Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/v1XcNGi1EUcSNuib62dFsqxyqEg.roa
File: v1XcNGi1EUcSNuib62dFsqxyqEg.roa (raw, json)
Hash identifier: 7IPNcfu65C5qcyIpZ2YIi76IwJW89ckADaNEqhbgjYE=
Subject key identifier: BF:55:DC:34:68:B5:11:47:12:36:E8:9B:EB:67:45:B2:AC:72:A8:48
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4387
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/v1XcNGi1EUcSNuib62dFsqxyqEg.roa
Signing time: Thu 18 Apr 2024 14:53:01 +0000
ROA not before: Thu 18 Apr 2024 14:53:01 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17287 (0x4387)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 18 14:53:01 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=BF55DC3468B511471236E89BEB6745B2AC72A848
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:1a:dd:79:64:63:1d:21:d8:87:30:67:85:4b:
dd:f7:bb:07:2a:6f:ed:56:da:68:9d:24:01:5f:6e:
04:c3:9f:7d:ee:e8:91:fe:71:e1:f3:98:87:c3:65:
c3:13:26:4a:5b:92:17:57:b3:41:41:f1:9a:df:c0:
cf:52:b1:04:94:35:82:8e:d3:63:8f:43:0d:f7:57:
33:72:fd:14:74:c0:00:df:f7:71:1c:ab:8c:7c:68:
1d:3b:c1:d2:16:3c:00:aa:a4:a2:a1:82:09:9c:b5:
07:ec:64:f3:65:92:69:c8:98:49:b2:bf:e3:e4:b7:
40:70:be:c7:e6:43:fd:8e:cd:f7:fc:62:a4:9e:78:
80:85:33:87:92:2e:0d:5f:88:78:28:b0:f0:5f:54:
85:46:dd:8d:2d:ed:8d:db:d2:dd:c7:ea:2d:87:36:
a1:14:33:2e:1d:ca:f4:b0:63:65:71:8d:55:c0:f4:
e7:b3:6d:e2:7d:7b:ac:21:2a:b7:49:83:b0:16:42:
a8:59:ba:68:c4:62:75:8e:b0:e6:a0:5f:ba:2a:b9:
1c:20:1e:f3:93:bf:3d:c1:e6:4f:37:91:f8:4e:c5:
0a:44:96:17:92:7f:52:61:22:23:9d:63:c2:1c:b0:
6b:d8:83:3d:9e:59:a7:ad:18:90:04:09:67:68:a1:
c9:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:55:DC:34:68:B5:11:47:12:36:E8:9B:EB:67:45:B2:AC:72:A8:48
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/v1XcNGi1EUcSNuib62dFsqxyqEg.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
32:91:78:a3:13:88:70:3b:ce:ef:6f:ab:bd:51:c2:6a:38:f8:
99:22:d1:66:1b:4d:eb:e4:31:4f:e2:c9:9b:33:ca:9d:5f:e9:
22:fa:34:b3:25:93:7f:5f:8b:6c:d9:79:34:b1:2d:9e:33:a8:
78:70:81:e8:b2:cc:99:43:ac:f6:e6:9e:68:c0:2a:59:53:84:
13:0b:ae:29:2d:57:9b:3d:13:92:a8:9d:1e:a4:e5:ed:79:9c:
93:0c:b7:fb:98:14:93:b5:02:c5:4f:a3:8d:a4:f2:ec:d3:bc:
1d:8e:bf:a5:86:48:d8:e7:a1:46:6c:f0:47:be:ce:fc:c1:50:
5d:c0:df:9d:75:28:26:e0:52:19:96:ee:0d:08:9a:6b:60:a6:
de:61:2b:73:a4:c9:a8:69:a1:7a:89:c3:8e:72:76:0a:c0:77:
f8:f1:3a:ad:0e:1b:0d:5b:4d:62:a5:75:3d:93:e9:90:ab:08:
1d:cc:b9:4d:cc:1d:44:6c:69:94:6b:c8:10:19:3e:dd:4e:2a:
cf:72:98:75:00:d5:ab:7c:9c:67:cc:cd:cd:52:44:a0:03:f9:
4f:29:b8:33:37:7f:e2:37:da:9f:01:86:77:9a:b7:0e:6d:d6:
49:15:3f:7f:1f:69:73:64:5c:4d:f7:c0:c7:eb:19:f6:ce:d0:
81:02:0d:a2
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICQ4cwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTgx
NDUzMDFaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEJGNTVEQzM0NjhCNTEx
NDcxMjM2RTg5QkVCNjc0NUIyQUM3MkE4NDgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDTGt15ZGMdIdiHMGeFS933uwcqb+1W2midJAFfbgTDn33u6JH+
ceHzmIfDZcMTJkpbkhdXs0FB8ZrfwM9SsQSUNYKO02OPQw33VzNy/RR0wADf93Ec
q4x8aB07wdIWPACqpKKhggmctQfsZPNlkmnImEmyv+Pkt0BwvsfmQ/2Ozff8YqSe
eICFM4eSLg1fiHgosPBfVIVG3Y0t7Y3b0t3H6i2HNqEUMy4dyvSwY2VxjVXA9Oez
beJ9e6whKrdJg7AWQqhZumjEYnWOsOagX7oquRwgHvOTvz3B5k83kfhOxQpElheS
f1JhIiOdY8IcsGvYgz2eWaetGJAECWdoockxAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUv1XcNGi1EUcSNuib62dFsqxyqEgwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3YxWGNOR2kxRVVjU051
aWI2MmRGc3F4eXFFZy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBADKReKMTiHA7zu9vq71Rwmo4+Jki0WYb
TevkMU/iyZszyp1f6SL6NLMlk39fi2zZeTSxLZ4zqHhwgeiyzJlDrPbmnmjAKllT
hBMLriktV5s9E5KonR6k5e15nJMMt/uYFJO1AsVPo42k8uzTvB2Ov6WGSNjnoUZs
8Ee+zvzBUF3A3511KCbgUhmW7g0Immtgpt5hK3OkyahpoXqJw45ydgrAd/jxOq0O
Gw1bTWKldT2T6ZCrCB3MuU3MHURsaZRryBAZPt1OKs9ymHUA1at8nGfMzc1SRKAD
+U8puDM3f+I32p8Bhneatw5t1kkVP38faXNkXE33wMfrGfbO0IECDaI=
-----END CERTIFICATE-----
Generated at Thu Apr 18 22:00:45 2024 by rpki-client on console.sobornost.net