Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/6yjrT2P2oe9aulotCJZR2I_y7Z8.roa
File: 6yjrT2P2oe9aulotCJZR2I_y7Z8.roa (raw, json)
Hash identifier: Gw4F8UMe0T1OS/quDqHME2zLFmSiarp7Ps6psIGiITM=
Subject key identifier: EB:28:EB:4F:63:F6:A1:EF:5A:BA:5A:2D:08:96:51:D8:8F:F2:ED:9F
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4DDB
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/6yjrT2P2oe9aulotCJZR2I_y7Z8.roa
Signing time: Thu 02 May 2024 09:24:01 +0000
ROA not before: Thu 02 May 2024 09:24:01 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 19931 (0x4ddb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 2 09:24:01 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=EB28EB4F63F6A1EF5ABA5A2D089651D88FF2ED9F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:9c:61:bf:ab:96:54:0e:bf:be:fc:a1:15:43:
b3:65:88:cc:8f:bb:32:d8:48:7a:5f:57:72:85:70:
de:a2:1d:36:e8:f6:da:b0:e4:2f:f4:19:8c:23:8c:
39:d2:af:b0:40:1f:ba:9a:97:30:b6:58:92:08:5a:
83:bd:33:8b:d2:d2:a1:4a:1b:b8:20:d0:4d:bf:8f:
19:f1:e9:d7:30:54:87:1f:ce:79:8b:2b:63:5c:6f:
e5:92:1c:74:ef:f1:21:b5:5a:65:08:a6:df:18:50:
a8:33:b2:84:0e:b9:9c:2d:1d:3e:e8:4f:eb:80:ff:
70:20:c8:31:3c:8e:41:08:00:c4:2a:d9:b5:a8:b3:
60:e8:12:73:36:ef:b8:80:bb:f0:a2:ac:05:7b:15:
e7:83:8b:2f:32:33:0d:d5:7e:33:d8:f2:46:10:af:
f8:90:4b:4a:a4:71:21:93:7b:5a:78:9d:d8:5c:e6:
34:e4:96:7c:bb:08:db:db:08:7b:02:c4:38:98:69:
bf:77:30:63:ad:e4:ff:94:6e:ad:cc:41:2b:37:88:
db:9d:1b:f7:73:db:a1:87:99:35:de:43:b3:43:eb:
a0:53:cb:19:11:23:6b:2e:ec:c9:5e:e1:c6:ad:29:
49:b3:26:3e:85:ba:53:d3:07:73:e9:be:eb:dd:60:
b8:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:28:EB:4F:63:F6:A1:EF:5A:BA:5A:2D:08:96:51:D8:8F:F2:ED:9F
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/6yjrT2P2oe9aulotCJZR2I_y7Z8.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
64:b2:de:8f:fa:93:f2:22:cc:9c:a5:95:e5:0a:89:71:31:f3:
91:42:18:50:e9:36:18:fb:f0:64:53:80:cd:39:24:a3:f6:90:
49:9c:56:57:4c:75:bb:be:b6:a4:c7:e1:3a:1d:32:d2:d9:cb:
e8:12:7e:23:d9:68:cd:6e:16:c2:60:36:57:2c:54:f7:18:2f:
f0:ff:32:6f:3f:38:7b:9d:f5:5c:41:53:c1:e9:81:4d:9a:e3:
8f:4e:52:1d:43:07:73:a9:96:d4:96:a4:78:ba:3c:da:f0:8c:
3b:51:80:e2:a3:9c:0c:b8:00:72:6a:46:7e:bb:99:cd:28:83:
80:c5:dc:9f:50:d9:34:6b:d9:b6:5c:7e:b1:b0:a6:6f:a2:71:
e4:57:41:1a:fc:54:64:f3:29:4a:df:50:00:c6:b8:b2:41:f4:
6f:79:36:b9:80:7e:80:8d:aa:92:9f:ce:52:29:a0:7c:63:eb:
a8:b1:ef:15:fe:25:ee:18:5c:e0:73:fc:85:92:2e:03:72:5d:
10:26:31:8f:08:ac:15:bd:4b:64:51:40:23:51:5d:b3:b1:fd:
d6:31:3f:78:cd:a7:e7:b9:15:9b:03:02:82:49:04:87:b5:30:
c8:3b:9e:84:26:3f:4c:b4:51:cb:9a:50:d7:34:09:d9:5b:fb:
93:4c:d1:f3
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICTdswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDIw
OTI0MDFaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEVCMjhFQjRGNjNGNkEx
RUY1QUJBNUEyRDA4OTY1MUQ4OEZGMkVEOUYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC+nGG/q5ZUDr++/KEVQ7NliMyPuzLYSHpfV3KFcN6iHTbo9tqw
5C/0GYwjjDnSr7BAH7qalzC2WJIIWoO9M4vS0qFKG7gg0E2/jxnx6dcwVIcfznmL
K2Ncb+WSHHTv8SG1WmUIpt8YUKgzsoQOuZwtHT7oT+uA/3AgyDE8jkEIAMQq2bWo
s2DoEnM277iAu/CirAV7FeeDiy8yMw3VfjPY8kYQr/iQS0qkcSGTe1p4ndhc5jTk
lny7CNvbCHsCxDiYab93MGOt5P+Ubq3MQSs3iNudG/dz26GHmTXeQ7ND66BTyxkR
I2su7Mle4catKUmzJj6FulPTB3PpvuvdYLhNAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQU6yjrT2P2oe9aulotCJZR2I/y7Z8wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzZ5anJUMlAyb2U5YXVs
b3RDSlpSMklfeTdaOC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAGSy3o/6k/IizJylleUKiXEx85FCGFDp
Nhj78GRTgM05JKP2kEmcVldMdbu+tqTH4TodMtLZy+gSfiPZaM1uFsJgNlcsVPcY
L/D/Mm8/OHud9VxBU8HpgU2a449OUh1DB3OpltSWpHi6PNrwjDtRgOKjnAy4AHJq
Rn67mc0og4DF3J9Q2TRr2bZcfrGwpm+iceRXQRr8VGTzKUrfUADGuLJB9G95NrmA
foCNqpKfzlIpoHxj66ix7xX+Je4YXOBz/IWSLgNyXRAmMY8IrBW9S2RRQCNRXbOx
/dYxP3jNp+e5FZsDAoJJBIe1MMg7noQmP0y0UcuaUNc0Cdlb+5NM0fM=
-----END CERTIFICATE-----
Generated at Sat May 17 23:22:25 2025 by rpki-client