Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/sxXyLL7W0GhTJVM1Ki5IdT7oOlo.roa
File: sxXyLL7W0GhTJVM1Ki5IdT7oOlo.roa (raw, json)
Hash identifier: Rwpv/HBr/s5QebzZQQc8LCv+TA7A6OHuKI2kE7dz57w=
Subject key identifier: B3:15:F2:2C:BE:D6:D0:68:53:25:53:35:2A:2E:48:75:3E:E8:3A:5A
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3FA7
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/sxXyLL7W0GhTJVM1Ki5IdT7oOlo.roa
Signing time: Sat 13 Apr 2024 10:53:14 +0000
ROA not before: Sat 13 Apr 2024 10:53:14 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16295 (0x3fa7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 13 10:53:14 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=B315F22CBED6D068532553352A2E48753EE83A5A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:a8:d0:58:f7:db:53:c3:a3:87:1a:38:1e:db:
5b:2f:4b:0e:92:25:3f:06:a4:ea:27:b9:31:9d:a8:
87:ff:c7:a9:f3:88:47:7c:fa:76:df:9f:72:ee:46:
65:a6:53:86:15:8d:76:0e:68:b4:0a:6f:e1:bb:67:
b0:87:e6:6d:31:26:58:5b:95:d4:0f:5e:90:d4:97:
14:be:d8:6e:70:c5:91:00:e6:a1:dd:0c:13:72:f8:
6c:42:2c:ad:2d:cb:f9:b1:d4:56:e8:24:0f:be:24:
61:0c:66:90:e1:67:1d:29:d5:2e:7d:24:6b:15:82:
09:41:63:ff:c8:e7:a1:21:d5:a1:75:96:59:40:3e:
6a:52:5a:5c:df:81:b7:fc:aa:8b:79:66:62:7c:63:
1b:1c:90:84:26:03:2b:cd:7c:94:fb:09:e5:4a:65:
b4:50:d4:d2:3e:a3:4a:a9:fe:f5:29:10:d7:0a:e5:
d1:00:62:40:5b:c4:c9:8e:09:06:95:2f:46:34:12:
83:f9:37:7c:75:bd:5b:e6:58:50:b9:9d:ce:93:9e:
4c:23:da:6d:c3:0c:41:a4:d6:47:aa:44:9a:91:f9:
b4:ed:3e:45:be:7a:2c:e3:d1:23:5f:17:a1:62:dd:
6f:6d:e4:b5:60:f7:fe:f8:07:ba:f7:04:33:7f:8b:
dd:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:15:F2:2C:BE:D6:D0:68:53:25:53:35:2A:2E:48:75:3E:E8:3A:5A
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/sxXyLL7W0GhTJVM1Ki5IdT7oOlo.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
92:f5:7c:74:3c:3e:96:2a:b2:51:5d:66:c9:9b:79:92:31:83:
51:b5:fe:26:2f:5e:4d:bf:f2:ff:9f:2b:b8:b0:5c:0f:6a:5a:
99:0b:16:44:48:7d:6e:c6:c9:6f:a7:c5:ea:7e:8d:a1:51:7c:
60:c6:98:03:fc:cc:87:91:40:2a:e1:9a:b0:39:ed:8c:51:a6:
13:31:a3:dd:cd:e8:e4:1b:ad:fe:02:e4:a8:48:4f:52:4b:65:
08:74:35:f4:4d:84:2e:d8:58:be:9e:ed:54:03:2a:0c:e6:40:
c3:9d:21:95:5c:1b:33:0f:b1:86:e2:4d:25:51:d1:bc:5c:35:
ec:bc:33:37:9c:48:64:a6:f3:67:6f:9c:7b:54:f9:f5:45:f0:
0b:9e:ab:55:c8:1f:a2:f3:1c:23:1b:e4:7f:3a:0d:0c:05:4e:
36:ba:08:00:38:ff:18:0a:91:32:e3:bc:3f:86:90:81:e0:94:
95:69:86:24:af:3f:13:32:49:d9:44:1a:93:4c:74:38:45:fc:
aa:d5:77:a1:63:98:c9:d7:b3:a8:d0:45:ac:62:17:eb:b4:f5:
9f:12:46:c3:99:d0:d0:f6:d0:7d:e6:ba:b0:cc:94:4d:ed:b1:
e5:58:26:13:da:bc:41:79:76:ae:5f:df:07:62:f2:42:bd:00:
52:3b:d7:1e
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICP6cwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTMx
MDUzMTRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEIzMTVGMjJDQkVENkQw
Njg1MzI1NTMzNTJBMkU0ODc1M0VFODNBNUEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC3qNBY99tTw6OHGjge21svSw6SJT8GpOonuTGdqIf/x6nziEd8
+nbfn3LuRmWmU4YVjXYOaLQKb+G7Z7CH5m0xJlhbldQPXpDUlxS+2G5wxZEA5qHd
DBNy+GxCLK0ty/mx1FboJA++JGEMZpDhZx0p1S59JGsVgglBY//I56Eh1aF1lllA
PmpSWlzfgbf8qot5ZmJ8YxsckIQmAyvNfJT7CeVKZbRQ1NI+o0qp/vUpENcK5dEA
YkBbxMmOCQaVL0Y0EoP5N3x1vVvmWFC5nc6Tnkwj2m3DDEGk1keqRJqR+bTtPkW+
eizj0SNfF6Fi3W9t5LVg9/74B7r3BDN/i93dAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUsxXyLL7W0GhTJVM1Ki5IdT7oOlowHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3N4WHlMTDdXMEdoVEpW
TTFLaTVJZFQ3b09sby5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAJL1fHQ8PpYqslFdZsmbeZIxg1G1/iYv
Xk2/8v+fK7iwXA9qWpkLFkRIfW7GyW+nxep+jaFRfGDGmAP8zIeRQCrhmrA57YxR
phMxo93N6OQbrf4C5KhIT1JLZQh0NfRNhC7YWL6e7VQDKgzmQMOdIZVcGzMPsYbi
TSVR0bxcNey8MzecSGSm82dvnHtU+fVF8Aueq1XIH6LzHCMb5H86DQwFTja6CAA4
/xgKkTLjvD+GkIHglJVphiSvPxMySdlEGpNMdDhF/KrVd6FjmMnXs6jQRaxiF+u0
9Z8SRsOZ0ND20H3murDMlE3tseVYJhPavEF5dq5f3wdi8kK9AFI71x4=
-----END CERTIFICATE-----
Generated at Sat Apr 13 17:22:19 2024 by rpki-client on console.sobornost.net