATE-----
Generated at Fri Apr 26 07:41:44 2024 by rpki-client on console.sobornost.net