Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/vgDD_YzPZyZ9V0bVgVPMtLn1N0k.roa
File: vgDD_YzPZyZ9V0bVgVPMtLn1N0k.roa (raw, json)
Hash identifier: MkImAlPhBwAFuQ5BY3zZZ6aJVsmdqXHozvn41gTqKts=
Subject key identifier: BE:00:C3:FD:8C:CF:67:26:7D:57:46:D5:81:53:CC:B4:B9:F5:37:49
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 40FB
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vgDD_YzPZyZ9V0bVgVPMtLn1N0k.roa
Signing time: Mon 15 Apr 2024 05:22:53 +0000
ROA not before: Mon 15 Apr 2024 05:22:53 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16635 (0x40fb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 15 05:22:53 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=BE00C3FD8CCF67267D5746D58153CCB4B9F53749
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:b5:c7:dd:15:1c:d1:ea:a1:54:21:0b:c9:70:
04:ee:64:24:6c:06:87:05:4d:c3:20:e7:51:c1:09:
b8:27:bc:4b:2f:01:30:7f:85:e5:50:6a:2b:51:70:
ae:78:e8:f7:d0:96:2b:9c:ff:f0:74:d5:63:46:b0:
fd:99:b3:74:48:ff:9e:29:27:a1:50:c5:ce:0d:b5:
13:d3:32:05:00:03:b4:a5:2b:5c:64:a4:d7:3b:79:
0b:e9:15:b0:da:fe:c4:1f:d7:94:d9:50:9f:85:f4:
05:d8:f8:e1:70:0b:93:c3:22:8f:9f:48:59:ba:59:
b9:bf:90:1c:e3:4b:7f:2c:62:50:b3:b9:45:5a:1e:
1d:5c:0e:cd:95:dc:17:d7:1b:ea:2d:6e:e0:48:94:
89:74:fb:7f:c2:31:6b:e6:55:ec:a9:ef:90:fc:f5:
45:f8:39:6a:91:5c:d7:54:3f:6e:fe:57:44:91:cd:
7a:72:79:57:e8:f4:6f:f5:83:a1:25:af:ea:c6:03:
4d:b8:29:ec:ca:c4:d1:85:e6:a2:72:0a:9f:9a:05:
91:58:99:f2:09:98:0c:de:aa:f0:23:64:89:f8:e2:
49:1b:f6:fa:4b:fe:a8:8b:5d:dc:25:25:cd:a5:a4:
1f:99:3a:7c:48:32:62:86:4b:53:b6:06:a2:cb:89:
b1:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:00:C3:FD:8C:CF:67:26:7D:57:46:D5:81:53:CC:B4:B9:F5:37:49
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vgDD_YzPZyZ9V0bVgVPMtLn1N0k.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
5c:47:6f:72:80:2f:03:f2:23:ac:9f:c6:1e:0e:b5:c4:ba:9b:
0e:b7:f7:fb:28:24:e7:4c:c7:cc:9d:12:cc:0e:74:99:3e:e3:
16:af:0f:c1:8a:a7:5a:f7:cd:70:1c:c1:f1:5f:eb:ff:50:e5:
67:8e:0c:e0:72:5a:4b:cd:7b:5c:9b:90:0b:db:cd:f8:f9:af:
aa:61:83:59:82:b3:2f:29:dc:dc:bb:22:7e:d7:16:fd:a1:2e:
17:56:97:a1:35:a2:25:af:f8:f7:2e:ad:2b:02:98:9a:3a:d8:
36:3c:94:9b:d1:22:95:88:e3:7b:20:72:50:a8:b9:5f:86:9d:
fc:92:3f:35:dd:68:93:82:5a:b2:07:79:03:8e:d8:b7:48:34:
56:c9:49:23:79:fc:9e:4e:6d:16:4f:38:cc:64:4f:7e:a8:d6:
9e:e2:73:58:7d:3d:ef:4d:2f:e1:09:f2:27:2f:4b:5b:6a:61:
c9:d6:28:b7:70:c3:fe:b9:f5:35:d4:75:0f:dc:3a:f4:01:51:
c6:ed:dd:f6:30:39:09:c3:1c:df:d5:73:c8:f3:f6:53:20:53:
41:44:49:0b:fc:ba:5f:53:62:2e:b2:1b:d3:e2:34:94:01:34:
28:75:ee:22:7d:c6:b1:23:a4:99:93:68:b3:a3:5b:62:8e:dc:
34:f0:0e:13
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICQPswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTUw
NTIyNTNaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEJFMDBDM0ZEOENDRjY3
MjY3RDU3NDZENTgxNTNDQ0I0QjlGNTM3NDkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC7tcfdFRzR6qFUIQvJcATuZCRsBocFTcMg51HBCbgnvEsvATB/
heVQaitRcK546PfQliuc//B01WNGsP2Zs3RI/54pJ6FQxc4NtRPTMgUAA7SlK1xk
pNc7eQvpFbDa/sQf15TZUJ+F9AXY+OFwC5PDIo+fSFm6Wbm/kBzjS38sYlCzuUVa
Hh1cDs2V3BfXG+otbuBIlIl0+3/CMWvmVeyp75D89UX4OWqRXNdUP27+V0SRzXpy
eVfo9G/1g6Elr+rGA024KezKxNGF5qJyCp+aBZFYmfIJmAzeqvAjZIn44kkb9vpL
/qiLXdwlJc2lpB+ZOnxIMmKGS1O2BqLLibHXAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUvgDD/YzPZyZ9V0bVgVPMtLn1N0kwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3ZnRERfWXpQWnlaOVYw
YlZnVlBNdExuMU4way5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAFxHb3KALwPyI6yfxh4OtcS6mw639/so
JOdMx8ydEswOdJk+4xavD8GKp1r3zXAcwfFf6/9Q5WeODOByWkvNe1ybkAvbzfj5
r6phg1mCsy8p3Ny7In7XFv2hLhdWl6E1oiWv+PcurSsCmJo62DY8lJvRIpWI43sg
clCouV+GnfySPzXdaJOCWrIHeQOO2LdINFbJSSN5/J5ObRZPOMxkT36o1p7ic1h9
Pe9NL+EJ8icvS1tqYcnWKLdww/659TXUdQ/cOvQBUcbt3fYwOQnDHN/Vc8jz9lMg
U0FESQv8ul9TYi6yG9PiNJQBNCh17iJ9xrEjpJmTaLOjW2KO3DTwDhM=
-----END CERTIFICATE-----
Generated at Mon Apr 15 11:57:31 2024 by rpki-client on console.sobornost.net