Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/C2sD1GHqV1tZiTlOhLBuw2f0Hmo.roa
File: C2sD1GHqV1tZiTlOhLBuw2f0Hmo.roa (raw, json)
Hash identifier: tJfUKLDCUqel4lI7gzU0Rg+WuCzTgO/rJM8aUIxSgfQ=
Subject key identifier: 0B:6B:03:D4:61:EA:57:5B:59:89:39:4E:84:B0:6E:C3:67:F4:1E:6A
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4D83
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/C2sD1GHqV1tZiTlOhLBuw2f0Hmo.roa
Signing time: Wed 01 May 2024 22:23:40 +0000
ROA not before: Wed 01 May 2024 22:23:40 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 19843 (0x4d83)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 1 22:23:40 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=0B6B03D461EA575B5989394E84B06EC367F41E6A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:42:85:d4:79:f5:49:88:ff:e9:79:23:7e:d9:
c2:65:13:34:3d:65:66:e4:53:9d:e3:d6:c1:8c:e6:
e8:f0:23:81:80:d5:03:69:7d:d6:ce:51:fa:68:b4:
71:bf:47:e6:da:87:06:38:3c:99:5e:0d:ec:c3:55:
c2:88:0e:a1:86:7d:2d:f1:ee:8c:9c:c1:36:4b:3c:
69:d0:7b:d6:64:e1:1e:a3:00:37:85:e1:c8:85:37:
39:07:82:0c:08:b4:7c:93:ec:0e:40:0e:09:e1:74:
eb:9c:c4:51:a8:cb:10:7f:e5:9c:af:34:e8:24:bb:
0e:c1:20:79:7d:60:47:91:61:b6:1e:bd:67:fb:22:
59:14:f9:8d:36:73:9c:05:05:87:a5:d7:0e:4e:39:
e9:fe:fe:fa:7e:eb:8f:40:80:21:94:1f:58:b0:4f:
e2:d1:d9:40:c4:f6:bc:ab:8d:84:2e:97:a2:33:9d:
0c:77:0f:d5:6a:e7:7a:9c:dc:89:f2:18:2b:f8:3c:
ec:ff:f8:52:03:db:81:99:0f:d5:37:4d:9e:13:14:
06:e1:dc:f2:89:32:21:6f:ed:45:1a:20:10:f9:06:
2c:38:6b:43:15:d2:2f:0f:a8:c9:fd:75:51:a7:63:
e4:57:56:b6:57:05:53:82:bc:a2:52:85:d8:91:02:
ad:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:6B:03:D4:61:EA:57:5B:59:89:39:4E:84:B0:6E:C3:67:F4:1E:6A
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/C2sD1GHqV1tZiTlOhLBuw2f0Hmo.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
4a:ec:81:95:b7:10:9a:b2:a0:f5:dc:ef:12:4a:70:6c:aa:93:
28:a6:73:11:85:6d:ed:eb:db:6b:8c:ee:14:88:31:d4:6e:e4:
c3:03:52:f9:83:99:5d:8e:fc:e6:15:74:5e:98:b4:41:a2:1d:
08:7b:5f:f7:28:b9:e1:de:1e:4e:ad:cc:d1:a3:60:4f:2b:b9:
18:d7:2f:04:bd:86:41:51:5e:02:27:ae:71:bb:03:0e:74:23:
15:02:db:09:e1:36:b5:04:c6:0f:2f:6e:1a:5e:65:e6:94:4e:
24:47:f9:0d:aa:0e:03:5d:8d:a3:62:c0:15:30:de:13:05:77:
1a:56:de:56:a6:27:3d:94:85:8a:96:a7:98:d3:5a:6d:63:c1:
63:95:5c:e9:9b:4a:bd:b6:5b:96:ca:b6:95:ff:a8:53:a5:07:
f3:94:af:36:00:f0:05:4c:31:3e:fd:df:da:49:c7:48:e7:14:
fd:bb:05:f4:b9:da:11:54:40:a2:ac:d2:c9:3f:2a:af:3a:66:
e6:97:fa:bd:0a:95:8c:87:d6:04:ac:1f:02:4b:c8:1f:5b:3e:
64:ba:7f:c1:14:04:08:68:0b:b3:bf:78:bd:a4:a9:d4:bf:ff:
bc:0a:fa:37:8c:be:20:3f:e7:28:42:50:19:a3:42:4a:a4:9b:
3e:cf:71:c3
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICTYMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDEy
MjIzNDBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDBCNkIwM0Q0NjFFQTU3
NUI1OTg5Mzk0RTg0QjA2RUMzNjdGNDFFNkEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC+QoXUefVJiP/peSN+2cJlEzQ9ZWbkU53j1sGM5ujwI4GA1QNp
fdbOUfpotHG/R+bahwY4PJleDezDVcKIDqGGfS3x7oycwTZLPGnQe9Zk4R6jADeF
4ciFNzkHggwItHyT7A5ADgnhdOucxFGoyxB/5ZyvNOgkuw7BIHl9YEeRYbYevWf7
IlkU+Y02c5wFBYel1w5OOen+/vp+649AgCGUH1iwT+LR2UDE9ryrjYQul6IznQx3
D9Vq53qc3InyGCv4POz/+FID24GZD9U3TZ4TFAbh3PKJMiFv7UUaIBD5Biw4a0MV
0i8PqMn9dVGnY+RXVrZXBVOCvKJShdiRAq07AgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUC2sD1GHqV1tZiTlOhLBuw2f0HmowHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0Myc0QxR0hxVjF0WmlU
bE9oTEJ1dzJmMEhtby5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAErsgZW3EJqyoPXc7xJKcGyqkyimcxGF
be3r22uM7hSIMdRu5MMDUvmDmV2O/OYVdF6YtEGiHQh7X/coueHeHk6tzNGjYE8r
uRjXLwS9hkFRXgInrnG7Aw50IxUC2wnhNrUExg8vbhpeZeaUTiRH+Q2qDgNdjaNi
wBUw3hMFdxpW3lamJz2UhYqWp5jTWm1jwWOVXOmbSr22W5bKtpX/qFOlB/OUrzYA
8AVMMT7939pJx0jnFP27BfS52hFUQKKs0sk/Kq86ZuaX+r0KlYyH1gSsHwJLyB9b
PmS6f8EUBAhoC7O/eL2kqdS//7wK+jeMviA/5yhCUBmjQkqkmz7PccM=
-----END CERTIFICATE-----
Generated at Sun May 18 04:47:44 2025 by rpki-client