Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/SPsZ88N9hqKw6I7_fpude0jcytA.roa
File: SPsZ88N9hqKw6I7_fpude0jcytA.roa (raw, json)
Hash identifier: c6P285p1jiINtHgok4jHOuoD+xOnhINNAPMIMJsctIA=
Subject key identifier: 48:FB:19:F3:C3:7D:86:A2:B0:E8:8E:FF:7E:9B:9D:7B:48:DC:CA:D0
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3427
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/SPsZ88N9hqKw6I7_fpude0jcytA.roa
Signing time: Fri 29 Mar 2024 02:52:05 +0000
ROA not before: Fri 29 Mar 2024 02:52:05 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13351 (0x3427)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Mar 29 02:52:05 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=48FB19F3C37D86A2B0E88EFF7E9B9D7B48DCCAD0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:f5:8b:38:e3:13:94:c0:ba:e1:01:81:49:50:
58:f4:4a:81:8c:71:d2:4a:aa:36:a1:ce:e7:e5:a7:
31:45:1c:e3:ed:e4:27:ec:15:37:42:92:47:32:4d:
fb:c3:9c:8c:5f:86:53:79:9d:71:b4:ac:c1:4b:df:
6e:5a:c6:96:23:09:2d:13:5d:e5:90:1a:c1:b3:30:
2b:6c:69:4a:51:71:05:e9:79:f6:04:37:e4:83:09:
b4:eb:d8:fb:08:90:c4:dd:23:6a:8e:8c:e0:82:14:
24:1f:d9:ba:cc:42:32:6a:56:7e:7f:fb:db:ae:60:
7a:dc:45:ff:3b:80:9a:49:ea:e4:4f:d0:cf:23:f2:
9b:06:76:00:7d:bc:cd:db:65:64:04:f4:f1:f6:47:
1c:3c:54:de:16:f6:d1:9d:82:f2:70:da:79:7f:c8:
c4:c9:30:b9:e4:eb:03:10:f5:38:3c:58:8e:75:1c:
c2:82:0a:fc:7d:eb:38:cc:b8:18:22:81:4f:b4:f2:
1e:8c:c2:4b:ac:f8:91:21:98:fd:26:7e:9d:82:a7:
9c:0e:9c:68:39:42:bb:d0:ee:35:2f:74:be:29:5f:
6c:86:06:0f:c4:19:e6:9b:f7:f4:80:4c:f5:f8:96:
49:af:fc:7d:0e:5f:e5:f2:6e:bf:36:87:f8:82:ee:
01:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:FB:19:F3:C3:7D:86:A2:B0:E8:8E:FF:7E:9B:9D:7B:48:DC:CA:D0
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/SPsZ88N9hqKw6I7_fpude0jcytA.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
61:b0:8e:3c:bc:e8:db:19:5e:52:0f:13:2b:1a:a5:22:dd:c0:
87:8b:97:d1:f9:6b:be:be:14:8f:51:54:d5:da:19:2e:06:04:
08:f6:a9:3f:c7:6c:3c:7a:de:24:b4:80:53:3d:3e:fe:2d:a3:
26:26:d3:3d:5d:5c:2b:61:6c:93:a7:b2:49:48:4f:91:53:1f:
7c:3b:5f:c6:18:10:35:62:2d:ef:a0:55:84:67:7a:f3:88:29:
5b:26:e3:5d:ce:bb:9e:eb:ba:eb:91:4f:3e:1d:6a:53:bb:6b:
b5:1e:8d:d6:db:78:a0:0b:40:d0:ff:1d:f2:28:41:4b:e7:ed:
16:95:7c:0e:0d:e3:10:e8:ab:e2:91:79:f6:1e:5d:f3:2d:77:
9c:c1:7b:87:57:fb:80:64:95:8b:71:62:be:7f:d8:dd:64:04:
2c:91:15:87:6d:63:cd:33:71:36:28:16:14:6f:19:70:b9:76:
ca:ad:d4:91:76:47:2d:32:ab:00:19:53:61:bc:b6:d4:f7:53:
81:4b:f8:d5:1a:e0:15:94:58:0a:97:3c:54:75:38:ff:98:23:
09:a5:bc:f8:90:59:a9:18:b4:ea:c0:9f:b3:e6:03:47:93:39:
7b:6f:32:be:68:97:36:f8:36:af:26:e6:a8:35:cd:89:96:ad:
0d:6f:c8:29
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICNCcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDAzMjkw
MjUyMDVaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDQ4RkIxOUYzQzM3RDg2
QTJCMEU4OEVGRjdFOUI5RDdCNDhEQ0NBRDAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC69Ys44xOUwLrhAYFJUFj0SoGMcdJKqjahzuflpzFFHOPt5Cfs
FTdCkkcyTfvDnIxfhlN5nXG0rMFL325axpYjCS0TXeWQGsGzMCtsaUpRcQXpefYE
N+SDCbTr2PsIkMTdI2qOjOCCFCQf2brMQjJqVn5/+9uuYHrcRf87gJpJ6uRP0M8j
8psGdgB9vM3bZWQE9PH2Rxw8VN4W9tGdgvJw2nl/yMTJMLnk6wMQ9Tg8WI51HMKC
Cvx96zjMuBgigU+08h6Mwkus+JEhmP0mfp2Cp5wOnGg5QrvQ7jUvdL4pX2yGBg/E
Geab9/SATPX4lkmv/H0OX+Xybr82h/iC7gGrAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUSPsZ88N9hqKw6I7/fpude0jcytAwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1NQc1o4OE45aHFLdzZJ
N19mcHVkZTBqY3l0QS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAGGwjjy86NsZXlIPEysapSLdwIeLl9H5
a76+FI9RVNXaGS4GBAj2qT/HbDx63iS0gFM9Pv4toyYm0z1dXCthbJOnsklIT5FT
H3w7X8YYEDViLe+gVYRnevOIKVsm413Ou57ruuuRTz4dalO7a7UejdbbeKALQND/
HfIoQUvn7RaVfA4N4xDoq+KRefYeXfMtd5zBe4dX+4BklYtxYr5/2N1kBCyRFYdt
Y80zcTYoFhRvGXC5dsqt1JF2Ry0yqwAZU2G8ttT3U4FL+NUa4BWUWAqXPFR1OP+Y
IwmlvPiQWakYtOrAn7PmA0eTOXtvMr5olzb4Nq8m5qg1zYmWrQ1vyCk=
-----END CERTIFICATE-----
Generated at Sat May 17 21:46:59 2025 by rpki-client