Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/IyuJxRdFJScCf9hOFium81lWw2M.roa
File: IyuJxRdFJScCf9hOFium81lWw2M.roa (raw, json)
Hash identifier: a52ZUgHQBQWfKT6rMCIzzEr9XCmPg0vd+HGXipXjXFg=
Subject key identifier: 23:2B:89:C5:17:45:25:27:02:7F:D8:4E:16:2B:A6:F3:59:56:C3:63
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4A7F
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/IyuJxRdFJScCf9hOFium81lWw2M.roa
Signing time: Sat 27 Apr 2024 21:53:28 +0000
ROA not before: Sat 27 Apr 2024 21:53:28 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 19071 (0x4a7f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 27 21:53:28 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=232B89C517452527027FD84E162BA6F35956C363
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:31:6a:60:9e:7c:0d:14:76:e5:2d:ca:76:c8:
a4:81:4e:1b:97:8c:40:3c:c7:1f:00:48:2b:98:1a:
ad:8b:bf:35:7e:3f:31:ce:7b:be:8e:fc:b5:9b:ca:
85:f2:9f:66:d6:bd:06:87:69:aa:89:e7:e2:11:15:
21:ef:75:a2:42:30:34:0b:27:c1:bb:89:78:c7:71:
20:ad:61:da:f6:45:6d:3e:73:c3:a8:5e:d1:9e:e4:
2d:8c:8f:6d:9a:90:cb:01:83:14:41:2c:d0:15:14:
e5:5a:54:99:42:bd:b3:83:af:a4:31:e0:60:76:91:
37:a8:63:9a:cb:64:0a:52:26:29:b7:fc:3e:7c:70:
c2:79:32:8d:da:1f:85:61:14:50:ab:87:2d:6f:07:
07:27:27:b9:4c:c5:df:43:ce:40:c9:3f:36:01:a6:
a6:fd:c0:f9:e6:bf:21:9f:07:ca:de:32:1d:09:de:
31:8d:88:6e:02:3c:8f:d8:9d:75:8f:08:59:1e:fa:
e5:25:ca:4f:e3:6d:04:ba:bf:d1:55:4b:67:04:9e:
3e:28:16:13:26:bf:50:6b:8e:09:b1:e8:5f:e0:ef:
25:f9:4c:7b:57:56:f9:ba:08:00:da:be:fc:b3:13:
c2:f1:d4:27:cb:f3:fa:bd:4f:fe:77:d4:4b:4b:ad:
36:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:2B:89:C5:17:45:25:27:02:7F:D8:4E:16:2B:A6:F3:59:56:C3:63
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/IyuJxRdFJScCf9hOFium81lWw2M.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
58:aa:3b:b9:56:ce:fb:59:05:5c:d3:92:b2:88:99:14:ea:a2:
db:f9:9c:11:1e:24:e6:c2:2e:6e:70:4a:4f:96:31:7d:1e:a3:
8c:c9:74:a0:a6:3f:f1:48:b7:f6:8c:b4:e4:29:2c:ff:17:a7:
c5:37:14:79:27:da:15:bb:6e:c7:c4:de:81:f3:6d:d3:1a:46:
5a:23:6f:26:36:37:e6:99:de:20:32:c3:cd:d1:05:c1:28:3b:
40:b0:d0:9b:32:2b:f3:ac:4e:2b:70:1d:39:8d:db:05:51:b7:
9f:c8:0d:c7:b4:39:e5:10:bc:f9:2e:db:0f:f6:54:07:11:78:
ad:af:fb:93:88:83:d4:8e:6d:c3:86:3b:23:d9:92:ca:1d:41:
38:cc:cf:31:28:d0:d9:a4:2f:65:78:27:1f:2f:c8:14:08:64:
28:62:ae:54:01:84:ee:9c:e1:9b:98:ba:e0:d6:2b:a0:1c:77:
17:fd:aa:83:cf:3d:85:67:b0:4b:bc:be:98:a5:68:eb:3d:07:
da:d2:78:31:69:55:87:b6:05:7b:07:63:61:9b:6c:cb:c9:12:
23:63:02:3f:94:f5:fd:75:09:b1:8a:98:ed:a3:2a:e9:0d:94:
54:8f:ca:34:cc:54:b1:16:ff:61:06:e1:c1:98:1d:25:3d:b6:
87:36:4c:3c
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICSn8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0Mjcy
MTUzMjhaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDIzMkI4OUM1MTc0NTI1
MjcwMjdGRDg0RTE2MkJBNkYzNTk1NkMzNjMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCpMWpgnnwNFHblLcp2yKSBThuXjEA8xx8ASCuYGq2LvzV+PzHO
e76O/LWbyoXyn2bWvQaHaaqJ5+IRFSHvdaJCMDQLJ8G7iXjHcSCtYdr2RW0+c8Oo
XtGe5C2Mj22akMsBgxRBLNAVFOVaVJlCvbODr6Qx4GB2kTeoY5rLZApSJim3/D58
cMJ5Mo3aH4VhFFCrhy1vBwcnJ7lMxd9DzkDJPzYBpqb9wPnmvyGfB8reMh0J3jGN
iG4CPI/YnXWPCFke+uUlyk/jbQS6v9FVS2cEnj4oFhMmv1Brjgmx6F/g7yX5THtX
Vvm6CADavvyzE8Lx1CfL8/q9T/531EtLrTbRAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUIyuJxRdFJScCf9hOFium81lWw2MwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0l5dUp4UmRGSlNjQ2Y5
aE9GaXVtODFsV3cyTS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAFiqO7lWzvtZBVzTkrKImRTqotv5nBEe
JObCLm5wSk+WMX0eo4zJdKCmP/FIt/aMtOQpLP8Xp8U3FHkn2hW7bsfE3oHzbdMa
RlojbyY2N+aZ3iAyw83RBcEoO0Cw0JsyK/OsTitwHTmN2wVRt5/IDce0OeUQvPku
2w/2VAcReK2v+5OIg9SObcOGOyPZksodQTjMzzEo0NmkL2V4Jx8vyBQIZChirlQB
hO6c4ZuYuuDWK6Acdxf9qoPPPYVnsEu8vpilaOs9B9rSeDFpVYe2BXsHY2GbbMvJ
EiNjAj+U9f11CbGKmO2jKukNlFSPyjTMVLEW/2EG4cGYHSU9toc2TDw=
-----END CERTIFICATE-----
Generated at Sat May 17 19:42:07 2025 by rpki-client