Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/xF27694j2CbdG6_plNKw-iJXyHY.roa
File: xF27694j2CbdG6_plNKw-iJXyHY.roa (raw, json)
Hash identifier: FODyKe//d2gXVWC1fM5Pc2sEm0OvdrdgTUp187nneBs=
Subject key identifier: C4:5D:BB:EB:DE:23:D8:26:DD:1B:AF:E9:94:D2:B0:FA:22:57:C8:76
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3E43
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/xF27694j2CbdG6_plNKw-iJXyHY.roa
Signing time: Thu 11 Apr 2024 14:23:15 +0000
ROA not before: Thu 11 Apr 2024 14:23:15 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15939 (0x3e43)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 11 14:23:15 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=C45DBBEBDE23D826DD1BAFE994D2B0FA2257C876
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:d2:6c:e1:e0:e3:da:9c:e9:e3:98:e9:29:48:
da:c5:6c:77:94:87:89:b0:44:04:7b:e1:ec:a2:49:
a5:c6:c6:02:bf:c6:c9:f6:91:ce:b9:b4:6a:af:5f:
83:ec:df:52:b5:05:b2:89:bc:cb:69:83:bb:a1:c3:
f4:61:89:41:d4:cb:bd:5b:8a:b7:71:77:da:db:ae:
76:58:b0:dc:0b:48:c5:e3:a7:01:06:af:7f:fe:87:
b9:2e:6c:3a:94:5d:62:9a:74:9f:03:ec:06:7b:eb:
5c:91:88:01:6e:28:9c:20:6a:c8:fb:bb:31:90:a8:
5b:34:15:62:86:a9:fb:07:92:83:92:c7:2d:7c:19:
d7:d7:09:03:83:36:45:13:86:86:d7:f9:11:05:ef:
84:8f:f0:6d:49:c1:99:b0:9f:58:e9:1f:35:17:37:
78:de:78:ec:51:79:b5:89:6a:5d:d6:6b:6f:28:b0:
69:0c:5e:58:15:bf:bc:43:f3:8b:fa:bf:27:e6:b6:
99:a9:4a:82:fd:d5:31:bf:26:7e:f5:9b:97:33:a6:
00:a4:ab:41:73:6b:5a:49:a7:e4:62:23:a4:e5:12:
d8:27:48:15:80:ce:3f:3f:20:b9:60:ff:e6:dc:5a:
2f:b4:b3:e7:51:01:4f:21:38:ef:ef:18:2d:b2:97:
20:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:5D:BB:EB:DE:23:D8:26:DD:1B:AF:E9:94:D2:B0:FA:22:57:C8:76
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/xF27694j2CbdG6_plNKw-iJXyHY.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
34:bc:34:09:17:bf:bb:f6:d1:f6:8a:9d:98:4d:f8:0a:0f:6c:
94:18:c3:90:c8:81:fb:71:97:18:0f:2c:c0:83:38:de:cf:69:
8f:60:0b:18:f8:a1:41:0a:ab:19:5c:4c:ca:f6:6a:b3:ac:bd:
1c:c6:7b:cb:42:7d:82:6c:93:45:7e:f0:4e:98:b5:c6:5e:e9:
2e:f2:b6:81:2b:71:33:c9:14:05:2c:e7:9d:2b:60:a2:cf:b3:
f6:de:fc:8d:a1:b5:a2:d4:08:7a:ca:30:7c:a5:7b:50:4c:d3:
71:05:aa:20:30:75:3c:b8:eb:fd:81:05:76:7f:e2:2c:5c:05:
9e:9b:3d:f6:8e:c8:f2:3b:bf:a9:87:3f:76:63:fe:93:e9:08:
19:58:9d:17:6d:bf:03:8e:8a:c3:5d:53:a4:f0:37:bd:f9:fa:
0e:bc:2c:ed:2d:28:41:95:ce:b3:39:ab:17:e0:89:fc:0c:91:
4b:bd:9b:d2:e6:06:cb:b5:0c:36:d0:e1:65:1a:fa:3d:7f:d9:
74:2a:2e:4d:47:74:cd:d2:67:f1:dd:d8:e1:59:1c:a6:83:63:
f4:1b:72:2e:8d:59:41:1b:ef:7a:74:29:f2:1b:43:b7:a4:93:
6d:c0:2f:32:cb:be:5a:db:97:a3:14:75:72:3d:49:c0:d2:f6:
80:5c:60:12
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICPkMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTEx
NDIzMTVaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEM0NURCQkVCREUyM0Q4
MjZERDFCQUZFOTk0RDJCMEZBMjI1N0M4NzYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDM0mzh4OPanOnjmOkpSNrFbHeUh4mwRAR74eyiSaXGxgK/xsn2
kc65tGqvX4Ps31K1BbKJvMtpg7uhw/RhiUHUy71birdxd9rbrnZYsNwLSMXjpwEG
r3/+h7kubDqUXWKadJ8D7AZ761yRiAFuKJwgasj7uzGQqFs0FWKGqfsHkoOSxy18
GdfXCQODNkUThobX+REF74SP8G1JwZmwn1jpHzUXN3jeeOxRebWJal3Wa28osGkM
XlgVv7xD84v6vyfmtpmpSoL91TG/Jn71m5czpgCkq0Fza1pJp+RiI6TlEtgnSBWA
zj8/ILlg/+bcWi+0s+dRAU8hOO/vGC2ylyAbAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUxF27694j2CbdG6/plNKw+iJXyHYwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3hGMjc2OTRqMkNiZEc2
X3BsTkt3LWlKWHlIWS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBADS8NAkXv7v20faKnZhN+AoPbJQYw5DI
gftxlxgPLMCDON7PaY9gCxj4oUEKqxlcTMr2arOsvRzGe8tCfYJsk0V+8E6YtcZe
6S7ytoErcTPJFAUs550rYKLPs/be/I2htaLUCHrKMHyle1BM03EFqiAwdTy46/2B
BXZ/4ixcBZ6bPfaOyPI7v6mHP3Zj/pPpCBlYnRdtvwOOisNdU6TwN735+g68LO0t
KEGVzrM5qxfgifwMkUu9m9LmBsu1DDbQ4WUa+j1/2XQqLk1HdM3SZ/Hd2OFZHKaD
Y/Qbci6NWUEb73p0KfIbQ7ekk23ALzLLvlrbl6MUdXI9ScDS9oBcYBI=
-----END CERTIFICATE-----
Generated at Thu Apr 11 20:58:45 2024 by rpki-client on console.sobornost.net