Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/5ljk7RXNO4VbOuvITKBDV0VaWvs.roa
File: 5ljk7RXNO4VbOuvITKBDV0VaWvs.roa (raw, json)
Hash identifier: Z8PCy/YpOPeiN01bvKhWQBLQTiB1oyN3RPkCVb4nHqs=
Subject key identifier: E6:58:E4:ED:15:CD:3B:85:5B:3A:EB:C8:4C:A0:43:57:45:5A:5A:FB
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 408F
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/5ljk7RXNO4VbOuvITKBDV0VaWvs.roa
Signing time: Sun 14 Apr 2024 15:53:23 +0000
ROA not before: Sun 14 Apr 2024 15:53:23 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16527 (0x408f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 14 15:53:23 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=E658E4ED15CD3B855B3AEBC84CA04357455A5AFB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:d7:1d:02:fc:a4:de:4a:44:38:a5:16:69:23:
cd:6c:b5:8d:a9:e9:26:14:86:fd:c2:40:c8:d8:e3:
3f:57:2c:c6:16:ab:d6:83:db:b8:49:a7:60:e0:a4:
b8:95:fc:93:41:07:a8:ba:c5:f0:f8:e7:e7:50:32:
22:22:47:64:0a:12:79:79:d4:8f:40:e1:36:88:45:
05:c1:d6:c3:85:5e:f4:5b:1e:b0:61:52:82:5a:10:
a7:ba:3e:7d:53:58:98:fe:75:db:07:75:24:1d:1b:
af:81:8a:12:dd:e8:63:c0:cf:5f:f3:f7:b5:34:16:
98:ce:ee:d5:f3:f9:e9:60:41:50:f0:b1:93:15:d2:
93:4a:76:3c:02:f5:c5:d9:34:8a:7a:65:22:e4:7f:
97:ec:f5:3f:3b:b0:bb:ee:2f:0c:c5:51:e5:cc:f1:
c3:6e:3e:a3:3c:96:2c:77:ee:d1:da:33:f7:04:cb:
35:4a:55:7e:da:4e:28:f9:70:32:49:e5:dc:50:ea:
c8:bb:dd:89:9e:fc:b6:c8:b8:e3:1a:bc:86:6a:84:
4e:b9:53:f9:a7:62:6c:2b:eb:b0:51:88:7d:b4:02:
76:b9:c1:5e:f9:41:17:42:7b:d5:59:50:d5:fc:83:
41:b5:a1:f6:8a:45:48:1a:3f:d5:bd:85:3b:80:46:
68:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:58:E4:ED:15:CD:3B:85:5B:3A:EB:C8:4C:A0:43:57:45:5A:5A:FB
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/5ljk7RXNO4VbOuvITKBDV0VaWvs.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
13:50:ab:9b:2d:99:83:ff:35:69:60:0a:5c:35:83:b3:88:0d:
78:ff:f9:1e:bf:23:58:89:fc:88:37:29:ef:5a:2d:50:d2:8c:
96:99:dd:b5:f1:18:a9:03:a0:be:ea:45:ff:d4:3b:7f:5e:3c:
65:3b:61:ee:4d:e5:1a:6f:14:7a:5e:20:20:fd:49:aa:5a:5d:
f6:25:3a:d1:08:b0:aa:ec:b4:38:5d:41:44:14:f6:30:74:1c:
6b:f5:85:bc:c5:ac:8a:83:17:15:21:1e:c9:f2:fa:78:a6:3e:
88:51:91:f2:6b:2f:1b:96:c3:b3:bb:92:4a:ff:97:9f:22:9c:
12:96:bc:5e:cc:e2:d7:71:24:c4:ad:da:1d:20:1b:80:e4:38:
01:60:5b:9d:72:2d:14:c7:67:4e:fd:c3:2b:42:fa:76:2a:53:
bb:76:9c:50:08:cf:35:90:dc:71:a6:ee:67:d0:32:a2:72:03:
af:8c:9f:b8:6e:20:5a:c0:ce:e2:28:a1:16:0b:b4:ab:d0:4b:
ea:fb:99:11:9f:c0:04:dc:3e:cd:0a:60:0d:ee:49:09:96:a7:
5c:ba:60:a9:36:46:89:15:e8:e3:07:2b:29:c0:b2:68:5c:5a:
ee:60:e5:a8:b9:35:ca:c3:1e:e4:a8:96:a9:a8:94:da:d0:e4:
c2:c1:a0:ae
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICQI8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTQx
NTUzMjNaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEU2NThFNEVEMTVDRDNC
ODU1QjNBRUJDODRDQTA0MzU3NDU1QTVBRkIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDR1x0C/KTeSkQ4pRZpI81stY2p6SYUhv3CQMjY4z9XLMYWq9aD
27hJp2DgpLiV/JNBB6i6xfD45+dQMiIiR2QKEnl51I9A4TaIRQXB1sOFXvRbHrBh
UoJaEKe6Pn1TWJj+ddsHdSQdG6+BihLd6GPAz1/z97U0FpjO7tXz+elgQVDwsZMV
0pNKdjwC9cXZNIp6ZSLkf5fs9T87sLvuLwzFUeXM8cNuPqM8lix37tHaM/cEyzVK
VX7aTij5cDJJ5dxQ6si73Yme/LbIuOMavIZqhE65U/mnYmwr67BRiH20Ana5wV75
QRdCe9VZUNX8g0G1ofaKRUgaP9W9hTuARmhTAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQU5ljk7RXNO4VbOuvITKBDV0VaWvswHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzVsams3UlhOTzRWYk91
dklUS0JEVjBWYVd2cy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBABNQq5stmYP/NWlgClw1g7OIDXj/+R6/
I1iJ/Ig3Ke9aLVDSjJaZ3bXxGKkDoL7qRf/UO39ePGU7Ye5N5RpvFHpeICD9Sapa
XfYlOtEIsKrstDhdQUQU9jB0HGv1hbzFrIqDFxUhHsny+nimPohRkfJrLxuWw7O7
kkr/l58inBKWvF7M4tdxJMSt2h0gG4DkOAFgW51yLRTHZ079wytC+nYqU7t2nFAI
zzWQ3HGm7mfQMqJyA6+Mn7huIFrAzuIooRYLtKvQS+r7mRGfwATcPs0KYA3uSQmW
p1y6YKk2RokV6OMHKynAsmhcWu5g5ai5NcrDHuSolqmolNrQ5MLBoK4=
-----END CERTIFICATE-----
Generated at Sat May 17 21:30:18 2025 by rpki-client