Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/BJn9v-mFEiBSZJMoiRpqd49CmDc.roa
File: BJn9v-mFEiBSZJMoiRpqd49CmDc.roa (raw, json)
Hash identifier: cnqlv66+6ntMN1NU7TZD7BiiPTTL4TpGKn9xAenw22o=
Subject key identifier: 04:99:FD:BF:E9:85:12:20:52:64:93:28:89:1A:6A:77:8F:42:98:37
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 40BB
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/BJn9v-mFEiBSZJMoiRpqd49CmDc.roa
Signing time: Sun 14 Apr 2024 21:22:52 +0000
ROA not before: Sun 14 Apr 2024 21:22:52 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16571 (0x40bb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 14 21:22:52 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=0499FDBFE985122052649328891A6A778F429837
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:89:ec:f9:96:59:af:d6:c6:c6:6f:e3:5e:c7:
17:09:99:77:8b:d0:53:58:1b:2c:80:87:bf:56:f5:
84:44:0b:5d:7e:92:ad:09:8f:c0:66:b1:f5:d0:3b:
43:dc:7f:6d:59:c3:0f:09:bf:46:97:df:d9:0d:cf:
cc:6f:36:70:1d:47:f3:10:fe:81:e8:8b:00:b9:d5:
e2:10:0e:60:5a:ec:42:b0:6c:ec:cf:70:95:14:9c:
d2:7f:1e:a5:b4:0a:83:60:18:32:61:9a:41:fa:30:
73:25:aa:58:b0:a7:1a:80:0d:e9:05:40:10:af:28:
18:a1:9d:2f:69:c4:8f:fb:e3:31:e9:2d:b1:11:80:
f8:e2:ca:b8:5f:c1:ac:99:04:51:35:ba:2c:24:63:
ff:ca:a9:f7:1b:8f:ad:dc:41:be:f3:13:41:2a:fc:
94:3e:13:0c:d3:1d:5c:5a:b9:1b:e9:4a:21:a0:0c:
3e:a4:03:ca:1c:3a:3b:fe:1c:29:2e:d5:db:bb:1f:
45:ca:1f:f8:1b:ba:b8:25:0c:f5:66:da:ef:4f:a8:
72:d1:e1:8e:94:a2:38:cc:43:ae:58:85:34:d8:26:
9f:63:6f:21:a6:2f:c8:38:03:22:ff:c0:5b:4d:d7:
d8:87:7c:9f:b5:c2:ee:f7:22:fb:e2:76:7f:1d:03:
de:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:99:FD:BF:E9:85:12:20:52:64:93:28:89:1A:6A:77:8F:42:98:37
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/BJn9v-mFEiBSZJMoiRpqd49CmDc.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
85:94:7d:ab:c5:f6:77:b3:c3:78:22:5e:f2:48:a3:6b:7d:e0:
50:5a:a8:11:5f:8e:8e:04:68:7b:c6:5d:d5:b3:4a:c5:c6:a2:
65:c9:29:ed:aa:0d:a8:25:fb:71:16:08:d7:cc:1b:64:c1:aa:
4d:6d:9d:78:06:5a:81:0b:ca:44:ce:85:65:15:e5:1a:5d:e0:
10:b5:a5:01:ce:d1:b2:b8:2d:5f:99:b7:e7:2e:77:e2:f1:24:
43:6a:37:56:fb:4b:79:47:b4:de:0b:7d:7e:bc:e3:c7:c5:72:
bf:7e:1c:9e:ac:bd:6d:b9:74:0e:44:c4:ee:5b:c1:0e:e8:5f:
2d:57:a0:e4:ad:75:ad:46:a7:51:d5:e3:8d:ae:ea:69:1e:18:
f0:c4:18:73:60:11:35:69:f8:a7:d3:77:9f:a3:ea:ce:2a:1c:
28:29:e4:b4:b5:02:59:8e:f1:83:e5:74:ce:f7:0b:fe:05:b8:
c0:58:8e:41:e0:f7:5f:c6:5c:d0:0c:68:bb:4a:d2:b2:dd:4f:
94:47:f7:7c:e4:ed:c5:2b:5b:1b:34:74:f7:7b:9b:81:b2:30:
8e:20:ea:f4:39:48:42:c2:f7:64:e8:08:50:a4:e4:eb:a5:07:
15:06:82:07:7e:62:a9:e6:cc:67:72:87:34:30:9b:6f:a0:a0:
3e:75:1c:54
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICQLswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTQy
MTIyNTJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDA0OTlGREJGRTk4NTEy
MjA1MjY0OTMyODg5MUE2QTc3OEY0Mjk4MzcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCgiez5llmv1sbGb+NexxcJmXeL0FNYGyyAh79W9YREC11+kq0J
j8BmsfXQO0Pcf21Zww8Jv0aX39kNz8xvNnAdR/MQ/oHoiwC51eIQDmBa7EKwbOzP
cJUUnNJ/HqW0CoNgGDJhmkH6MHMlqliwpxqADekFQBCvKBihnS9pxI/74zHpLbER
gPjiyrhfwayZBFE1uiwkY//Kqfcbj63cQb7zE0Eq/JQ+EwzTHVxauRvpSiGgDD6k
A8ocOjv+HCku1du7H0XKH/gburglDPVm2u9PqHLR4Y6UojjMQ65YhTTYJp9jbyGm
L8g4AyL/wFtN19iHfJ+1wu73Ivvidn8dA96dAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUBJn9v+mFEiBSZJMoiRpqd49CmDcwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0JKbjl2LW1GRWlCU1pK
TW9pUnBxZDQ5Q21EYy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAIWUfavF9nezw3giXvJIo2t94FBaqBFf
jo4EaHvGXdWzSsXGomXJKe2qDagl+3EWCNfMG2TBqk1tnXgGWoELykTOhWUV5Rpd
4BC1pQHO0bK4LV+Zt+cud+LxJENqN1b7S3lHtN4LfX6848fFcr9+HJ6svW25dA5E
xO5bwQ7oXy1XoOStda1Gp1HV442u6mkeGPDEGHNgETVp+KfTd5+j6s4qHCgp5LS1
AlmO8YPldM73C/4FuMBYjkHg91/GXNAMaLtK0rLdT5RH93zk7cUrWxs0dPd7m4Gy
MI4g6vQ5SELC92ToCFCk5OulBxUGggd+YqnmzGdyhzQwm2+goD51HFQ=
-----END CERTIFICATE-----
Generated at Sat May 17 19:45:47 2025 by rpki-client