Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/FERqF-r1cJPYTELor220M7o_Qtk.roa
File: FERqF-r1cJPYTELor220M7o_Qtk.roa (raw, json)
Hash identifier: wfOQE/8qZgFxkkdl+1uAm5jJjubxrdhPwS9dLDZjTx8=
Subject key identifier: 14:44:6A:17:EA:F5:70:93:D8:4C:42:E8:AF:6D:B4:33:BA:3F:42:D9
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4D8B
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/FERqF-r1cJPYTELor220M7o_Qtk.roa
Signing time: Wed 01 May 2024 23:23:41 +0000
ROA not before: Wed 01 May 2024 23:23:41 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 19851 (0x4d8b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 1 23:23:41 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=14446A17EAF57093D84C42E8AF6DB433BA3F42D9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:98:7d:cd:42:fb:c1:8c:ea:c0:ac:18:b4:ed:
13:61:d0:20:f1:e0:90:87:a3:f1:7e:d8:a1:1e:2b:
cf:a5:df:f3:60:48:a5:11:09:57:52:8e:85:ff:da:
ec:a3:fc:4c:92:e7:20:a8:b9:03:8f:88:d4:bc:ea:
cc:d6:26:10:9c:00:a2:4a:7e:64:24:cb:d0:c3:c3:
b5:2d:da:0d:89:68:58:7f:3b:8b:ad:a6:6d:3c:74:
0d:00:b4:8a:12:9a:d8:d2:c1:d8:45:c8:9e:e3:bc:
10:9d:74:35:87:ed:f6:02:cc:15:d2:a3:a2:11:3a:
1d:3e:ef:32:88:b4:cb:f4:66:d8:4f:ae:2a:d7:07:
ab:07:aa:6d:04:6a:6c:e3:3a:f8:34:6d:42:c1:cd:
81:cf:fb:fd:80:ac:99:f4:af:e4:cc:0c:32:cf:53:
cb:75:9f:12:1e:1e:82:dd:de:0c:2b:b8:74:d1:af:
9f:34:06:82:56:db:8a:88:f7:b0:90:f4:68:54:62:
d7:2a:57:ff:07:72:7e:9f:96:af:0b:8e:aa:30:a2:
40:6c:8b:b9:45:4a:83:bf:18:b1:f1:bb:b9:02:88:
fd:ef:50:17:90:b9:31:aa:61:41:79:5c:5a:94:25:
15:a9:e7:f4:7b:0d:97:8a:62:df:54:19:07:c2:97:
68:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:44:6A:17:EA:F5:70:93:D8:4C:42:E8:AF:6D:B4:33:BA:3F:42:D9
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/FERqF-r1cJPYTELor220M7o_Qtk.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
72:66:b2:bb:fe:91:ec:79:e1:d2:ad:9d:a5:7b:5c:85:bd:98:
a3:26:7d:cb:68:64:c4:90:c0:a5:3c:f0:2c:6b:70:e7:97:d2:
3c:69:1b:91:38:02:53:13:74:42:54:42:d1:76:6f:f0:48:47:
b9:40:ae:b9:68:64:73:06:f2:70:43:e4:8f:b2:b4:35:bb:32:
47:90:0d:49:d9:6e:45:fc:d0:15:30:87:55:d6:c7:45:98:e1:
77:7c:e5:2c:68:cf:e7:11:fe:8d:06:a9:3e:3b:f5:36:a9:cb:
5a:50:b8:22:5d:79:bf:a9:8d:e9:95:14:77:09:e8:61:d6:7b:
e2:bb:79:68:b5:0e:d2:e9:9f:83:1e:4b:15:76:29:5a:d0:61:
7a:99:74:60:e5:2a:f4:b9:3e:be:92:52:4e:2f:3d:5e:da:a0:
00:e9:6d:9f:78:77:4e:85:05:eb:03:ae:75:b5:13:f1:cc:63:
f1:bb:a0:e7:0f:f0:62:c5:61:26:3f:77:63:09:bc:4f:7e:06:
b4:1d:19:34:66:db:9f:30:ec:df:05:36:9a:d2:62:88:14:03:
ab:a0:24:e0:7e:b0:c1:bf:69:08:14:04:ae:34:6a:95:cc:f4:
a9:16:af:b8:d1:1c:7f:a5:2c:e2:b2:c0:f2:a7:75:01:c2:af:
70:d5:94:84
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICTYswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDEy
MzIzNDFaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDE0NDQ2QTE3RUFGNTcw
OTNEODRDNDJFOEFGNkRCNDMzQkEzRjQyRDkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC2mH3NQvvBjOrArBi07RNh0CDx4JCHo/F+2KEeK8+l3/NgSKUR
CVdSjoX/2uyj/EyS5yCouQOPiNS86szWJhCcAKJKfmQky9DDw7Ut2g2JaFh/O4ut
pm08dA0AtIoSmtjSwdhFyJ7jvBCddDWH7fYCzBXSo6IROh0+7zKItMv0ZthPrirX
B6sHqm0EamzjOvg0bULBzYHP+/2ArJn0r+TMDDLPU8t1nxIeHoLd3gwruHTRr580
BoJW24qI97CQ9GhUYtcqV/8Hcn6flq8LjqowokBsi7lFSoO/GLHxu7kCiP3vUBeQ
uTGqYUF5XFqUJRWp5/R7DZeKYt9UGQfCl2hhAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUFERqF+r1cJPYTELor220M7o/QtkwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0ZFUnFGLXIxY0pQWVRF
TG9yMjIwTTdvX1F0ay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAHJmsrv+kex54dKtnaV7XIW9mKMmfcto
ZMSQwKU88CxrcOeX0jxpG5E4AlMTdEJUQtF2b/BIR7lArrloZHMG8nBD5I+ytDW7
MkeQDUnZbkX80BUwh1XWx0WY4Xd85Sxoz+cR/o0GqT479Tapy1pQuCJdeb+pjemV
FHcJ6GHWe+K7eWi1DtLpn4MeSxV2KVrQYXqZdGDlKvS5Pr6SUk4vPV7aoADpbZ94
d06FBesDrnW1E/HMY/G7oOcP8GLFYSY/d2MJvE9+BrQdGTRm258w7N8FNprSYogU
A6ugJOB+sMG/aQgUBK40apXM9KkWr7jRHH+lLOKywPKndQHCr3DVlIQ=
-----END CERTIFICATE-----
Generated at Sat May 17 19:37:54 2025 by rpki-client