Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/wZfpGsOBcq4he50c6Imo1RtJ4Kw.roa
File: wZfpGsOBcq4he50c6Imo1RtJ4Kw.roa (raw, json)
Hash identifier: Z/d7cRzOFm+wzzOQJUr8LdRHA983HXScGBzToKiYr38=
Subject key identifier: C1:97:E9:1A:C3:81:72:AE:21:7B:9D:1C:E8:89:A8:D5:1B:49:E0:AC
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 397B
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/wZfpGsOBcq4he50c6Imo1RtJ4Kw.roa
Signing time: Fri 05 Apr 2024 05:22:26 +0000
ROA not before: Fri 05 Apr 2024 05:22:26 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14715 (0x397b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 5 05:22:26 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=C197E91AC38172AE217B9D1CE889A8D51B49E0AC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:24:88:d1:51:60:ca:4e:7c:e9:a5:6c:b6:40:
a8:17:09:2a:38:60:33:75:5a:3f:a7:4a:fe:76:ea:
70:27:97:58:06:65:d6:41:4d:4c:e6:12:c7:8d:11:
bc:8a:a5:bf:91:f1:96:19:c4:da:7e:ae:8c:45:9a:
7b:02:1e:05:61:bd:2c:db:11:7a:b0:21:45:de:87:
c4:ee:dc:7d:cf:8b:f7:8a:a3:b2:6a:82:4a:0a:a2:
d7:cd:3c:69:57:8f:63:04:39:42:f0:bc:24:14:a6:
60:f1:2f:42:79:80:f2:86:be:7c:19:f5:da:d8:c4:
f0:e0:65:62:a4:9d:22:2d:94:b3:e7:9b:93:ac:fe:
d6:11:85:0a:28:96:57:db:37:27:e1:b1:8e:c0:00:
05:39:93:a7:9b:13:bd:15:d5:d5:90:cc:4a:db:ec:
ca:a5:77:7e:76:3e:97:2c:25:07:b7:c8:e3:a2:a8:
e3:36:e9:ed:5b:aa:71:b5:39:86:02:90:c6:66:e6:
69:89:36:2d:c4:53:0f:6e:84:67:ae:d3:fd:b6:d5:
f8:42:bb:8a:1f:c9:30:72:50:1c:2e:b3:82:4c:98:
e8:da:3f:d3:01:f4:96:a1:f0:2d:89:48:5b:e6:ef:
86:dc:2f:c7:66:60:65:4a:48:b2:81:ed:41:e2:a9:
6f:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:97:E9:1A:C3:81:72:AE:21:7B:9D:1C:E8:89:A8:D5:1B:49:E0:AC
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/wZfpGsOBcq4he50c6Imo1RtJ4Kw.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
2b:c3:e4:6b:2f:06:c6:af:0c:0f:a5:58:42:d2:0b:4d:6e:34:
48:17:e9:34:46:58:bd:63:78:ea:b8:b7:b5:d7:a8:f4:80:d1:
80:98:11:ad:45:79:bd:96:5e:84:c2:de:e2:1a:27:60:af:a5:
b5:7e:ec:1d:be:5e:3c:0f:ed:7a:cc:18:f2:86:62:42:32:a5:
6e:5b:5d:b2:bf:d2:0f:a7:d0:b2:03:9f:7f:29:53:b5:88:d9:
73:14:9a:61:d0:23:74:be:6e:a2:1f:aa:c9:26:27:b8:b7:ac:
89:2a:8a:be:b7:5e:d0:b0:91:c0:a6:23:3e:2a:d8:74:88:17:
f3:4c:f6:3f:22:85:57:bb:ef:39:dd:8d:ea:c3:a2:5d:6d:07:
e7:b5:cb:75:5a:1e:18:f4:d2:3d:4c:03:64:25:0d:18:1b:02:
df:ab:98:12:e7:19:09:8d:de:1e:de:54:69:1b:d1:e3:96:7a:
b5:bb:0c:b1:fb:3a:38:1d:44:fa:6e:47:57:d4:2a:6f:bf:ad:
c4:bb:53:82:31:da:76:e3:d3:a3:8a:32:83:74:63:58:c0:2c:
16:fb:f1:56:53:9f:7e:aa:86:91:06:e3:d2:44:cb:72:d0:c2:
51:ed:87:23:93:07:f7:d5:7e:72:56:bf:cd:99:07:0e:cf:05:
3f:d6:92:cb
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICOXswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDUw
NTIyMjZaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEMxOTdFOTFBQzM4MTcy
QUUyMTdCOUQxQ0U4ODlBOEQ1MUI0OUUwQUMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDTJIjRUWDKTnzppWy2QKgXCSo4YDN1Wj+nSv526nAnl1gGZdZB
TUzmEseNEbyKpb+R8ZYZxNp+roxFmnsCHgVhvSzbEXqwIUXeh8Tu3H3Pi/eKo7Jq
gkoKotfNPGlXj2MEOULwvCQUpmDxL0J5gPKGvnwZ9drYxPDgZWKknSItlLPnm5Os
/tYRhQoollfbNyfhsY7AAAU5k6ebE70V1dWQzErb7Mqld352PpcsJQe3yOOiqOM2
6e1bqnG1OYYCkMZm5mmJNi3EUw9uhGeu0/221fhCu4ofyTByUBwus4JMmOjaP9MB
9Jah8C2JSFvm74bcL8dmYGVKSLKB7UHiqW/HAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUwZfpGsOBcq4he50c6Imo1RtJ4KwwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3daZnBHc09CY3E0aGU1
MGM2SW1vMVJ0SjRLdy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBACvD5GsvBsavDA+lWELSC01uNEgX6TRG
WL1jeOq4t7XXqPSA0YCYEa1Feb2WXoTC3uIaJ2CvpbV+7B2+XjwP7XrMGPKGYkIy
pW5bXbK/0g+n0LIDn38pU7WI2XMUmmHQI3S+bqIfqskmJ7i3rIkqir63XtCwkcCm
Iz4q2HSIF/NM9j8ihVe77zndjerDol1tB+e1y3VaHhj00j1MA2QlDRgbAt+rmBLn
GQmN3h7eVGkb0eOWerW7DLH7OjgdRPpuR1fUKm+/rcS7U4Ix2nbj06OKMoN0Y1jA
LBb78VZTn36qhpEG49JEy3LQwlHthyOTB/fVfnJWv82ZBw7PBT/Wkss=
-----END CERTIFICATE-----
Generated at Fri Apr 5 12:25:50 2024 by rpki-client on console.sobornost.net