Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/uJ1NyVSWKySUY5ViiWobbKGmTW0.roa
File: uJ1NyVSWKySUY5ViiWobbKGmTW0.roa (raw, json)
Hash identifier: 7E1Ons3wFUKKeQSMQLmGuLvv+n1WGMdKo7Icl7+FurU=
Subject key identifier: B8:9D:4D:C9:54:96:2B:24:94:63:95:62:89:6A:1B:6C:A1:A6:4D:6D
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 36F7
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/uJ1NyVSWKySUY5ViiWobbKGmTW0.roa
Signing time: Mon 01 Apr 2024 20:52:15 +0000
ROA not before: Mon 01 Apr 2024 20:52:15 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14071 (0x36f7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 1 20:52:15 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=B89D4DC954962B2494639562896A1B6CA1A64D6D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:1b:14:36:fd:9f:1d:09:4d:fa:c2:1c:07:37:
86:49:86:3c:dc:3a:e2:86:fb:c8:1f:6b:39:d6:14:
6f:6f:0f:d7:5a:ef:60:81:42:dd:e5:9d:20:ed:6e:
3e:a9:2e:c0:e8:1f:b5:90:3f:7d:c1:1c:d7:41:1b:
c7:d8:18:5a:2d:46:64:0a:c8:38:f9:c9:dd:16:35:
ef:e2:de:b3:a8:bd:2e:3b:fb:b4:a4:1d:78:21:c8:
92:be:23:49:dc:62:9e:8a:37:f9:f2:fb:e8:15:9e:
51:8b:ad:b6:67:63:59:83:b7:2f:1f:e2:47:2f:3d:
0f:1e:0d:7a:4f:2e:da:23:b3:a0:8c:52:00:9d:36:
f4:f3:2f:1d:14:8e:e9:d6:7f:25:ff:8f:b9:8d:bd:
a9:e5:9e:b8:b6:ff:f8:19:73:37:77:f9:4b:81:1e:
7e:6c:dd:7c:66:6e:d5:2d:c2:2a:9f:07:0c:6d:49:
97:fd:ce:6c:92:91:a4:f3:c5:1b:ee:f8:62:65:be:
82:76:97:16:21:fe:4e:3e:9a:41:0e:60:c3:99:cd:
7a:1b:cb:f2:b3:a5:0b:75:0b:1a:83:36:5f:e3:b8:
cf:62:4c:4d:66:2f:7d:6e:7f:48:96:a2:78:8f:b1:
8e:06:f9:4b:d4:e5:aa:9d:b9:9f:a0:f3:5e:22:78:
1e:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:9D:4D:C9:54:96:2B:24:94:63:95:62:89:6A:1B:6C:A1:A6:4D:6D
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/uJ1NyVSWKySUY5ViiWobbKGmTW0.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
22:ee:9c:18:b4:a4:e1:74:ba:13:af:33:d1:71:dc:64:e9:48:
fa:8d:32:ec:6f:e1:53:e1:9b:66:dd:dd:cb:32:d9:c5:3f:14:
4c:b2:9a:76:c5:e0:6d:22:9f:3f:89:bf:2f:4c:aa:b0:30:bb:
64:58:06:b5:b1:f5:3f:81:97:41:8f:51:38:4a:0c:05:1f:c4:
f3:b5:51:b3:35:76:b1:74:8b:d4:e3:c9:d0:bf:c7:a7:81:2d:
98:34:dd:76:29:d0:86:ac:7f:23:66:27:53:45:1d:d8:28:cd:
37:89:eb:fb:7a:10:b6:3a:a0:7d:90:5a:c4:74:44:98:79:2a:
1b:f9:92:8c:12:bc:b7:5d:09:3e:2c:cf:fd:78:22:6a:03:2a:
de:b7:e4:85:da:96:8c:ca:27:88:26:fa:b4:ea:7c:51:40:fb:
99:be:92:7f:e3:2e:a1:c2:9d:4c:d2:cc:9f:e2:12:a7:f3:7f:
2a:5e:6c:95:09:c1:d7:e9:d8:3d:f1:78:cd:4f:53:cc:d9:22:
82:b4:e6:31:04:47:eb:ad:10:d8:4b:9c:fc:6f:48:40:0a:8f:
9a:90:6a:8f:f9:b2:2b:30:92:bb:28:87:a0:52:da:8c:33:4a:
03:e1:e8:b1:99:cf:9e:13:8a:a9:bc:1b:59:b0:37:fd:03:ae:
93:6d:88:99
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICNvcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDEy
MDUyMTVaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEI4OUQ0REM5NTQ5NjJC
MjQ5NDYzOTU2Mjg5NkExQjZDQTFBNjRENkQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCUGxQ2/Z8dCU36whwHN4ZJhjzcOuKG+8gfaznWFG9vD9da72CB
Qt3lnSDtbj6pLsDoH7WQP33BHNdBG8fYGFotRmQKyDj5yd0WNe/i3rOovS47+7Sk
HXghyJK+I0ncYp6KN/ny++gVnlGLrbZnY1mDty8f4kcvPQ8eDXpPLtojs6CMUgCd
NvTzLx0UjunWfyX/j7mNvanlnri2//gZczd3+UuBHn5s3XxmbtUtwiqfBwxtSZf9
zmySkaTzxRvu+GJlvoJ2lxYh/k4+mkEOYMOZzXoby/KzpQt1CxqDNl/juM9iTE1m
L31uf0iWoniPsY4G+UvU5aqduZ+g814ieB5dAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUuJ1NyVSWKySUY5ViiWobbKGmTW0wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3VKMU55VlNXS3lTVVk1
VmlpV29iYktHbVRXMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBACLunBi0pOF0uhOvM9Fx3GTpSPqNMuxv
4VPhm2bd3csy2cU/FEyymnbF4G0inz+Jvy9MqrAwu2RYBrWx9T+Bl0GPUThKDAUf
xPO1UbM1drF0i9TjydC/x6eBLZg03XYp0IasfyNmJ1NFHdgozTeJ6/t6ELY6oH2Q
WsR0RJh5Khv5kowSvLddCT4sz/14ImoDKt635IXalozKJ4gm+rTqfFFA+5m+kn/j
LqHCnUzSzJ/iEqfzfypebJUJwdfp2D3xeM1PU8zZIoK05jEER+utENhLnPxvSEAK
j5qQao/5siswkrsoh6BS2owzSgPh6LGZz54Tiqm8G1mwN/0DrpNtiJk=
-----END CERTIFICATE-----
Generated at Tue Apr 2 02:40:47 2024 by rpki-client on console.sobornost.net