Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/svJYQHYP4lE8xLk6qh3GMpY74LU.roa
File: svJYQHYP4lE8xLk6qh3GMpY74LU.roa (raw, json)
Hash identifier: D828d48ZZ9PBuYxsF4/KLMrkq5dPCMDetHFWAP2EP3I=
Subject key identifier: B2:F2:58:40:76:0F:E2:51:3C:C4:B9:3A:AA:1D:C6:32:96:3B:E0:B5
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3C8B
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/svJYQHYP4lE8xLk6qh3GMpY74LU.roa
Signing time: Tue 09 Apr 2024 07:22:36 +0000
ROA not before: Tue 09 Apr 2024 07:22:36 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15499 (0x3c8b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 9 07:22:36 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=B2F25840760FE2513CC4B93AAA1DC632963BE0B5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:be:47:e5:aa:02:a0:ba:f5:f4:a4:5a:f2:9d:
a8:21:98:3b:f4:0e:dd:27:e7:f4:77:7b:56:5f:ce:
17:49:0e:1b:7e:96:fb:2b:19:9b:de:08:68:d6:2b:
15:29:2f:cc:3e:ea:b4:7b:34:a4:cc:90:89:d2:1c:
66:88:79:8c:5c:9e:69:16:34:41:d3:cd:63:f7:71:
51:98:77:ea:08:b2:d9:29:61:36:61:96:dd:28:f6:
3c:ea:14:b8:52:18:c0:5c:8f:0c:0a:4e:ba:9d:36:
01:d0:c8:65:30:17:39:ad:1b:56:8f:f9:50:fc:3b:
64:22:05:cb:ff:74:0e:af:ba:d0:0b:4a:0e:5e:f4:
0c:ed:3d:29:3a:d3:08:2b:0b:2a:d8:1f:cb:97:67:
cb:31:af:8c:86:89:12:34:68:d2:d1:7c:99:67:80:
ac:c1:ed:6a:91:74:c4:07:6c:55:b2:56:d8:9f:a1:
8e:d6:e6:b4:d3:7e:e7:01:f1:70:91:82:f8:37:ba:
57:95:41:14:59:6a:86:03:d8:c8:da:7e:80:9f:fb:
df:88:ae:24:db:0b:29:8f:12:f9:9a:8a:c0:99:ef:
76:2b:5a:a6:7b:54:73:c6:1b:92:56:e4:1b:f2:8e:
33:57:e3:d1:8f:da:75:85:4b:95:a4:d1:30:fb:d0:
1b:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:F2:58:40:76:0F:E2:51:3C:C4:B9:3A:AA:1D:C6:32:96:3B:E0:B5
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/svJYQHYP4lE8xLk6qh3GMpY74LU.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
68:53:44:8f:c2:31:db:b5:7e:2c:c8:4c:4b:7b:ad:86:7f:78:
09:b3:c0:49:b7:c9:8d:81:be:4e:02:4d:77:cc:1a:b9:50:64:
d7:40:79:5e:b7:88:85:05:ed:c3:d1:54:93:9c:3f:1a:d9:f0:
76:f4:61:42:65:3f:d4:e8:b1:14:ed:fb:3a:8a:58:2a:53:91:
77:2d:73:2d:a3:a3:e4:30:42:b6:5f:cd:a8:b5:67:8f:40:09:
bf:b4:2c:11:e9:fe:73:a7:1f:ff:f2:2f:0d:c1:65:8a:9c:f1:
97:bc:bd:ee:5f:0e:d6:b1:df:33:17:e1:ec:7c:7a:81:f5:53:
4f:56:20:d3:1e:08:7e:e1:ca:96:04:9d:8d:3b:a0:ed:64:f6:
cd:33:da:e3:bb:c8:f2:9a:42:db:36:13:d7:0d:42:1e:c1:4f:
8d:57:ed:e8:24:14:38:ef:71:5a:89:88:0d:b6:df:3d:70:a7:
37:16:37:9d:0c:05:aa:71:c1:70:69:cc:66:48:64:7f:9e:66:
15:dd:7e:b2:6a:33:8d:6b:78:f1:35:39:67:f3:b9:76:7b:18:
1b:d4:97:e9:9e:c5:9d:82:2c:11:9a:ee:3e:6d:7a:d2:4f:c4:
7a:0b:6c:fc:47:a1:3e:ca:62:63:15:84:a3:a9:2e:4d:8b:9a:
fc:da:23:c6
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICPIswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDkw
NzIyMzZaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEIyRjI1ODQwNzYwRkUy
NTEzQ0M0QjkzQUFBMURDNjMyOTYzQkUwQjUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC+vkflqgKguvX0pFrynaghmDv0Dt0n5/R3e1ZfzhdJDht+lvsr
GZveCGjWKxUpL8w+6rR7NKTMkInSHGaIeYxcnmkWNEHTzWP3cVGYd+oIstkpYTZh
lt0o9jzqFLhSGMBcjwwKTrqdNgHQyGUwFzmtG1aP+VD8O2QiBcv/dA6vutALSg5e
9AztPSk60wgrCyrYH8uXZ8sxr4yGiRI0aNLRfJlngKzB7WqRdMQHbFWyVtifoY7W
5rTTfucB8XCRgvg3uleVQRRZaoYD2MjafoCf+9+IriTbCymPEvmaisCZ73YrWqZ7
VHPGG5JW5BvyjjNX49GP2nWFS5Wk0TD70BtRAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUsvJYQHYP4lE8xLk6qh3GMpY74LUwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3N2SllRSFlQNGxFOHhM
azZxaDNHTXBZNzRMVS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAGhTRI/CMdu1fizITEt7rYZ/eAmzwEm3
yY2Bvk4CTXfMGrlQZNdAeV63iIUF7cPRVJOcPxrZ8Hb0YUJlP9TosRTt+zqKWCpT
kXctcy2jo+QwQrZfzai1Z49ACb+0LBHp/nOnH//yLw3BZYqc8Ze8ve5fDtax3zMX
4ex8eoH1U09WINMeCH7hypYEnY07oO1k9s0z2uO7yPKaQts2E9cNQh7BT41X7egk
FDjvcVqJiA223z1wpzcWN50MBapxwXBpzGZIZH+eZhXdfrJqM41rePE1OWfzuXZ7
GBvUl+mexZ2CLBGa7j5tetJPxHoLbPxHoT7KYmMVhKOpLk2LmvzaI8Y=
-----END CERTIFICATE-----
Generated at Tue Apr 9 13:37:39 2024 by rpki-client on console.sobornost.net