Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/SsEAfZShKCwZ1U4QMtdbj5N6C5M.roa
File: SsEAfZShKCwZ1U4QMtdbj5N6C5M.roa (raw, json)
Hash identifier: RkMmzDq/RsAW8PurPjeEiLqLLfSlcSaQIDJGBMtA3F8=
Subject key identifier: 4A:C1:00:7D:94:A1:28:2C:19:D5:4E:10:32:D7:5B:8F:93:7A:0B:93
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3C63
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/SsEAfZShKCwZ1U4QMtdbj5N6C5M.roa
Signing time: Tue 09 Apr 2024 02:22:36 +0000
ROA not before: Tue 09 Apr 2024 02:22:36 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15459 (0x3c63)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 9 02:22:36 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=4AC1007D94A1282C19D54E1032D75B8F937A0B93
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:e9:3a:41:9e:76:dc:83:3f:b6:c8:85:cc:14:
42:34:21:5b:2e:a0:ae:17:76:4a:31:18:fd:8c:87:
00:dc:0e:73:af:09:2f:73:a4:29:31:06:88:34:ba:
bd:41:4b:fa:c1:a8:0a:72:ad:25:38:df:c5:51:a8:
86:08:32:a7:07:59:e9:ab:20:f0:f8:26:af:c1:95:
6e:91:90:41:87:0e:a0:39:8d:34:ca:53:d3:64:ed:
29:94:bc:91:1b:5d:b6:c9:e7:e0:f8:38:23:74:77:
54:24:fd:4b:42:3e:ae:38:c0:9a:f7:4a:cd:22:9d:
88:1d:43:d9:6d:ab:d1:d7:31:b8:83:fb:e1:df:2e:
ca:3d:42:bd:8f:da:10:f5:83:f9:99:ea:bc:23:6b:
7d:52:ee:b1:2e:47:93:b9:c0:5b:70:ae:7d:83:46:
4f:d0:85:63:fd:c1:fa:3a:29:f4:37:0c:ca:9c:27:
93:c5:f3:bd:80:99:7c:47:70:af:6a:e5:b9:55:24:
6d:d5:a5:77:c2:bd:dd:86:87:45:9a:d7:58:36:fe:
24:3f:4e:84:d7:18:7f:a9:4d:d0:1d:ec:7c:7e:c2:
1d:39:a6:07:0a:52:fe:32:20:8f:70:7f:bf:f6:1b:
f0:31:b8:9a:dd:71:15:c6:70:4f:2a:2f:a2:02:a3:
a3:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:C1:00:7D:94:A1:28:2C:19:D5:4E:10:32:D7:5B:8F:93:7A:0B:93
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/SsEAfZShKCwZ1U4QMtdbj5N6C5M.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
88:a5:54:e1:48:b6:75:0c:6e:d7:6a:77:bc:91:94:51:d9:9b:
5e:51:69:4d:a2:40:7e:db:f0:bd:e5:c2:c5:28:da:34:54:01:
f1:36:b7:ec:ea:0c:e5:15:8b:ae:88:c9:83:66:d9:71:78:89:
3a:47:1b:a7:a6:a6:32:50:9d:d7:3c:59:04:3b:81:c5:65:3b:
62:89:80:e3:81:24:45:c9:5c:e4:56:29:c0:fd:d2:09:cb:09:
fc:1b:a7:c4:cb:08:66:5b:ac:ff:d1:58:24:34:4e:e7:d4:8a:
ae:47:08:f3:bf:98:3f:b4:66:c9:7e:a3:4f:e3:74:82:87:82:
93:79:80:db:be:e5:c5:51:b8:79:59:4a:64:42:4f:eb:47:91:
7a:61:56:96:1f:8a:99:87:6d:ff:2a:8b:db:74:ad:c3:3b:d5:
2a:ef:65:e1:06:96:c3:14:12:a4:ac:df:ec:f3:4a:97:8b:35:
66:89:3c:d1:39:ed:b2:08:1e:b0:60:6c:d9:5a:50:5b:09:19:
b7:c6:a8:bd:ad:8a:75:b9:49:37:0a:f0:42:7b:9b:2f:53:2f:
6a:21:b6:26:a9:2b:65:b9:e8:e8:f7:91:6f:80:54:0b:f1:da:
34:03:3a:7e:56:a2:c9:d3:15:53:53:81:df:8e:5f:2c:15:05:
23:d0:7b:70
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICPGMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDkw
MjIyMzZaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDRBQzEwMDdEOTRBMTI4
MkMxOUQ1NEUxMDMyRDc1QjhGOTM3QTBCOTMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQD06TpBnnbcgz+2yIXMFEI0IVsuoK4XdkoxGP2MhwDcDnOvCS9z
pCkxBog0ur1BS/rBqApyrSU438VRqIYIMqcHWemrIPD4Jq/BlW6RkEGHDqA5jTTK
U9Nk7SmUvJEbXbbJ5+D4OCN0d1Qk/UtCPq44wJr3Ss0inYgdQ9ltq9HXMbiD++Hf
Lso9Qr2P2hD1g/mZ6rwja31S7rEuR5O5wFtwrn2DRk/QhWP9wfo6KfQ3DMqcJ5PF
872AmXxHcK9q5blVJG3VpXfCvd2Gh0Wa11g2/iQ/ToTXGH+pTdAd7Hx+wh05pgcK
Uv4yII9wf7/2G/AxuJrdcRXGcE8qL6ICo6MJAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUSsEAfZShKCwZ1U4QMtdbj5N6C5MwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1NzRUFmWlNoS0N3WjFV
NFFNdGRiajVONkM1TS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAIilVOFItnUMbtdqd7yRlFHZm15RaU2i
QH7b8L3lwsUo2jRUAfE2t+zqDOUVi66IyYNm2XF4iTpHG6empjJQndc8WQQ7gcVl
O2KJgOOBJEXJXORWKcD90gnLCfwbp8TLCGZbrP/RWCQ0TufUiq5HCPO/mD+0Zsl+
o0/jdIKHgpN5gNu+5cVRuHlZSmRCT+tHkXphVpYfipmHbf8qi9t0rcM71SrvZeEG
lsMUEqSs3+zzSpeLNWaJPNE57bIIHrBgbNlaUFsJGbfGqL2tinW5STcK8EJ7my9T
L2ohtiapK2W56Oj3kW+AVAvx2jQDOn5WosnTFVNTgd+OXywVBSPQe3A=
-----END CERTIFICATE-----
Generated at Sat May 17 19:41:16 2025 by rpki-client