Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/Gk170JuVqCtMSZ7DaqW3yrGNUks.roa
File: Gk170JuVqCtMSZ7DaqW3yrGNUks.roa (raw, json)
Hash identifier: 5SlisBWa2beBTGiSqaA0JGdda4u02t0bot/gAD340u8=
Subject key identifier: 1A:4D:7B:D0:9B:95:A8:2B:4C:49:9E:C3:6A:A5:B7:CA:B1:8D:52:4B
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 429F
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/Gk170JuVqCtMSZ7DaqW3yrGNUks.roa
Signing time: Wed 17 Apr 2024 09:53:01 +0000
ROA not before: Wed 17 Apr 2024 09:53:01 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17055 (0x429f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 17 09:53:01 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=1A4D7BD09B95A82B4C499EC36AA5B7CAB18D524B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:93:ad:c7:c4:20:7e:7a:ac:81:f8:2a:0b:20:
bf:83:e9:e4:6c:22:4a:ef:68:14:d9:45:b3:74:49:
ff:37:96:47:05:b0:fb:b7:56:53:f4:e0:61:c3:09:
08:96:bd:34:1b:c3:f9:ab:9d:f6:5d:19:b8:1a:23:
48:73:6b:b2:8f:cf:d2:71:db:7a:5f:ed:d9:4f:6e:
9e:dd:90:2a:52:2a:86:9f:2c:80:9c:9d:70:8f:7a:
57:8b:0c:e6:5f:64:26:3a:d0:77:7d:70:9a:ae:cf:
a5:e5:86:3a:bc:ce:74:d0:9b:58:41:74:f9:85:eb:
33:38:13:98:9b:c6:14:47:58:c2:c4:cb:de:e6:de:
ed:3f:26:77:20:95:05:2f:e1:ca:19:14:bd:03:21:
b8:6f:94:f4:d1:43:80:99:20:9d:78:74:2d:e1:b4:
0b:a3:af:1a:c6:76:ae:3b:ba:dd:b7:2d:ed:3b:61:
8a:7a:5e:7b:65:fe:da:d3:a4:51:6c:5f:f5:2d:d0:
0c:37:fc:19:f8:e4:24:ed:18:39:5d:a3:7f:48:f2:
4e:bc:eb:90:82:80:e5:7c:3a:03:a1:54:0a:c0:de:
68:f5:9f:e5:ba:89:13:ea:b6:75:19:25:c8:54:fe:
bb:e6:90:cc:55:27:01:0d:3a:81:d6:5e:14:5b:a0:
c8:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:4D:7B:D0:9B:95:A8:2B:4C:49:9E:C3:6A:A5:B7:CA:B1:8D:52:4B
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/Gk170JuVqCtMSZ7DaqW3yrGNUks.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
57:b7:1b:97:21:09:25:19:14:24:eb:4b:98:64:ce:4a:e2:ed:
72:2a:90:3a:72:58:28:e8:1c:29:9f:4f:60:3a:b0:2a:97:81:
b4:85:45:a5:0c:fe:ec:20:58:3c:0f:8a:ff:7c:2d:f7:28:88:
0f:f9:ee:60:08:75:de:60:5f:f1:ea:9b:a0:a7:7d:77:ba:e8:
a3:32:c8:5d:1e:e1:57:ee:48:ca:ae:eb:e0:b7:4a:8d:86:cd:
41:d4:ea:6f:64:cd:e8:df:f2:09:87:14:97:47:92:25:da:53:
ec:5f:0d:f8:ac:56:45:a4:02:bc:bb:9f:75:3b:bd:f6:24:d2:
bb:c4:f7:2e:ec:6b:c5:ec:f7:63:92:6f:3d:30:a2:ab:76:1e:
5e:c8:9f:6d:26:97:6d:5e:66:c9:ce:f8:c2:d1:16:fc:a7:34:
f1:6f:a0:bb:09:72:23:4c:ff:f4:65:98:05:c5:62:95:ff:8c:
0a:62:cb:56:d9:11:dc:76:4d:f1:a0:e9:a9:75:c1:53:cb:c8:
da:28:69:85:a3:24:a6:66:a5:e7:e2:4c:6d:09:d8:84:e6:a8:
90:2c:0f:44:59:6a:bc:12:5a:0c:22:5e:59:6f:29:b5:46:1d:
d4:2d:08:f9:49:f6:9d:10:d5:3d:cf:e9:12:f5:bf:ce:7b:75:
db:92:4f:0b
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICQp8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTcw
OTUzMDFaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDFBNEQ3QkQwOUI5NUE4
MkI0QzQ5OUVDMzZBQTVCN0NBQjE4RDUyNEIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDhk63HxCB+eqyB+CoLIL+D6eRsIkrvaBTZRbN0Sf83lkcFsPu3
VlP04GHDCQiWvTQbw/mrnfZdGbgaI0hza7KPz9Jx23pf7dlPbp7dkCpSKoafLICc
nXCPeleLDOZfZCY60Hd9cJquz6Xlhjq8znTQm1hBdPmF6zM4E5ibxhRHWMLEy97m
3u0/JncglQUv4coZFL0DIbhvlPTRQ4CZIJ14dC3htAujrxrGdq47ut23Le07YYp6
Xntl/trTpFFsX/Ut0Aw3/Bn45CTtGDldo39I8k6865CCgOV8OgOhVArA3mj1n+W6
iRPqtnUZJchU/rvmkMxVJwENOoHWXhRboMhLAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUGk170JuVqCtMSZ7DaqW3yrGNUkswHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0drMTcwSnVWcUN0TVNa
N0RhcVczeXJHTlVrcy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAFe3G5chCSUZFCTrS5hkzkri7XIqkDpy
WCjoHCmfT2A6sCqXgbSFRaUM/uwgWDwPiv98LfcoiA/57mAIdd5gX/Hqm6CnfXe6
6KMyyF0e4VfuSMqu6+C3So2GzUHU6m9kzejf8gmHFJdHkiXaU+xfDfisVkWkAry7
n3U7vfYk0rvE9y7sa8Xs92OSbz0woqt2Hl7In20ml21eZsnO+MLRFvynNPFvoLsJ
ciNM//RlmAXFYpX/jApiy1bZEdx2TfGg6al1wVPLyNooaYWjJKZmpefiTG0J2ITm
qJAsD0RZarwSWgwiXllvKbVGHdQtCPlJ9p0Q1T3P6RL1v857dduSTws=
-----END CERTIFICATE-----
Generated at Sat May 17 22:38:12 2025 by rpki-client