Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/FlBuRJBnBVbqijQCVAIFkqTjQfk.roa
File: FlBuRJBnBVbqijQCVAIFkqTjQfk.roa (raw, json)
Hash identifier: 4an/8VCIuMVj3DbbL6f9mLlkiEFEtRwklBjgl8yrAok=
Subject key identifier: 16:50:6E:44:90:67:05:56:EA:8A:34:02:54:02:05:92:A4:E3:41:F9
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3C57
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/FlBuRJBnBVbqijQCVAIFkqTjQfk.roa
Signing time: Tue 09 Apr 2024 00:52:36 +0000
ROA not before: Tue 09 Apr 2024 00:52:36 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15447 (0x3c57)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 9 00:52:36 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=16506E4490670556EA8A340254020592A4E341F9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:71:41:e8:c0:e6:19:a3:59:2a:69:42:51:d9:
d1:8a:ef:b6:59:21:6f:fe:cc:49:3b:d3:a7:a2:5e:
96:02:5c:f6:a0:34:5b:2c:32:2b:29:a2:ef:0e:55:
65:9e:90:9a:c9:11:45:21:74:d2:01:ec:65:7e:77:
20:5d:11:db:1a:6a:20:34:53:60:1e:1e:a2:c8:34:
d3:25:d1:9c:47:c1:d9:af:f4:cf:3a:b9:32:8b:ac:
c7:37:b1:2b:22:e0:5a:f2:0b:bd:97:3a:ab:16:bd:
f7:23:7f:13:5d:59:48:a9:81:58:0f:86:a5:3f:6d:
61:8e:6d:47:ca:84:a4:c7:49:14:f9:c2:93:68:83:
51:80:eb:7a:7a:25:47:fc:ed:e1:f0:31:b7:bc:7d:
66:05:87:90:06:cd:1f:d6:af:03:cf:e6:56:71:ca:
21:d4:4c:3b:f7:89:21:08:ed:eb:39:fe:c9:da:6f:
f3:48:fd:90:e4:f9:91:d5:61:e0:1c:6b:cc:3d:5c:
83:b5:93:7b:a1:d5:61:17:d0:7c:dd:0d:ca:e0:02:
03:0e:f3:5e:44:29:63:5f:32:28:eb:f3:2b:dc:78:
ae:87:4c:9b:6e:20:42:b4:57:4f:17:c0:e8:fc:d9:
4a:56:87:ab:a3:24:6b:9e:8f:f8:e5:ec:f8:24:e6:
b4:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:50:6E:44:90:67:05:56:EA:8A:34:02:54:02:05:92:A4:E3:41:F9
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/FlBuRJBnBVbqijQCVAIFkqTjQfk.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
04:bd:96:a5:60:ff:8f:c3:f3:f7:a5:58:fe:78:e8:ef:87:77:
9f:b2:7b:35:28:76:04:f2:dd:00:df:f5:0a:45:21:a4:e5:fc:
59:7d:45:48:9c:19:42:ea:85:23:a2:6e:b8:b7:b9:4a:78:6f:
5a:af:73:8f:ff:4a:6a:8e:71:2f:3b:10:40:c5:2b:55:6c:12:
35:54:a7:39:9a:ee:1e:8d:13:ee:cf:d6:cf:15:ad:92:a2:f5:
29:c8:74:15:ec:9a:20:cf:9a:f2:9c:36:8e:26:20:e1:8b:2d:
25:6d:74:a5:fe:62:b4:db:da:42:ab:2a:50:1c:b7:d9:f4:70:
31:4e:45:d0:c4:52:3a:51:72:7d:26:f7:45:14:d7:a3:8a:e2:
47:b8:d1:30:ce:a1:47:15:31:0c:e2:0f:f3:ff:0b:f7:a3:f0:
e9:ec:a3:7a:db:ad:cc:4b:d8:f7:a7:8c:5a:61:52:15:3f:93:
20:3c:c6:03:7e:ce:a8:92:1e:16:28:69:e6:8c:30:d1:12:24:
0e:d6:14:f8:13:83:a1:8b:26:95:73:7e:a7:90:1c:52:41:cc:
8f:a3:27:24:03:9a:7b:94:c7:d4:80:6b:14:f5:44:4d:d4:92:
1a:3f:42:e0:ca:52:0a:40:40:22:54:a5:4c:36:0b:0d:6c:b4:
7b:e2:63:cd
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICPFcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDkw
MDUyMzZaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDE2NTA2RTQ0OTA2NzA1
NTZFQThBMzQwMjU0MDIwNTkyQTRFMzQxRjkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCocUHowOYZo1kqaUJR2dGK77ZZIW/+zEk706eiXpYCXPagNFss
Mispou8OVWWekJrJEUUhdNIB7GV+dyBdEdsaaiA0U2AeHqLINNMl0ZxHwdmv9M86
uTKLrMc3sSsi4FryC72XOqsWvfcjfxNdWUipgVgPhqU/bWGObUfKhKTHSRT5wpNo
g1GA63p6JUf87eHwMbe8fWYFh5AGzR/WrwPP5lZxyiHUTDv3iSEI7es5/snab/NI
/ZDk+ZHVYeAca8w9XIO1k3uh1WEX0HzdDcrgAgMO815EKWNfMijr8yvceK6HTJtu
IEK0V08XwOj82UpWh6ujJGuej/jl7Pgk5rSRAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUFlBuRJBnBVbqijQCVAIFkqTjQfkwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0ZsQnVSSkJuQlZicWlq
UUNWQUlGa3FUalFmay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAAS9lqVg/4/D8/elWP546O+Hd5+yezUo
dgTy3QDf9QpFIaTl/Fl9RUicGULqhSOibri3uUp4b1qvc4//SmqOcS87EEDFK1Vs
EjVUpzma7h6NE+7P1s8VrZKi9SnIdBXsmiDPmvKcNo4mIOGLLSVtdKX+YrTb2kKr
KlAct9n0cDFORdDEUjpRcn0m90UU16OK4ke40TDOoUcVMQziD/P/C/ej8Onso3rb
rcxL2PenjFphUhU/kyA8xgN+zqiSHhYoaeaMMNESJA7WFPgTg6GLJpVzfqeQHFJB
zI+jJyQDmnuUx9SAaxT1RE3Ukho/QuDKUgpAQCJUpUw2Cw1stHviY80=
-----END CERTIFICATE-----
Generated at Sat May 17 19:56:35 2025 by rpki-client