Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/oYLTksgvRvsg1Mlfy8_QY8VCJ0g.roa
File: oYLTksgvRvsg1Mlfy8_QY8VCJ0g.roa (raw, json)
Hash identifier: hnHEGdY96OfT5dqTDMp7Os/l4btffDnsTIacxlm+eNQ=
Subject key identifier: A1:82:D3:92:C8:2F:46:FB:20:D4:C9:5F:CB:CF:D0:63:C5:42:27:48
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 5627
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/oYLTksgvRvsg1Mlfy8_QY8VCJ0g.roa
Signing time: Mon 13 May 2024 10:54:13 +0000
ROA not before: Mon 13 May 2024 10:54:13 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 22055 (0x5627)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 13 10:54:13 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=A182D392C82F46FB20D4C95FCBCFD063C5422748
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:17:6a:3d:25:dc:b5:60:c9:3f:fe:fd:92:70:
8b:e7:f8:b9:81:56:ff:4f:fb:57:db:a7:98:23:83:
16:4c:01:ce:7e:7c:7e:bf:e1:a1:86:0e:8e:19:d8:
0f:a2:84:f7:16:cc:d4:52:5a:97:b3:94:d8:df:b3:
b3:c7:6f:e7:71:bc:78:8b:1e:3d:ab:5b:e7:a0:86:
04:4e:76:9c:98:d4:a1:e7:cd:15:0e:5c:7e:3b:95:
15:8d:84:09:4d:f7:09:aa:b4:52:09:b4:7d:28:96:
63:b9:a8:63:81:b0:a1:1b:97:36:00:dc:02:02:87:
7b:f5:4c:6c:80:63:79:4c:dd:94:bf:a1:91:fb:7f:
89:54:b0:0b:0b:24:13:75:11:3e:1b:5d:88:1f:68:
54:1f:06:48:35:5f:35:ad:e4:2a:82:62:a3:91:74:
32:2a:db:2c:a0:6d:5d:35:b0:9b:3e:4e:3a:68:17:
3f:02:da:bc:f2:41:7d:24:c9:1f:8d:8d:4f:93:14:
da:6d:01:d7:40:83:77:85:89:0c:b5:e0:75:68:16:
bb:32:35:e8:f5:4b:54:c8:c6:6e:97:e6:1a:18:5c:
0f:95:f9:c0:54:37:da:7e:08:23:4e:34:7f:3e:32:
90:72:65:8b:b8:67:db:3c:40:f1:74:43:17:56:73:
34:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:82:D3:92:C8:2F:46:FB:20:D4:C9:5F:CB:CF:D0:63:C5:42:27:48
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/oYLTksgvRvsg1Mlfy8_QY8VCJ0g.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
32:15:e6:9e:85:6c:a1:62:c2:37:90:fb:02:d7:ed:ab:cd:af:
94:73:e9:df:32:42:b7:a6:85:1c:bc:51:3b:f7:51:d0:2d:4e:
15:3f:a4:b6:40:bb:89:c0:c6:2c:83:5a:be:12:09:e9:89:8b:
d7:9b:9a:16:53:3c:e8:5b:1c:83:14:23:10:c5:f0:eb:cc:7a:
17:03:a9:58:77:0f:39:b2:d9:ba:7c:e8:14:cf:f7:72:de:10:
95:69:7f:29:07:58:7f:f3:30:a6:7b:76:6f:c8:fb:b5:dc:df:
6a:77:cf:05:0d:cd:4c:76:e6:91:b3:5b:5d:b6:4b:2e:16:48:
ab:6a:8f:1d:95:55:a4:cb:5a:85:aa:be:48:af:b2:65:a0:2a:
98:6d:51:c3:26:af:97:1a:91:9a:21:36:ba:7e:a3:9a:c8:9b:
ab:6c:7c:c6:29:7e:21:1e:37:20:2e:63:51:94:c9:f1:85:c8:
be:1d:fc:94:f8:bf:7a:79:9a:0d:df:53:be:e4:cf:0e:34:e0:
39:fb:d0:fa:b0:88:9f:1b:82:24:5b:99:34:1d:30:7e:dd:51:
e7:00:e2:1a:f6:85:09:d1:bb:bc:11:5c:76:a8:be:66:72:05:
3f:31:1c:19:18:b2:61:ff:8c:78:71:b5:c2:45:48:9b:27:32:
81:52:96:7c
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICVicwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MTMx
MDU0MTNaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEExODJEMzkyQzgyRjQ2
RkIyMEQ0Qzk1RkNCQ0ZEMDYzQzU0MjI3NDgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCsF2o9Jdy1YMk//v2ScIvn+LmBVv9P+1fbp5gjgxZMAc5+fH6/
4aGGDo4Z2A+ihPcWzNRSWpezlNjfs7PHb+dxvHiLHj2rW+eghgROdpyY1KHnzRUO
XH47lRWNhAlN9wmqtFIJtH0olmO5qGOBsKEblzYA3AICh3v1TGyAY3lM3ZS/oZH7
f4lUsAsLJBN1ET4bXYgfaFQfBkg1XzWt5CqCYqORdDIq2yygbV01sJs+TjpoFz8C
2rzyQX0kyR+NjU+TFNptAddAg3eFiQy14HVoFrsyNej1S1TIxm6X5hoYXA+V+cBU
N9p+CCNONH8+MpByZYu4Z9s8QPF0QxdWczSvAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUoYLTksgvRvsg1Mlfy8/QY8VCJ0gwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L29ZTFRrc2d2UnZzZzFN
bGZ5OF9RWThWQ0owZy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBADIV5p6FbKFiwjeQ+wLX7avNr5Rz6d8y
QremhRy8UTv3UdAtThU/pLZAu4nAxiyDWr4SCemJi9ebmhZTPOhbHIMUIxDF8OvM
ehcDqVh3Dzmy2bp86BTP93LeEJVpfykHWH/zMKZ7dm/I+7Xc32p3zwUNzUx25pGz
W122Sy4WSKtqjx2VVaTLWoWqvkivsmWgKphtUcMmr5cakZohNrp+o5rIm6tsfMYp
fiEeNyAuY1GUyfGFyL4d/JT4v3p5mg3fU77kzw404Dn70PqwiJ8bgiRbmTQdMH7d
UecA4hr2hQnRu7wRXHaovmZyBT8xHBkYsmH/jHhxtcJFSJsnMoFSlnw=
-----END CERTIFICATE-----
Generated at Mon May 13 15:18:23 2024 by rpki-client on console.sobornost.net