Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/C0FFlgH7--oE1MVfXqxlOgFOwJU.roa
File: C0FFlgH7--oE1MVfXqxlOgFOwJU.roa (raw, json)
Hash identifier: Bi7RI54403/hbkVCESzG+2R4PkAP2jkRr2wjTg8mxIg=
Subject key identifier: 0B:41:45:96:01:FB:FB:EA:04:D4:C5:5F:5E:AC:65:3A:01:4E:C0:95
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4D1B
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/C0FFlgH7--oE1MVfXqxlOgFOwJU.roa
Signing time: Wed 01 May 2024 09:23:37 +0000
ROA not before: Wed 01 May 2024 09:23:37 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 19739 (0x4d1b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 1 09:23:37 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=0B41459601FBFBEA04D4C55F5EAC653A014EC095
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:08:9f:14:c4:c9:b7:bb:43:5e:59:41:b6:63:
04:9c:f4:b6:a8:c2:4b:4e:26:52:33:ec:4b:ad:a1:
aa:36:11:44:fc:d1:df:c3:12:bb:c2:a6:49:0b:26:
c6:fa:ca:af:d8:27:78:81:11:35:83:97:1c:f3:1d:
3d:1d:81:04:7d:d1:4c:70:fa:cd:be:85:99:02:d5:
b6:5d:b0:ce:92:ae:ff:ea:70:10:bb:a7:19:11:75:
87:94:3e:87:43:c8:be:95:8b:3b:48:52:bf:2b:f8:
6e:a2:de:e1:a7:ab:00:b4:73:58:d1:f0:86:a6:96:
27:0f:6e:f6:f0:40:3e:31:87:17:3a:2b:f1:05:80:
66:df:cb:89:b3:b9:da:a8:07:4b:dd:92:61:9e:5c:
62:4a:0b:b8:50:4a:04:b8:eb:b9:a2:e0:3e:99:43:
19:45:b3:a9:09:27:3c:5c:31:d8:0e:23:88:ce:8a:
97:9c:07:e8:bb:b6:2b:88:e6:04:00:2f:6f:e0:3b:
1a:f3:7c:90:70:44:33:26:bb:bc:55:01:b0:d0:ac:
6d:31:d6:28:31:dd:51:92:d2:2a:fe:ff:24:6e:35:
23:71:93:d7:2f:24:cc:90:74:81:2e:b1:fa:4f:f4:
cd:b4:01:4f:b5:c4:45:70:1a:0c:79:db:24:92:7c:
6b:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:41:45:96:01:FB:FB:EA:04:D4:C5:5F:5E:AC:65:3A:01:4E:C0:95
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/C0FFlgH7--oE1MVfXqxlOgFOwJU.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
ab:73:e2:e3:5e:1e:6c:e2:4b:4c:a2:fa:44:de:18:10:be:c4:
04:6f:4f:57:52:d5:25:f4:e9:36:9e:11:89:e4:61:05:ba:56:
f0:16:01:5a:75:8f:3e:7d:dd:d9:60:fe:14:83:e6:aa:a8:ef:
f1:e8:e2:1e:19:03:8f:9e:9f:8f:63:5f:7e:a1:28:50:13:75:
14:e4:c0:ed:29:16:1e:cf:57:ba:69:2b:8a:06:60:79:c7:d9:
5f:84:3c:49:36:31:8b:8d:42:46:cd:4e:41:b4:73:e6:5a:49:
2a:13:1c:ea:fa:d4:0a:76:0b:70:49:79:61:ff:58:14:1b:ed:
5e:b9:fb:c2:d1:1d:9b:b4:d6:a8:57:eb:08:da:48:bd:4b:0b:
1e:d4:2b:15:b9:25:2e:18:b4:35:ff:e0:bf:32:f0:00:7f:e3:
af:f7:32:39:fe:9b:17:84:c9:56:cb:c5:56:55:83:22:f6:bc:
b7:3b:57:7a:ee:d1:01:e8:69:ac:b1:14:30:ca:f0:94:53:f4:
f4:4e:b7:f6:57:54:2b:b6:99:8e:9f:eb:44:51:63:6f:89:4c:
6d:89:13:3e:97:d3:49:fc:4b:01:54:59:eb:0d:67:33:2e:82:
8c:9e:c6:dc:ef:5c:b1:02:f8:d6:d1:cc:70:41:a7:9b:55:45:
bc:10:58:18
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICTRswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDEw
OTIzMzdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDBCNDE0NTk2MDFGQkZC
RUEwNEQ0QzU1RjVFQUM2NTNBMDE0RUMwOTUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQClCJ8UxMm3u0NeWUG2YwSc9LaowktOJlIz7Eutoao2EUT80d/D
ErvCpkkLJsb6yq/YJ3iBETWDlxzzHT0dgQR90Uxw+s2+hZkC1bZdsM6Srv/qcBC7
pxkRdYeUPodDyL6ViztIUr8r+G6i3uGnqwC0c1jR8IamlicPbvbwQD4xhxc6K/EF
gGbfy4mzudqoB0vdkmGeXGJKC7hQSgS467mi4D6ZQxlFs6kJJzxcMdgOI4jOipec
B+i7tiuI5gQAL2/gOxrzfJBwRDMmu7xVAbDQrG0x1igx3VGS0ir+/yRuNSNxk9cv
JMyQdIEusfpP9M20AU+1xEVwGgx52ySSfGuPAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUC0FFlgH7++oE1MVfXqxlOgFOwJUwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0MwRkZsZ0g3LS1vRTFN
VmZYcXhsT2dGT3dKVS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAKtz4uNeHmziS0yi+kTeGBC+xARvT1dS
1SX06TaeEYnkYQW6VvAWAVp1jz593dlg/hSD5qqo7/Ho4h4ZA4+en49jX36hKFAT
dRTkwO0pFh7PV7ppK4oGYHnH2V+EPEk2MYuNQkbNTkG0c+ZaSSoTHOr61Ap2C3BJ
eWH/WBQb7V65+8LRHZu01qhX6wjaSL1LCx7UKxW5JS4YtDX/4L8y8AB/46/3Mjn+
mxeEyVbLxVZVgyL2vLc7V3ru0QHoaayxFDDK8JRT9PROt/ZXVCu2mY6f60RRY2+J
TG2JEz6X00n8SwFUWesNZzMugoyextzvXLEC+NbRzHBBp5tVRbwQWBg=
-----END CERTIFICATE-----
Generated at Sat May 17 21:29:19 2025 by rpki-client