Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/W46BSOBCvr6-ZLWmaLKdvMBFtoM.roa
File: W46BSOBCvr6-ZLWmaLKdvMBFtoM.roa (raw, json)
Hash identifier: fcc/dqViumlxw1YmYSCxPNrV7YxRw7hOlScvNxDCaAE=
Subject key identifier: 5B:8E:81:48:E0:42:BE:BE:BE:64:B5:A6:68:B2:9D:BC:C0:45:B6:83
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 404F
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/W46BSOBCvr6-ZLWmaLKdvMBFtoM.roa
Signing time: Sun 14 Apr 2024 07:52:54 +0000
ROA not before: Sun 14 Apr 2024 07:52:54 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16463 (0x404f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 14 07:52:54 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=5B8E8148E042BEBEBE64B5A668B29DBCC045B683
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:f7:53:28:05:9c:ea:a9:d4:26:c3:4f:53:5e:
02:25:a6:5b:f5:eb:35:b9:b8:85:62:92:dd:4f:d7:
0a:c3:d3:ba:7b:17:09:cb:ed:43:29:52:21:2e:84:
90:14:0a:c1:1a:16:d0:97:ff:71:da:cb:26:b8:32:
d8:37:6a:3d:1d:96:db:de:22:2f:5c:3a:4f:79:bc:
5a:27:77:c2:c2:7e:87:42:d2:fb:a9:af:3d:45:b8:
ac:94:e7:a1:9a:1e:a9:3f:fb:ff:d1:5b:b8:83:d4:
77:9b:cc:fa:af:39:79:15:c5:87:37:8e:b8:ef:8c:
f7:42:25:35:59:b1:51:c2:eb:b3:e8:ed:4b:0b:4e:
70:2c:47:f6:0c:21:5e:2c:33:57:cf:f7:c8:f6:82:
21:ec:0b:b4:81:af:0c:d7:59:b0:83:ba:54:48:9a:
74:bd:2c:d2:f4:a5:1e:df:cf:2e:a4:eb:67:b5:63:
5a:ff:99:64:95:6e:b3:a2:95:19:46:c4:22:b2:a9:
c8:ca:0f:a8:3f:b8:36:2b:80:17:e9:87:9e:05:73:
af:45:d9:2e:63:7b:72:7f:0e:0b:82:31:f0:e5:69:
6b:e2:a3:4c:84:b9:7c:9e:62:ca:c2:c3:98:e8:1a:
75:fc:5f:8c:db:82:8f:35:91:49:08:22:08:64:2e:
d3:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:8E:81:48:E0:42:BE:BE:BE:64:B5:A6:68:B2:9D:BC:C0:45:B6:83
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/W46BSOBCvr6-ZLWmaLKdvMBFtoM.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
4b:aa:de:3b:b9:d4:fd:5e:6e:45:30:52:be:ba:93:14:90:8e:
a3:33:4f:9e:d2:40:69:5b:1e:e5:31:94:37:a4:8e:48:86:4b:
b4:ff:61:aa:93:83:91:44:06:4e:c0:33:fa:da:30:f4:29:0c:
d5:d4:9e:5b:7a:24:27:3c:62:8d:04:fe:5e:11:a7:ba:ae:f8:
b3:87:41:ad:65:51:25:c4:af:00:ed:9f:15:b1:5a:ce:36:b7:
f7:1d:d3:1f:28:86:09:8d:c8:99:c5:e6:7b:80:06:5c:41:ce:
bb:53:ca:af:61:cd:66:f2:9c:f5:1e:08:0a:e4:c7:bf:21:79:
a1:6b:03:8b:1c:67:9a:f9:c2:23:5f:38:62:03:63:98:9b:17:
79:d7:e2:2c:2a:9c:83:70:a3:04:db:df:16:d0:52:9a:03:6d:
ab:79:6d:52:b2:7c:02:47:67:8f:df:6d:6e:cf:ee:d3:99:b6:
f8:c4:b6:87:73:24:1a:02:27:5d:7d:1f:2e:9c:14:45:a9:f0:
24:9f:13:dc:4c:7e:f5:5c:8c:fd:36:75:85:94:6b:76:98:b0:
6a:25:51:9d:f4:d3:43:c7:bb:b8:f1:3f:d2:90:cd:1b:47:7a:
79:21:c1:e4:fb:aa:40:ef:48:c0:9b:18:6f:b8:89:ad:c5:94:
3c:0e:be:e9
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICQE8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTQw
NzUyNTRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDVCOEU4MTQ4RTA0MkJF
QkVCRTY0QjVBNjY4QjI5REJDQzA0NUI2ODMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC591MoBZzqqdQmw09TXgIlplv16zW5uIVikt1P1wrD07p7FwnL
7UMpUiEuhJAUCsEaFtCX/3Hayya4Mtg3aj0dltveIi9cOk95vFond8LCfodC0vup
rz1FuKyU56GaHqk/+//RW7iD1HebzPqvOXkVxYc3jrjvjPdCJTVZsVHC67Po7UsL
TnAsR/YMIV4sM1fP98j2giHsC7SBrwzXWbCDulRImnS9LNL0pR7fzy6k62e1Y1r/
mWSVbrOilRlGxCKyqcjKD6g/uDYrgBfph54Fc69F2S5je3J/DguCMfDlaWvio0yE
uXyeYsrCw5joGnX8X4zbgo81kUkIIghkLtNxAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUW46BSOBCvr6+ZLWmaLKdvMBFtoMwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1c0NkJTT0JDdnI2LVpM
V21hTEtkdk1CRnRvTS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAEuq3ju51P1ebkUwUr66kxSQjqMzT57S
QGlbHuUxlDekjkiGS7T/YaqTg5FEBk7AM/raMPQpDNXUnlt6JCc8Yo0E/l4Rp7qu
+LOHQa1lUSXErwDtnxWxWs42t/cd0x8ohgmNyJnF5nuABlxBzrtTyq9hzWbynPUe
CArkx78heaFrA4scZ5r5wiNfOGIDY5ibF3nX4iwqnINwowTb3xbQUpoDbat5bVKy
fAJHZ4/fbW7P7tOZtvjEtodzJBoCJ119Hy6cFEWp8CSfE9xMfvVcjP02dYWUa3aY
sGolUZ3000PHu7jxP9KQzRtHenkhweT7qkDvSMCbGG+4ia3FlDwOvuk=
-----END CERTIFICATE-----
Generated at Sat May 17 19:49:51 2025 by rpki-client