Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/Baad4_A6T4ImTfroZJrAIqkyhbk.roa
File: Baad4_A6T4ImTfroZJrAIqkyhbk.roa (raw, json)
Hash identifier: pjZKkwepvO5Flq6ybga0Gpixw0i9LbQRy0mPB8OzaeM=
Subject key identifier: 05:A6:9D:E3:F0:3A:4F:82:26:4D:FA:E8:64:9A:C0:22:A9:32:85:B9
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 47A7
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/Baad4_A6T4ImTfroZJrAIqkyhbk.roa
Signing time: Wed 24 Apr 2024 02:53:15 +0000
ROA not before: Wed 24 Apr 2024 02:53:15 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18343 (0x47a7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 24 02:53:15 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=05A69DE3F03A4F82264DFAE8649AC022A93285B9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:97:8d:3a:00:e5:3e:19:b2:97:76:a5:53:37:
94:3d:dc:a9:1b:7e:ae:5f:a6:e5:f9:69:80:4e:de:
ec:e2:36:37:c1:66:01:f7:3a:5b:6d:d2:57:ad:25:
22:5c:a0:5f:b8:7e:ef:53:21:a2:fe:dc:dc:ad:1b:
12:55:22:34:5c:83:c0:f8:f5:21:8b:cc:4b:21:82:
22:92:e7:e0:20:31:b5:34:b7:d0:f3:b1:e5:de:1e:
1d:40:27:90:75:73:09:8c:c9:19:d4:ce:81:c3:b0:
b3:47:59:c5:73:f3:57:76:90:c3:6e:6a:b6:57:91:
41:15:45:d1:25:5d:b2:94:1d:0c:2a:b7:bd:d6:5d:
c4:31:36:ae:5b:45:d2:9b:da:e9:34:32:49:5a:c0:
93:f4:79:27:b0:3f:47:dd:1a:fd:65:63:5e:2a:18:
63:3a:eb:02:40:59:c0:61:35:f5:b0:4a:07:70:a6:
81:57:fe:e3:d5:37:01:59:f3:b2:fb:9b:13:02:ba:
ca:4f:e3:31:08:5f:9d:c3:00:72:58:7b:1e:99:5e:
55:b9:9a:2d:92:33:e4:43:0e:0f:b3:4d:1d:8b:49:
af:80:f7:cd:e2:ea:2b:cb:90:c4:97:1a:46:3f:ab:
a1:80:cb:65:93:fa:f7:dc:fd:ac:3c:05:50:6c:e3:
63:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:A6:9D:E3:F0:3A:4F:82:26:4D:FA:E8:64:9A:C0:22:A9:32:85:B9
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/Baad4_A6T4ImTfroZJrAIqkyhbk.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
1e:5d:12:b3:f4:cb:75:7a:cc:bb:09:8a:8c:34:7b:0d:bf:fc:
d2:38:4d:d4:40:6a:23:95:32:f6:49:75:44:45:e1:8d:72:6a:
9e:23:ec:55:3d:3c:c6:62:e1:1a:7f:34:ff:83:4a:4b:9c:e0:
8e:12:76:88:2f:00:a4:5a:2f:e4:0c:90:63:95:d2:a7:3e:24:
43:94:61:57:2b:8d:06:1b:77:10:a9:33:61:4d:57:0a:b6:29:
f6:5d:13:df:3e:d4:94:9e:8b:d8:19:39:89:f2:4c:e3:e6:97:
8b:21:0d:c2:34:97:7b:b3:9b:da:a2:89:f7:cc:98:92:53:27:
d9:84:57:b4:3f:95:e5:a5:aa:9f:80:32:82:b3:9b:e7:05:0c:
45:3b:63:c7:96:b9:d1:0a:b8:74:ff:ab:a9:12:9e:00:35:ae:
f9:ba:64:a6:70:a5:63:46:64:bd:92:b2:df:0a:1b:41:4f:14:
9f:75:e2:8b:bf:fc:f7:80:3e:ec:5a:26:26:e6:6d:d5:2c:84:
05:bd:bc:44:da:79:7b:a9:e5:71:a7:76:54:7a:53:c6:10:18:
29:7d:ab:8c:b7:3b:e1:db:97:7a:94:49:a8:aa:09:4f:3c:bd:
f0:68:9e:9e:c3:4d:b7:d3:d9:8d:cf:50:60:dc:d2:14:c3:11:
cf:46:1d:02
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICR6cwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MjQw
MjUzMTVaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDA1QTY5REUzRjAzQTRG
ODIyNjRERkFFODY0OUFDMDIyQTkzMjg1QjkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDMl406AOU+GbKXdqVTN5Q93Kkbfq5fpuX5aYBO3uziNjfBZgH3
Oltt0letJSJcoF+4fu9TIaL+3NytGxJVIjRcg8D49SGLzEshgiKS5+AgMbU0t9Dz
seXeHh1AJ5B1cwmMyRnUzoHDsLNHWcVz81d2kMNuarZXkUEVRdElXbKUHQwqt73W
XcQxNq5bRdKb2uk0MklawJP0eSewP0fdGv1lY14qGGM66wJAWcBhNfWwSgdwpoFX
/uPVNwFZ87L7mxMCuspP4zEIX53DAHJYex6ZXlW5mi2SM+RDDg+zTR2LSa+A983i
6ivLkMSXGkY/q6GAy2WT+vfc/aw8BVBs42PZAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUBaad4/A6T4ImTfroZJrAIqkyhbkwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0JhYWQ0X0E2VDRJbVRm
cm9aSnJBSXFreWhiay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAB5dErP0y3V6zLsJiow0ew2//NI4TdRA
aiOVMvZJdURF4Y1yap4j7FU9PMZi4Rp/NP+DSkuc4I4SdogvAKRaL+QMkGOV0qc+
JEOUYVcrjQYbdxCpM2FNVwq2KfZdE98+1JSei9gZOYnyTOPml4shDcI0l3uzm9qi
iffMmJJTJ9mEV7Q/leWlqp+AMoKzm+cFDEU7Y8eWudEKuHT/q6kSngA1rvm6ZKZw
pWNGZL2Sst8KG0FPFJ914ou//PeAPuxaJibmbdUshAW9vETaeXup5XGndlR6U8YQ
GCl9q4y3O+Hbl3qUSaiqCU88vfBonp7DTbfT2Y3PUGDc0hTDEc9GHQI=
-----END CERTIFICATE-----
Generated at Sat May 17 19:36:37 2025 by rpki-client