Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/nznZjllsPfDzQTuLuNJZsvz3Kns.roa
File: nznZjllsPfDzQTuLuNJZsvz3Kns.roa (raw, json)
Hash identifier: atdf31Kx6XPC4zN4rUvqqvG/UOPkjCh0+UZS3q1+Fic=
Subject key identifier: 9F:39:D9:8E:59:6C:3D:F0:F3:41:3B:8B:B8:D2:59:B2:FC:F7:2A:7B
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 47AF
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/nznZjllsPfDzQTuLuNJZsvz3Kns.roa
Signing time: Wed 24 Apr 2024 03:53:14 +0000
ROA not before: Wed 24 Apr 2024 03:53:14 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18351 (0x47af)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 24 03:53:14 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=9F39D98E596C3DF0F3413B8BB8D259B2FCF72A7B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:25:e4:69:6b:e2:9d:6c:82:b6:fb:7d:40:4f:
1b:75:2a:34:f0:31:36:42:04:c4:7c:c9:ac:7a:c3:
92:bd:69:4b:ac:78:46:d1:93:80:c1:9b:65:a0:e4:
1d:06:bb:0b:fc:2c:95:16:21:1f:1e:b6:c2:3b:60:
64:40:0b:59:f9:4d:65:c5:a6:00:4c:1c:99:2d:bb:
11:b7:b8:5e:08:a2:96:73:60:fa:b9:e4:3f:c5:0f:
d5:51:bb:e2:b3:0f:32:27:d3:1b:18:ce:b4:9b:19:
02:63:9b:45:81:1a:4b:33:67:e6:81:b3:5d:48:f0:
2d:f7:b9:f5:49:4c:12:16:2f:57:e2:23:dc:c9:47:
74:bf:38:a5:66:35:87:3d:d1:26:58:61:bd:a3:ae:
8d:fd:af:2b:df:4a:aa:32:f7:5f:a9:79:de:f0:18:
13:24:4d:a1:ea:31:5b:43:43:53:bb:a0:49:6a:90:
46:ff:25:d4:65:ad:f8:c1:e7:17:e3:1f:d7:27:6b:
80:e7:93:d8:8b:b5:43:50:80:94:45:85:1b:1c:2a:
37:71:02:3f:3a:5a:fd:2e:96:ee:b6:26:f3:de:5c:
f2:36:da:85:8a:2b:be:ca:b9:9a:e0:93:19:a5:eb:
0b:0d:53:b3:ce:54:6a:13:d4:35:21:c2:03:91:89:
d5:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:39:D9:8E:59:6C:3D:F0:F3:41:3B:8B:B8:D2:59:B2:FC:F7:2A:7B
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/nznZjllsPfDzQTuLuNJZsvz3Kns.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
52:14:6e:bc:43:58:45:4d:fb:4e:dd:06:b9:cd:88:5b:00:95:
c6:cc:32:41:0a:f9:8c:85:02:0e:9c:ee:81:c5:18:ea:b5:06:
18:e0:bf:2c:c1:35:c5:49:13:2d:b8:fd:4e:2b:41:56:72:44:
31:8c:bd:91:f0:ff:5c:06:1d:9e:fc:a5:40:98:ee:76:0a:7d:
51:ff:e8:67:c1:bf:ee:d5:49:64:7f:47:69:c8:b8:2f:3f:a5:
29:0c:10:97:6a:68:63:4b:eb:30:4d:e4:5c:79:a4:28:35:b4:
84:01:b0:fd:5e:a4:43:a9:9b:f0:68:9b:7e:d7:b0:ea:8f:cc:
ef:a9:33:c1:9e:e9:e9:ac:86:04:a3:76:42:95:55:e6:f1:9e:
15:eb:3e:ea:c3:3a:5e:fd:d0:1a:d8:d3:2a:99:cb:f0:de:ec:
de:b6:dd:c8:72:71:19:1a:4e:04:da:b7:ec:67:cb:2b:7a:16:
99:c4:3d:b0:d8:e7:55:b3:43:50:f9:f4:1e:83:8d:87:d9:fc:
f7:35:21:14:75:5b:c1:f4:83:38:1c:e4:7a:33:62:b0:90:c3:
87:45:e6:df:3c:90:e3:c4:eb:0d:53:59:b6:2e:cd:7d:2f:9a:
e0:eb:22:5e:f4:2d:fa:c6:3e:7f:3b:e9:cb:b6:1b:7e:74:bd:
9d:1c:a5:ae
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICR68wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MjQw
MzUzMTRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDlGMzlEOThFNTk2QzNE
RjBGMzQxM0I4QkI4RDI1OUIyRkNGNzJBN0IwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDWJeRpa+KdbIK2+31ATxt1KjTwMTZCBMR8yax6w5K9aUuseEbR
k4DBm2Wg5B0Guwv8LJUWIR8etsI7YGRAC1n5TWXFpgBMHJktuxG3uF4IopZzYPq5
5D/FD9VRu+KzDzIn0xsYzrSbGQJjm0WBGkszZ+aBs11I8C33ufVJTBIWL1fiI9zJ
R3S/OKVmNYc90SZYYb2jro39ryvfSqoy91+ped7wGBMkTaHqMVtDQ1O7oElqkEb/
JdRlrfjB5xfjH9cna4Dnk9iLtUNQgJRFhRscKjdxAj86Wv0ulu62JvPeXPI22oWK
K77KuZrgkxml6wsNU7POVGoT1DUhwgORidU9AgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUnznZjllsPfDzQTuLuNJZsvz3KnswHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L256blpqbGxzUGZEelFU
dUx1Tkpac3Z6M0tucy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAFIUbrxDWEVN+07dBrnNiFsAlcbMMkEK
+YyFAg6c7oHFGOq1BhjgvyzBNcVJEy24/U4rQVZyRDGMvZHw/1wGHZ78pUCY7nYK
fVH/6GfBv+7VSWR/R2nIuC8/pSkMEJdqaGNL6zBN5Fx5pCg1tIQBsP1epEOpm/Bo
m37XsOqPzO+pM8Ge6emshgSjdkKVVebxnhXrPurDOl790BrY0yqZy/De7N623chy
cRkaTgTat+xnyyt6FpnEPbDY51WzQ1D59B6DjYfZ/Pc1IRR1W8H0gzgc5HozYrCQ
w4dF5t88kOPE6w1TWbYuzX0vmuDrIl70LfrGPn876cu2G350vZ0cpa4=
-----END CERTIFICATE-----
Generated at Wed Apr 24 10:47:56 2024 by rpki-client on console.sobornost.net