Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/6cXQvPmUm7xuRLx0xhizjQkNhdM.roa
File: 6cXQvPmUm7xuRLx0xhizjQkNhdM.roa (raw, json)
Hash identifier: j5EHXVCmcim2Ds5osnpLhnS0cm+po/EP7AXBmfK9hMo=
Subject key identifier: E9:C5:D0:BC:F9:94:9B:BC:6E:44:BC:74:C6:18:B3:8D:09:0D:85:D3
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 5467
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/6cXQvPmUm7xuRLx0xhizjQkNhdM.roa
Signing time: Sat 11 May 2024 02:54:04 +0000
ROA not before: Sat 11 May 2024 02:54:04 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21607 (0x5467)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 11 02:54:04 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=E9C5D0BCF9949BBC6E44BC74C618B38D090D85D3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:c4:08:1a:da:75:32:d7:23:21:ca:fe:08:29:
30:97:2c:2b:1e:e3:28:14:32:4c:42:4a:2e:36:2d:
22:8b:94:11:9b:4d:83:bc:10:f1:54:13:ae:f2:b3:
1f:84:bd:7b:36:59:31:98:ae:bd:74:2f:42:be:92:
9d:8f:e1:74:0e:9e:1a:8f:97:8b:fe:05:c5:c9:95:
fe:7f:fd:50:8b:ef:c9:8c:32:a5:70:d4:5f:95:c8:
fb:f0:d2:83:86:3c:fb:de:b4:15:bf:b0:aa:15:9b:
7c:96:b9:89:86:7c:e6:e7:28:51:fa:75:87:7e:85:
67:da:b1:38:99:d3:58:75:f9:a9:06:1a:b8:f1:1f:
63:fd:31:51:5a:b0:4b:c7:4f:76:76:59:b4:bf:9c:
c1:70:b6:4c:f4:2a:9f:ea:9f:28:b4:5b:37:fb:be:
88:fe:9a:75:9c:00:29:fb:b3:f9:72:8a:bc:b7:ef:
8d:09:4b:4c:a9:1c:a8:c4:0f:62:af:f8:a6:3a:f0:
3f:49:35:17:0f:ac:43:af:ce:87:96:1e:53:7f:b4:
ef:0e:87:db:59:3e:58:73:9f:a2:4f:62:99:b1:dd:
5a:eb:38:4e:84:5c:a2:cc:89:93:7c:1e:44:c2:7a:
fb:cf:30:25:1c:62:f7:0c:26:72:83:04:93:de:40:
44:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:C5:D0:BC:F9:94:9B:BC:6E:44:BC:74:C6:18:B3:8D:09:0D:85:D3
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/6cXQvPmUm7xuRLx0xhizjQkNhdM.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
55:fa:71:58:cf:07:ad:38:e0:9b:68:ea:95:b8:63:18:26:41:
ed:0d:a9:87:11:35:05:34:a9:1a:97:74:8c:50:b8:fc:24:6b:
a2:86:68:5b:9b:01:b9:32:8c:29:ba:cb:e6:3b:6d:73:06:8c:
8c:a8:81:85:0c:10:8b:37:7c:47:36:f6:d2:c3:5b:92:f6:95:
7a:f3:6e:30:e3:f7:13:56:62:fc:e8:66:cb:85:75:97:eb:28:
7f:6a:13:05:7f:66:d7:bf:96:cc:4c:a4:a8:74:de:d9:48:d7:
15:c4:be:44:f9:11:d2:20:bc:9f:cc:88:ee:62:80:ed:c4:ae:
05:f6:94:d4:79:a4:aa:a1:96:66:93:48:ee:20:4f:e6:96:79:
1b:28:d8:e9:98:58:6b:a5:43:99:24:72:ad:53:58:f2:84:bc:
35:1e:db:f0:8b:3a:6e:6c:9b:ab:a5:d3:3f:0b:e3:6a:6d:41:
51:60:62:39:60:be:0a:18:09:ca:33:c2:c5:a7:60:f4:83:ac:
77:9c:03:50:d2:ec:8d:38:6e:38:87:90:88:c4:e2:e1:ca:65:
73:85:50:5e:9a:98:2b:bb:9f:39:ff:79:4f:ba:bd:fc:24:a5:
7e:7a:f5:e6:2d:e0:da:90:f5:94:69:68:61:0c:89:fa:d8:bf:
dc:3e:b4:76
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICVGcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MTEw
MjU0MDRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEU5QzVEMEJDRjk5NDlC
QkM2RTQ0QkM3NEM2MThCMzhEMDkwRDg1RDMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDcxAga2nUy1yMhyv4IKTCXLCse4ygUMkxCSi42LSKLlBGbTYO8
EPFUE67ysx+EvXs2WTGYrr10L0K+kp2P4XQOnhqPl4v+BcXJlf5//VCL78mMMqVw
1F+VyPvw0oOGPPvetBW/sKoVm3yWuYmGfObnKFH6dYd+hWfasTiZ01h1+akGGrjx
H2P9MVFasEvHT3Z2WbS/nMFwtkz0Kp/qnyi0Wzf7voj+mnWcACn7s/lyiry3740J
S0ypHKjED2Kv+KY68D9JNRcPrEOvzoeWHlN/tO8Oh9tZPlhzn6JPYpmx3VrrOE6E
XKLMiZN8HkTCevvPMCUcYvcMJnKDBJPeQETDAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQU6cXQvPmUm7xuRLx0xhizjQkNhdMwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzZjWFF2UG1VbTd4dVJM
eDB4aGl6alFrTmhkTS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAFX6cVjPB6044Jto6pW4YxgmQe0NqYcR
NQU0qRqXdIxQuPwka6KGaFubAbkyjCm6y+Y7bXMGjIyogYUMEIs3fEc29tLDW5L2
lXrzbjDj9xNWYvzoZsuFdZfrKH9qEwV/Zte/lsxMpKh03tlI1xXEvkT5EdIgvJ/M
iO5igO3ErgX2lNR5pKqhlmaTSO4gT+aWeRso2OmYWGulQ5kkcq1TWPKEvDUe2/CL
Om5sm6ul0z8L42ptQVFgYjlgvgoYCcozwsWnYPSDrHecA1DS7I04bjiHkIjE4uHK
ZXOFUF6amCu7nzn/eU+6vfwkpX569eYt4NqQ9ZRpaGEMifrYv9w+tHY=
-----END CERTIFICATE-----
Generated at Sun May 18 02:16:21 2025 by rpki-client