Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/pRh1hWjR4IBFeyc1kxhs2yAxrE4.roa
File: pRh1hWjR4IBFeyc1kxhs2yAxrE4.roa (raw, json)
Hash identifier: +HnJK6lKHwN2BvzpUWGXS/kYYGWRM7zAVzv9+MSlZjY=
Subject key identifier: A5:18:75:85:68:D1:E0:80:45:7B:27:35:93:18:6C:DB:20:31:AC:4E
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 44F3
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/pRh1hWjR4IBFeyc1kxhs2yAxrE4.roa
Signing time: Sat 20 Apr 2024 12:23:07 +0000
ROA not before: Sat 20 Apr 2024 12:23:07 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17651 (0x44f3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 20 12:23:07 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=A518758568D1E080457B273593186CDB2031AC4E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:c6:25:76:01:4b:e3:9b:76:d1:4e:66:4b:28:
5c:f4:e6:ab:35:ef:a1:72:32:6d:27:46:2c:01:35:
6c:f2:57:c0:1e:c3:fb:92:98:85:7b:70:dc:7f:9b:
ca:1a:47:53:02:c7:f8:81:ff:2e:67:dc:85:a2:a0:
e6:b9:7e:17:16:ca:7a:dc:1c:73:a0:7f:58:0f:77:
3b:c3:c3:1c:96:5d:05:1c:84:ed:21:62:55:d6:50:
01:83:78:72:81:c2:0d:b0:fc:80:08:dd:22:30:0b:
9c:c9:86:25:76:dd:a2:0c:da:a9:a7:6e:c8:4a:d8:
45:99:00:0e:10:be:73:9e:4e:74:88:5f:7c:29:60:
fd:dd:78:c6:23:78:41:6b:a0:55:8c:d9:67:b4:c3:
f9:1b:50:cf:25:d4:fc:3a:51:95:c4:81:1f:e7:10:
05:b0:63:d1:2b:04:6f:42:e1:50:f8:2a:0a:bb:f6:
f5:30:31:84:c0:c9:13:89:fe:02:b6:b5:df:01:47:
fb:75:c4:3c:f5:76:df:65:5a:a4:f0:00:44:a8:a8:
21:46:7b:59:af:67:af:2e:a3:2e:ac:00:36:22:3b:
27:b6:3c:41:7d:c7:d4:9c:71:1a:62:aa:b7:53:5d:
e4:b3:0e:9a:ca:9f:0b:8a:ae:5d:a4:22:75:af:47:
98:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:18:75:85:68:D1:E0:80:45:7B:27:35:93:18:6C:DB:20:31:AC:4E
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/pRh1hWjR4IBFeyc1kxhs2yAxrE4.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
03:64:43:62:a0:e1:00:a7:dc:29:0c:19:1f:e5:68:96:64:d4:
3c:ad:0a:da:bd:76:0b:f5:da:4a:c7:b7:aa:6b:e5:51:37:3c:
f4:cc:ef:a9:48:4c:8c:5e:20:15:9c:aa:ca:25:2d:b2:e3:5c:
2d:cb:df:4e:7b:04:97:5d:71:b7:f4:67:05:80:c0:3f:a4:cd:
87:df:d3:d0:1e:03:7d:dd:61:ee:37:9c:c2:67:1f:28:77:37:
c5:11:97:c5:6a:b2:13:21:a8:68:84:66:b0:b8:96:01:a7:cb:
c8:91:7e:f2:4f:57:4a:8f:5f:35:d4:58:e9:ba:ec:c4:94:7b:
8b:ed:68:0a:06:72:f6:76:94:15:ea:8e:45:04:37:4c:db:9d:
b3:6f:ab:45:78:96:9b:76:96:a6:99:b9:62:0b:15:40:be:4e:
15:87:32:eb:af:c8:6d:5d:0b:d0:df:09:41:f8:64:5d:51:c7:
9a:d3:22:e1:84:9f:d4:46:6e:18:0e:d8:e9:12:8b:15:70:88:
2e:ef:f3:50:b2:74:97:a5:5a:b4:c0:f3:a3:75:19:34:d5:9a:
f1:2e:b2:c3:78:4c:26:71:fc:08:86:0a:ef:0e:b8:99:bc:4b:
25:15:9f:d4:e3:ca:fc:30:c0:90:aa:36:eb:c1:f0:c2:01:a6:
0d:c2:14:08
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICRPMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MjAx
MjIzMDdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEE1MTg3NTg1NjhEMUUw
ODA0NTdCMjczNTkzMTg2Q0RCMjAzMUFDNEUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDLxiV2AUvjm3bRTmZLKFz05qs176FyMm0nRiwBNWzyV8Aew/uS
mIV7cNx/m8oaR1MCx/iB/y5n3IWioOa5fhcWynrcHHOgf1gPdzvDwxyWXQUchO0h
YlXWUAGDeHKBwg2w/IAI3SIwC5zJhiV23aIM2qmnbshK2EWZAA4QvnOeTnSIX3wp
YP3deMYjeEFroFWM2We0w/kbUM8l1Pw6UZXEgR/nEAWwY9ErBG9C4VD4Kgq79vUw
MYTAyROJ/gK2td8BR/t1xDz1dt9lWqTwAESoqCFGe1mvZ68uoy6sADYiOye2PEF9
x9SccRpiqrdTXeSzDprKnwuKrl2kInWvR5jZAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUpRh1hWjR4IBFeyc1kxhs2yAxrE4wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3BSaDFoV2pSNElCRmV5
YzFreGhzMnlBeHJFNC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAANkQ2Kg4QCn3CkMGR/laJZk1DytCtq9
dgv12krHt6pr5VE3PPTM76lITIxeIBWcqsolLbLjXC3L3057BJddcbf0ZwWAwD+k
zYff09AeA33dYe43nMJnHyh3N8URl8VqshMhqGiEZrC4lgGny8iRfvJPV0qPXzXU
WOm67MSUe4vtaAoGcvZ2lBXqjkUEN0zbnbNvq0V4lpt2lqaZuWILFUC+ThWHMuuv
yG1dC9DfCUH4ZF1Rx5rTIuGEn9RGbhgO2OkSixVwiC7v81CydJelWrTA86N1GTTV
mvEussN4TCZx/AiGCu8OuJm8SyUVn9TjyvwwwJCqNuvB8MIBpg3CFAg=
-----END CERTIFICATE-----
Generated at Sat Apr 20 17:31:01 2024 by rpki-client on console.sobornost.net