Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/uUd-CxfA8h7yhZmmrh22lA_gct8.roa
File: uUd-CxfA8h7yhZmmrh22lA_gct8.roa (raw, json)
Hash identifier: lzDuRzZrzrz206d6uKX8QDsVudbTw3L0JOBlZURlSFo=
Subject key identifier: B9:47:7E:0B:17:C0:F2:1E:F2:85:99:A6:AE:1D:B6:94:0F:E0:72:DF
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 455F
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/uUd-CxfA8h7yhZmmrh22lA_gct8.roa
Signing time: Sun 21 Apr 2024 01:53:07 +0000
ROA not before: Sun 21 Apr 2024 01:53:07 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17759 (0x455f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 21 01:53:07 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=B9477E0B17C0F21EF28599A6AE1DB6940FE072DF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:a5:d5:e4:fe:e7:9b:d9:33:a8:91:a4:a6:59:
de:8c:da:45:d6:94:6a:fb:66:c3:90:50:9b:4b:80:
f0:90:f6:c7:ff:08:78:7c:ea:05:c9:40:cb:c8:14:
32:29:7e:b5:22:bf:5c:3a:a8:3c:2a:e2:b0:05:ef:
4e:36:bb:61:ad:26:77:fa:2a:a5:44:ce:c8:b4:e2:
e6:14:31:47:85:83:4c:41:92:a0:e7:2d:76:4a:62:
e6:44:1d:11:5d:47:c5:1b:44:9d:41:f4:4e:db:31:
ab:16:7e:86:72:9a:8b:02:2d:8e:04:9d:fd:08:eb:
e2:25:d4:57:b0:42:ab:e3:33:cc:d1:06:1c:c0:bb:
1c:50:0e:2a:72:87:7a:11:81:dd:ee:1a:43:81:21:
b0:65:69:d8:b9:ea:5f:ad:1d:e4:d6:3a:5d:f4:e1:
ad:08:4b:a6:a1:b1:c9:5c:9e:51:f6:56:cc:df:18:
7d:ca:87:cc:97:f2:2e:f4:9d:fe:a3:e0:ae:8a:0b:
48:fb:61:ab:52:37:d9:82:99:81:ab:0a:86:40:ac:
7e:09:64:68:53:ea:7a:3a:4a:26:69:16:af:ed:d8:
df:54:3e:10:a6:32:a6:c5:fd:54:5e:8a:49:34:24:
86:52:a5:52:21:1b:df:3f:dd:bc:0f:d7:60:c5:f4:
14:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:47:7E:0B:17:C0:F2:1E:F2:85:99:A6:AE:1D:B6:94:0F:E0:72:DF
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/uUd-CxfA8h7yhZmmrh22lA_gct8.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
a1:a3:1a:ae:91:3a:f6:3c:af:c9:eb:04:6b:03:74:c2:27:a9:
ad:7a:d6:c2:f2:0c:e2:d6:4a:6b:18:ff:f0:45:d5:49:71:fd:
f6:e4:5c:f9:42:a7:cd:00:76:b7:71:30:2d:e2:7b:75:d1:e2:
e4:b2:8b:b8:58:d2:23:89:63:54:c5:dd:d8:5a:9f:56:b0:1c:
40:c3:24:cf:86:92:54:c9:1a:de:01:2c:0b:fe:a4:68:7a:f3:
11:38:a0:d4:fa:a2:cc:2c:00:f7:7f:fc:bb:59:c8:71:66:62:
f0:be:c5:20:26:c5:34:f7:9a:6f:20:6d:43:37:fa:d8:6f:a7:
93:86:6c:0c:51:9e:72:f5:94:55:f3:f2:a5:98:35:47:84:e8:
17:f5:6c:b0:91:da:99:dd:72:fd:c5:52:18:98:1f:89:a4:f7:
4f:9c:f8:7c:38:05:0b:63:79:32:42:29:85:84:65:c0:dd:0b:
98:00:1d:73:29:f8:04:7e:19:9b:7d:ab:23:ce:c2:bb:fd:18:
29:3d:42:4b:45:10:66:f8:fb:84:97:a5:af:fb:e8:ec:40:3b:
39:0a:b3:2a:b6:8c:a7:de:b5:5a:e0:27:12:2d:bd:86:ea:a1:
5e:d6:ee:4c:1c:00:f5:6f:fe:fb:93:f7:d3:2f:c8:f8:c8:b3:
d4:77:07:99
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICRV8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MjEw
MTUzMDdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEI5NDc3RTBCMTdDMEYy
MUVGMjg1OTlBNkFFMURCNjk0MEZFMDcyREYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC8pdXk/ueb2TOokaSmWd6M2kXWlGr7ZsOQUJtLgPCQ9sf/CHh8
6gXJQMvIFDIpfrUiv1w6qDwq4rAF7042u2GtJnf6KqVEzsi04uYUMUeFg0xBkqDn
LXZKYuZEHRFdR8UbRJ1B9E7bMasWfoZymosCLY4Enf0I6+Il1FewQqvjM8zRBhzA
uxxQDipyh3oRgd3uGkOBIbBladi56l+tHeTWOl304a0IS6ahsclcnlH2VszfGH3K
h8yX8i70nf6j4K6KC0j7YatSN9mCmYGrCoZArH4JZGhT6no6SiZpFq/t2N9UPhCm
MqbF/VReikk0JIZSpVIhG98/3bwP12DF9BQvAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUuUd+CxfA8h7yhZmmrh22lA/gct8wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3VVZC1DeGZBOGg3eWha
bW1yaDIybEFfZ2N0OC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAKGjGq6ROvY8r8nrBGsDdMInqa161sLy
DOLWSmsY//BF1Ulx/fbkXPlCp80AdrdxMC3ie3XR4uSyi7hY0iOJY1TF3dhan1aw
HEDDJM+GklTJGt4BLAv+pGh68xE4oNT6oswsAPd//LtZyHFmYvC+xSAmxTT3mm8g
bUM3+thvp5OGbAxRnnL1lFXz8qWYNUeE6Bf1bLCR2pndcv3FUhiYH4mk90+c+Hw4
BQtjeTJCKYWEZcDdC5gAHXMp+AR+GZt9qyPOwrv9GCk9QktFEGb4+4SXpa/76OxA
OzkKsyq2jKfetVrgJxItvYbqoV7W7kwcAPVv/vuT99MvyPjIs9R3B5k=
-----END CERTIFICATE-----
Generated at Sun Apr 21 07:56:36 2024 by rpki-client on console.sobornost.net