Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/Iae6NCzGjQJveYEq25oR_hkpNb0.roa
File: Iae6NCzGjQJveYEq25oR_hkpNb0.roa (raw, json)
Hash identifier: f4yg+Z1OxE2zSb3KKB7vodjYcBOEuWEMlUtP0Mx5+60=
Subject key identifier: 21:A7:BA:34:2C:C6:8D:02:6F:79:81:2A:DB:9A:11:FE:19:29:35:BD
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 5793
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/Iae6NCzGjQJveYEq25oR_hkpNb0.roa
Signing time: Wed 15 May 2024 08:24:33 +0000
ROA not before: Wed 15 May 2024 08:24:33 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 22419 (0x5793)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 15 08:24:33 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=21A7BA342CC68D026F79812ADB9A11FE192935BD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:0f:07:cf:dc:d5:56:69:01:1d:cd:59:df:db:
48:0d:83:f4:79:c0:e3:51:b4:d8:cc:47:21:df:20:
db:7c:16:2f:25:ac:cb:8a:45:5e:38:bb:e0:31:49:
4c:56:d6:be:78:fc:f0:8d:35:6d:14:05:a5:ae:dc:
a9:2c:6c:d0:b8:12:41:ba:33:1c:3a:b7:c9:f8:f0:
1d:32:7e:6c:2d:d8:24:66:f0:bf:0f:d0:05:db:cf:
66:66:e6:1c:6d:6c:ee:72:77:9b:73:c4:66:d2:5f:
a9:7a:d3:44:44:69:d7:bc:85:40:d2:21:d0:cd:fe:
fb:5e:df:9a:6b:48:c5:e5:3f:2b:a3:fc:e1:17:1e:
94:e5:a1:ca:ca:be:cb:88:5a:75:2d:c8:2c:47:05:
a7:ff:5a:9a:b5:36:59:c3:1f:74:1c:86:92:66:01:
8a:50:2a:bf:80:42:6a:d5:02:53:e7:48:9d:35:e0:
cb:ea:6e:83:2b:99:a3:85:71:48:da:0c:06:5d:1c:
46:e9:62:05:ac:e2:62:86:d4:2b:e0:82:98:5d:c2:
55:cf:32:1e:06:7e:a3:e2:20:bc:ff:dd:22:9d:3c:
5e:cb:a8:56:38:94:b2:68:0a:48:95:98:99:5f:eb:
2f:95:ed:1c:cb:99:cd:73:e6:29:4d:00:6d:19:6b:
2a:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:A7:BA:34:2C:C6:8D:02:6F:79:81:2A:DB:9A:11:FE:19:29:35:BD
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/Iae6NCzGjQJveYEq25oR_hkpNb0.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
37:85:f5:0c:3d:06:52:3f:88:15:50:20:00:59:64:c0:64:82:
90:92:8c:c7:ed:83:b2:a6:f1:57:44:16:b0:f6:48:68:38:44:
c7:f4:cb:44:6f:52:a5:58:c8:5f:99:b0:a4:dd:69:e8:33:ca:
5a:f9:c2:7c:41:c0:27:a0:26:61:a3:ca:07:85:1a:ad:07:78:
57:7a:c5:d3:74:ee:f2:a1:ef:d9:f3:fc:a6:0f:8c:ee:e8:47:
8f:f3:c5:c2:a0:e8:c3:b8:55:87:6e:6a:89:6b:63:0e:d3:60:
63:74:c1:9b:0d:d2:fb:fc:e6:81:90:27:0f:60:8b:48:f9:ba:
07:fc:ca:cb:6e:33:52:cf:51:e1:bc:b0:b3:d1:b6:38:85:72:
91:a8:12:e6:fb:0b:81:b8:51:a6:c4:c2:c4:4f:7a:33:a2:3d:
3f:36:ce:a2:86:c2:e6:d1:b1:82:78:20:ec:0b:ed:ac:84:5c:
cd:ec:e6:9c:9c:d3:f7:00:2e:77:76:9c:ec:a4:5a:a7:d3:ef:
d0:17:35:7b:3c:a3:95:4d:70:07:52:a5:c1:70:a4:e1:85:ad:
1b:05:98:3a:14:e9:cf:84:c9:49:37:d5:eb:3d:e5:89:a3:a8:
d9:c5:ca:01:c4:2a:8b:0f:a6:66:e9:81:03:38:aa:73:20:78:
8f:ec:26:b6
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICV5MwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MTUw
ODI0MzNaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDIxQTdCQTM0MkNDNjhE
MDI2Rjc5ODEyQURCOUExMUZFMTkyOTM1QkQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDPDwfP3NVWaQEdzVnf20gNg/R5wONRtNjMRyHfINt8Fi8lrMuK
RV44u+AxSUxW1r54/PCNNW0UBaWu3KksbNC4EkG6Mxw6t8n48B0yfmwt2CRm8L8P
0AXbz2Zm5hxtbO5yd5tzxGbSX6l600REade8hUDSIdDN/vte35prSMXlPyuj/OEX
HpTlocrKvsuIWnUtyCxHBaf/Wpq1NlnDH3QchpJmAYpQKr+AQmrVAlPnSJ014Mvq
boMrmaOFcUjaDAZdHEbpYgWs4mKG1CvggphdwlXPMh4GfqPiILz/3SKdPF7LqFY4
lLJoCkiVmJlf6y+V7RzLmc1z5ilNAG0ZayoFAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUIae6NCzGjQJveYEq25oR/hkpNb0wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0lhZTZOQ3pHalFKdmVZ
RXEyNW9SX2hrcE5iMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBADeF9Qw9BlI/iBVQIABZZMBkgpCSjMft
g7Km8VdEFrD2SGg4RMf0y0RvUqVYyF+ZsKTdaegzylr5wnxBwCegJmGjygeFGq0H
eFd6xdN07vKh79nz/KYPjO7oR4/zxcKg6MO4VYduaolrYw7TYGN0wZsN0vv85oGQ
Jw9gi0j5ugf8ystuM1LPUeG8sLPRtjiFcpGoEub7C4G4UabEwsRPejOiPT82zqKG
wubRsYJ4IOwL7ayEXM3s5pyc0/cALnd2nOykWqfT79AXNXs8o5VNcAdSpcFwpOGF
rRsFmDoU6c+EyUk31es95YmjqNnFygHEKosPpmbpgQM4qnMgeI/sJrY=
-----END CERTIFICATE-----
Generated at Sat May 17 22:40:18 2025 by rpki-client