Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/TvFHV8jRFQSssOFgZ09biXLv6Z0.roa
File: TvFHV8jRFQSssOFgZ09biXLv6Z0.roa (raw, json)
Hash identifier: TjRQIkAIOmg0UcfZoDS+Jrv6Hh1NDwN/DLNcKmXoho8=
Subject key identifier: 4E:F1:47:57:C8:D1:15:04:AC:B0:E1:60:67:4F:5B:89:72:EF:E9:9D
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 5237
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/TvFHV8jRFQSssOFgZ09biXLv6Z0.roa
Signing time: Wed 08 May 2024 04:54:07 +0000
ROA not before: Wed 08 May 2024 04:54:07 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21047 (0x5237)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 8 04:54:07 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=4EF14757C8D11504ACB0E160674F5B8972EFE99D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:1e:3f:5c:b6:f8:cb:7b:7c:0f:60:16:d0:40:
3d:63:1c:6e:55:f4:0a:1b:69:ba:43:5e:99:9b:a7:
f2:3b:bc:46:4c:42:b0:06:f2:73:15:8c:08:5f:a5:
45:ea:5c:89:bb:13:6e:a5:71:92:f1:24:cc:bb:74:
77:a4:60:1f:88:fa:1f:7c:56:0a:b5:c5:9c:b8:b5:
35:a3:5b:9b:5f:78:2c:47:bb:08:f6:db:1f:ce:ef:
f7:b3:6e:23:13:89:ab:80:4c:ea:11:47:d8:64:03:
7a:18:e9:3e:bb:43:bb:3f:2c:12:d4:2b:e1:ad:50:
6c:ef:38:95:02:c1:00:da:a6:e5:89:06:44:c5:e9:
24:a2:f9:68:54:b3:b8:ef:73:58:04:db:cd:85:0f:
d1:85:7a:e4:74:a4:be:e9:9c:2a:8a:ec:e8:81:c4:
1e:4f:ef:74:5f:87:83:b1:ef:1b:ca:d7:64:0f:67:
0b:eb:a3:65:00:10:3e:c5:7e:b9:b1:f1:93:36:09:
b0:63:c8:ca:b2:ff:8f:ac:74:90:bd:e1:cd:f4:56:
6d:d5:11:09:2d:4d:ad:be:2d:7a:7e:d0:c0:3a:76:
d0:a8:c9:b1:52:34:52:f6:ef:de:ba:b5:99:80:eb:
55:84:d7:4e:13:4b:21:88:64:3e:7a:56:a7:b5:0a:
ad:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:F1:47:57:C8:D1:15:04:AC:B0:E1:60:67:4F:5B:89:72:EF:E9:9D
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/TvFHV8jRFQSssOFgZ09biXLv6Z0.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
20:11:8f:34:ab:22:a9:bf:c3:62:37:f4:b7:46:a5:07:33:f2:
cf:fe:d2:a1:83:49:65:82:0d:fa:46:7c:ec:9d:a6:ca:67:4f:
29:34:a0:ee:b0:21:1f:ca:c9:c1:e3:63:64:6d:82:f2:5f:eb:
13:85:4b:95:7c:99:62:bb:5f:04:5d:58:9a:8a:f7:10:69:e8:
f3:e8:02:bd:48:82:b7:5d:a6:a8:ce:58:6c:9e:5c:d3:88:55:
6c:c1:6e:8b:e0:01:1c:f2:5d:6a:95:9c:db:16:3b:e9:95:e9:
29:27:04:58:1d:d2:ce:5b:07:08:b3:a5:74:dd:b4:8d:69:c7:
04:2b:fe:71:39:1b:2e:b8:8b:e5:2e:83:b3:56:65:3a:d0:e0:
8d:41:bf:ed:76:62:cc:49:46:a9:51:19:10:f9:64:09:d1:cc:
b2:4a:b7:ea:ae:0c:57:da:ee:ad:96:cb:e9:e5:d6:7e:fb:15:
78:61:6c:91:36:2d:d1:9a:73:97:d0:5f:7a:87:88:53:95:d9:
8a:f5:16:b3:5c:31:a8:a6:33:11:7f:c9:48:03:fd:0a:37:26:
23:d4:81:0f:cd:28:7d:90:0e:be:e1:ed:d7:cc:44:98:b7:12:
29:e3:06:61:f9:be:9c:18:7d:f5:9a:a4:48:c2:ac:60:20:ab:
d1:b9:e4:98
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICUjcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDgw
NDU0MDdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDRFRjE0NzU3QzhEMTE1
MDRBQ0IwRTE2MDY3NEY1Qjg5NzJFRkU5OUQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDkHj9ctvjLe3wPYBbQQD1jHG5V9AobabpDXpmbp/I7vEZMQrAG
8nMVjAhfpUXqXIm7E26lcZLxJMy7dHekYB+I+h98Vgq1xZy4tTWjW5tfeCxHuwj2
2x/O7/ezbiMTiauATOoRR9hkA3oY6T67Q7s/LBLUK+GtUGzvOJUCwQDapuWJBkTF
6SSi+WhUs7jvc1gE282FD9GFeuR0pL7pnCqK7OiBxB5P73Rfh4Ox7xvK12QPZwvr
o2UAED7Ffrmx8ZM2CbBjyMqy/4+sdJC94c30Vm3VEQktTa2+LXp+0MA6dtCoybFS
NFL27966tZmA61WE104TSyGIZD56Vqe1Cq2TAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUTvFHV8jRFQSssOFgZ09biXLv6Z0wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1R2RkhWOGpSRlFTc3NP
RmdaMDliaVhMdjZaMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBACARjzSrIqm/w2I39LdGpQcz8s/+0qGD
SWWCDfpGfOydpspnTyk0oO6wIR/KycHjY2RtgvJf6xOFS5V8mWK7XwRdWJqK9xBp
6PPoAr1IgrddpqjOWGyeXNOIVWzBbovgARzyXWqVnNsWO+mV6SknBFgd0s5bBwiz
pXTdtI1pxwQr/nE5Gy64i+Uug7NWZTrQ4I1Bv+12YsxJRqlRGRD5ZAnRzLJKt+qu
DFfa7q2Wy+nl1n77FXhhbJE2LdGac5fQX3qHiFOV2Yr1FrNcMaimMxF/yUgD/Qo3
JiPUgQ/NKH2QDr7h7dfMRJi3EinjBmH5vpwYffWapEjCrGAgq9G55Jg=
-----END CERTIFICATE-----
Generated at Sat May 17 22:41:20 2025 by rpki-client