Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/-kzZBztUQ-ZC9agbuB1ATsPdnMU.roa
File: -kzZBztUQ-ZC9agbuB1ATsPdnMU.roa (raw, json)
Hash identifier: pMI6iZ7N4pUypbCYUsV1Lq/efxQ73CiD/rpHOuFzCCk=
Subject key identifier: FA:4C:D9:07:3B:54:43:E6:42:F5:A8:1B:B8:1D:40:4E:C3:DD:9C:C5
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4963
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/-kzZBztUQ-ZC9agbuB1ATsPdnMU.roa
Signing time: Fri 26 Apr 2024 10:23:21 +0000
ROA not before: Fri 26 Apr 2024 10:23:21 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18787 (0x4963)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 26 10:23:21 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=FA4CD9073B5443E642F5A81BB81D404EC3DD9CC5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:49:75:6b:52:67:36:3e:a5:c0:7c:23:b7:08:
8c:ee:0b:da:89:4b:75:e0:8b:aa:cb:6f:1d:39:1f:
93:7a:45:ce:f6:26:f1:e9:18:24:00:a8:77:90:01:
38:c5:f3:09:4c:dc:88:0d:cd:88:82:ed:b4:ac:63:
fe:d9:c6:c8:bf:a6:14:27:e9:08:7c:d8:de:0f:43:
46:28:83:09:af:c0:b8:dd:eb:7b:1c:bf:4a:92:c5:
11:6a:39:f5:e3:7a:0b:68:71:a9:58:6d:66:db:79:
3f:ec:b4:86:c3:d4:ae:08:cf:89:c5:73:5f:04:29:
06:62:0e:bf:1a:d4:71:7f:5f:16:f5:4e:a2:72:2a:
e3:d5:86:98:95:09:14:77:7e:e1:4b:e4:42:49:9a:
50:f9:eb:04:79:06:be:1d:28:40:0f:7a:43:30:e3:
a0:a6:96:84:9e:05:9d:d7:0b:d9:f7:9b:c9:b5:08:
28:d4:10:6e:bb:d2:16:fb:09:ed:0b:dd:90:27:d5:
1f:14:e0:0b:c6:0e:8f:a6:fe:49:06:63:33:49:1c:
a1:05:05:be:57:ef:a7:2b:ba:8d:6a:b8:99:c2:a3:
5d:49:0e:df:fa:22:bc:77:45:c5:e2:f8:56:48:6b:
3e:13:fc:66:d8:43:12:b0:b4:81:91:a2:1c:e5:a3:
38:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:4C:D9:07:3B:54:43:E6:42:F5:A8:1B:B8:1D:40:4E:C3:DD:9C:C5
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/-kzZBztUQ-ZC9agbuB1ATsPdnMU.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
44:c7:a6:d0:4e:b5:e7:f2:0e:a4:c7:dc:af:a1:cb:f4:29:df:
1a:dd:c7:13:03:96:3c:11:de:e5:cc:b3:96:9c:b2:f8:ac:7f:
03:de:67:16:f1:49:e9:c7:2c:5e:d1:71:d7:1c:0f:2d:a1:cf:
26:8f:5c:04:0d:47:78:d0:98:50:2d:d8:69:fc:f6:53:0c:b0:
02:ce:de:98:ed:d7:7c:e6:42:3b:ff:ff:cb:7f:a7:37:22:cb:
ba:d1:08:dd:b7:8a:38:80:87:5e:2a:e2:dd:66:86:53:13:5c:
e7:6e:18:90:1f:50:96:28:21:27:21:10:9e:17:e1:30:45:f2:
1a:47:bd:82:9f:07:a4:23:e6:f7:ff:68:16:77:b5:1d:5c:af:
d9:4d:d0:64:98:fb:5f:c7:31:56:92:d5:1d:aa:b7:57:64:c9:
3a:b3:30:43:f9:c4:4e:35:93:dc:45:8a:72:62:8e:f5:5c:75:
8c:ba:99:5e:00:f0:d5:5d:34:a9:bc:37:0b:05:64:54:c6:af:
1a:01:84:4d:80:a7:b0:da:ce:c4:5c:e9:1a:90:26:5f:1c:8a:
91:f4:de:8f:d1:8a:e1:17:f1:ad:bc:48:c1:e5:c4:c6:dd:ee:
a9:6e:ab:83:96:e2:bb:ef:77:23:cb:0d:82:0d:f9:ae:77:3b:
5a:7e:99:aa
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICSWMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MjYx
MDIzMjFaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEZBNENEOTA3M0I1NDQz
RTY0MkY1QTgxQkI4MUQ0MDRFQzNERDlDQzUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCsSXVrUmc2PqXAfCO3CIzuC9qJS3Xgi6rLbx05H5N6Rc72JvHp
GCQAqHeQATjF8wlM3IgNzYiC7bSsY/7Zxsi/phQn6Qh82N4PQ0YogwmvwLjd63sc
v0qSxRFqOfXjegtocalYbWbbeT/stIbD1K4Iz4nFc18EKQZiDr8a1HF/Xxb1TqJy
KuPVhpiVCRR3fuFL5EJJmlD56wR5Br4dKEAPekMw46CmloSeBZ3XC9n3m8m1CCjU
EG670hb7Ce0L3ZAn1R8U4AvGDo+m/kkGYzNJHKEFBb5X76cruo1quJnCo11JDt/6
Irx3RcXi+FZIaz4T/GbYQxKwtIGRohzlozg5AgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQU+kzZBztUQ+ZC9agbuB1ATsPdnMUwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3Ly1relpCenRVUS1aQzlh
Z2J1QjFBVHNQZG5NVS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAETHptBOtefyDqTH3K+hy/Qp3xrdxxMD
ljwR3uXMs5acsvisfwPeZxbxSenHLF7RcdccDy2hzyaPXAQNR3jQmFAt2Gn89lMM
sALO3pjt13zmQjv//8t/pzciy7rRCN23ijiAh14q4t1mhlMTXOduGJAfUJYoISch
EJ4X4TBF8hpHvYKfB6Qj5vf/aBZ3tR1cr9lN0GSY+1/HMVaS1R2qt1dkyTqzMEP5
xE41k9xFinJijvVcdYy6mV4A8NVdNKm8NwsFZFTGrxoBhE2Ap7DazsRc6RqQJl8c
ipH03o/RiuEX8a28SMHlxMbd7qluq4OW4rvvdyPLDYIN+a53O1p+mao=
-----END CERTIFICATE-----
Generated at Sun May 18 09:09:20 2025 by rpki-client