Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/8O8BrR65KHOvREmEWLHZDkrLGxg.roa
File: 8O8BrR65KHOvREmEWLHZDkrLGxg.roa (raw, json)
Hash identifier: FEgRu6XZuB3LzskLv/b3/Fm2KxkIhVxtTsT2bWZJTv0=
Subject key identifier: F0:EF:01:AD:1E:B9:28:73:AF:44:49:84:58:B1:D9:0E:4A:CB:1B:18
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 503B
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/8O8BrR65KHOvREmEWLHZDkrLGxg.roa
Signing time: Sun 05 May 2024 13:24:01 +0000
ROA not before: Sun 05 May 2024 13:24:01 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 20539 (0x503b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 5 13:24:01 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=F0EF01AD1EB92873AF44498458B1D90E4ACB1B18
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:06:1f:f6:b5:ee:98:76:83:ef:5b:ec:d6:2e:
37:47:8b:c4:a9:18:e7:24:6d:03:ea:da:3a:80:01:
48:53:68:93:a7:d8:16:23:b7:ac:c9:89:a8:c4:eb:
68:da:a4:a3:8a:05:01:8e:e6:23:1f:46:c1:b3:17:
d2:87:74:49:af:e6:e4:40:fe:db:19:af:d2:3e:a4:
57:85:39:53:4a:f6:e9:46:f5:16:b5:d8:26:4f:8f:
75:00:ae:56:fd:22:67:c8:c8:cb:60:9d:30:54:5a:
a6:2b:77:b1:03:c5:bf:be:f3:a5:41:16:ff:08:a9:
fd:ef:b6:d3:4b:a4:33:9e:37:fa:a3:ef:03:ef:7d:
5f:71:62:9d:c0:9d:06:45:0b:48:75:d0:37:fd:f4:
7d:71:91:1d:68:7c:51:26:6c:76:15:48:0a:b6:4c:
d8:ab:19:41:2d:d3:98:f5:d4:d6:3f:30:7f:e4:6f:
8c:46:0a:b9:1a:13:29:18:50:5d:55:e7:ec:30:6b:
60:81:82:b3:fb:df:ed:ec:5e:b0:e3:6b:06:7d:a4:
ff:94:d5:b1:e1:4d:6f:98:f8:5f:a7:3e:01:1c:98:
f7:d8:c8:1d:44:46:0c:7d:73:c4:7f:fa:47:7f:57:
44:c4:06:0f:f1:eb:e0:5b:7b:06:97:f1:70:ce:b5:
3e:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:EF:01:AD:1E:B9:28:73:AF:44:49:84:58:B1:D9:0E:4A:CB:1B:18
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/8O8BrR65KHOvREmEWLHZDkrLGxg.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
30:e2:9b:c8:29:4d:20:ea:e9:69:2f:5e:ec:aa:ff:c0:43:86:
88:13:8c:16:0f:d1:a4:1b:c8:54:5e:fe:c5:f9:3d:54:33:1b:
4d:08:7d:79:b5:2a:38:3e:d4:e2:e3:16:68:23:81:89:c9:21:
9b:ab:b6:86:e6:57:3a:ef:3c:95:12:95:39:3d:3b:b5:6e:6c:
1f:54:20:f2:5a:94:e4:a6:c2:db:4a:00:a8:e1:5b:07:45:a8:
96:b9:5d:e8:ab:62:b1:a7:74:09:70:a5:d3:dd:67:7e:5a:0f:
35:42:06:10:ca:26:07:33:60:0b:09:2d:96:7a:b5:52:05:54:
0f:6f:9f:39:6e:af:10:74:94:1b:7f:5e:e6:1e:d4:04:19:64:
c2:5e:c1:f5:e7:1c:70:3e:0e:92:03:3d:4e:f1:03:95:6f:95:
71:a7:24:52:ac:38:3c:a8:42:c3:5b:d5:e0:54:03:4b:5f:4c:
88:1d:96:82:14:0d:6f:9d:ca:7b:a2:0e:2e:62:c0:6d:9a:8d:
a0:5b:53:93:9c:60:74:8b:11:53:db:88:19:82:a2:34:91:28:
b1:d9:60:e1:f4:82:a2:71:49:a3:68:f0:42:78:cb:b7:7c:54:
0b:7a:4f:24:44:24:fa:62:e3:b5:66:5b:b3:30:e4:fc:fc:16:
fa:88:b3:91
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICUDswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDUx
MzI0MDFaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEYwRUYwMUFEMUVCOTI4
NzNBRjQ0NDk4NDU4QjFEOTBFNEFDQjFCMTgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCaBh/2te6YdoPvW+zWLjdHi8SpGOckbQPq2jqAAUhTaJOn2BYj
t6zJiajE62japKOKBQGO5iMfRsGzF9KHdEmv5uRA/tsZr9I+pFeFOVNK9ulG9Ra1
2CZPj3UArlb9ImfIyMtgnTBUWqYrd7EDxb++86VBFv8Iqf3vttNLpDOeN/qj7wPv
fV9xYp3AnQZFC0h10Df99H1xkR1ofFEmbHYVSAq2TNirGUEt05j11NY/MH/kb4xG
CrkaEykYUF1V5+wwa2CBgrP73+3sXrDjawZ9pP+U1bHhTW+Y+F+nPgEcmPfYyB1E
Rgx9c8R/+kd/V0TEBg/x6+BbewaX8XDOtT5zAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQU8O8BrR65KHOvREmEWLHZDkrLGxgwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzhPOEJyUjY1S0hPdlJF
bUVXTEhaRGtyTEd4Zy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBADDim8gpTSDq6WkvXuyq/8BDhogTjBYP
0aQbyFRe/sX5PVQzG00IfXm1Kjg+1OLjFmgjgYnJIZurtobmVzrvPJUSlTk9O7Vu
bB9UIPJalOSmwttKAKjhWwdFqJa5XeirYrGndAlwpdPdZ35aDzVCBhDKJgczYAsJ
LZZ6tVIFVA9vnzlurxB0lBt/XuYe1AQZZMJewfXnHHA+DpIDPU7xA5VvlXGnJFKs
ODyoQsNb1eBUA0tfTIgdloIUDW+dynuiDi5iwG2ajaBbU5OcYHSLEVPbiBmCojSR
KLHZYOH0gqJxSaNo8EJ4y7d8VAt6TyREJPpi47VmW7Mw5Pz8FvqIs5E=
-----END CERTIFICATE-----
Generated at Sun May 18 02:03:57 2025 by rpki-client