Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/WZtqxl2BLvEyF2gGU9EpzBqBdJ4.roa
File: WZtqxl2BLvEyF2gGU9EpzBqBdJ4.roa (raw, json)
Hash identifier: B5otbJwroDnHrhONiO4K9rHibjfYjfEuQSFw94+ihZs=
Subject key identifier: 59:9B:6A:C6:5D:81:2E:F1:32:17:68:06:53:D1:29:CC:1A:81:74:9E
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 441F
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/WZtqxl2BLvEyF2gGU9EpzBqBdJ4.roa
Signing time: Fri 19 Apr 2024 09:53:02 +0000
ROA not before: Fri 19 Apr 2024 09:53:02 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17439 (0x441f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 19 09:53:02 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=599B6AC65D812EF13217680653D129CC1A81749E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:59:d1:ea:d2:8c:cb:fd:9d:bf:a3:fe:e4:e0:
f2:b2:be:36:65:22:eb:a6:85:80:d2:1a:fd:6b:65:
45:11:96:f6:b2:2c:8b:b2:c8:b8:2c:bf:6b:66:3d:
d6:d8:1d:42:cf:3b:26:59:21:db:e8:de:f0:bf:41:
2a:ef:e1:bd:51:49:78:de:b2:92:7e:9a:13:e3:7c:
07:d3:26:fd:d7:af:1c:e1:04:49:bb:7e:56:29:72:
62:00:2a:5b:13:a2:77:5e:8f:2a:64:48:00:19:df:
0f:9f:aa:92:ab:aa:85:84:bf:66:50:af:39:8c:f1:
e7:03:66:0c:17:ab:68:91:bc:15:a9:a5:ca:e4:e7:
33:b4:6b:d3:ac:df:b5:0a:7c:5b:87:33:80:c6:19:
da:d9:b9:7c:c2:26:3f:6b:72:7a:e1:14:f3:64:06:
b4:8c:50:9d:df:f0:df:f9:35:92:fe:40:29:78:d4:
13:de:b3:2e:c0:25:bb:bf:12:4d:ac:a7:28:43:a0:
cc:f8:3d:7b:b8:0f:8d:e0:b5:e8:a6:ac:4d:a2:32:
9c:2e:10:49:39:c7:7b:dd:d1:7c:bd:7f:ef:d3:1a:
0c:95:b8:22:58:67:2d:34:93:c0:73:1a:a5:e0:0b:
db:c5:cc:0a:18:1a:d8:e7:59:7d:81:9b:b0:c7:b7:
8d:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:9B:6A:C6:5D:81:2E:F1:32:17:68:06:53:D1:29:CC:1A:81:74:9E
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/WZtqxl2BLvEyF2gGU9EpzBqBdJ4.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
5e:f5:a6:09:b7:6c:d1:7d:73:b9:56:a2:92:85:a0:60:7a:5b:
f5:db:49:be:a2:f3:dc:de:a0:38:ed:39:7e:57:ee:38:a9:32:
bf:4a:27:4e:e6:b7:db:21:a8:4c:cc:ab:9f:87:f2:1d:bb:98:
a0:be:cd:bf:bf:ae:8f:24:c9:f9:f7:82:9a:50:bb:c6:4b:73:
18:ea:87:bb:92:32:30:bf:2e:03:32:3f:b1:a2:15:b5:8b:5e:
8b:7c:58:dd:d3:43:80:91:65:30:dc:d8:7a:5b:ba:6b:4c:d5:
dc:06:93:fa:45:9f:07:45:e3:88:97:1f:40:8d:2f:c2:e1:5b:
10:96:13:ea:3b:94:90:6e:e2:8e:f0:13:f5:3e:ee:53:11:7b:
6b:bb:0c:10:fb:0b:ca:62:c5:10:a4:25:7c:6d:b5:2a:45:d6:
6d:e4:11:5a:f7:7d:c4:7d:ae:6a:28:2c:6c:c4:04:d7:b0:3b:
79:aa:7d:56:cd:d9:97:52:73:8f:19:ae:2e:27:71:9d:d9:15:
b3:b1:1a:69:f0:c6:3c:da:fb:d9:87:89:9b:92:60:03:3d:2d:
00:eb:18:c5:d6:37:5a:bf:19:09:cf:ad:e6:6b:57:c1:f7:4a:
0d:e9:83:ce:75:87:d9:24:69:e2:86:96:22:f4:a2:d6:e7:e4:
02:12:7e:68
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICRB8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTkw
OTUzMDJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDU5OUI2QUM2NUQ4MTJF
RjEzMjE3NjgwNjUzRDEyOUNDMUE4MTc0OUUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC6WdHq0ozL/Z2/o/7k4PKyvjZlIuumhYDSGv1rZUURlvayLIuy
yLgsv2tmPdbYHULPOyZZIdvo3vC/QSrv4b1RSXjespJ+mhPjfAfTJv3XrxzhBEm7
flYpcmIAKlsTondejypkSAAZ3w+fqpKrqoWEv2ZQrzmM8ecDZgwXq2iRvBWppcrk
5zO0a9Os37UKfFuHM4DGGdrZuXzCJj9rcnrhFPNkBrSMUJ3f8N/5NZL+QCl41BPe
sy7AJbu/Ek2spyhDoMz4PXu4D43gteimrE2iMpwuEEk5x3vd0Xy9f+/TGgyVuCJY
Zy00k8BzGqXgC9vFzAoYGtjnWX2Bm7DHt42TAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUWZtqxl2BLvEyF2gGU9EpzBqBdJ4wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1dadHF4bDJCTHZFeUYy
Z0dVOUVwekJxQmRKNC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAF71pgm3bNF9c7lWopKFoGB6W/XbSb6i
89zeoDjtOX5X7jipMr9KJ07mt9shqEzMq5+H8h27mKC+zb+/ro8kyfn3gppQu8ZL
cxjqh7uSMjC/LgMyP7GiFbWLXot8WN3TQ4CRZTDc2HpbumtM1dwGk/pFnwdF44iX
H0CNL8LhWxCWE+o7lJBu4o7wE/U+7lMRe2u7DBD7C8pixRCkJXxttSpF1m3kEVr3
fcR9rmooLGzEBNewO3mqfVbN2ZdSc48Zri4ncZ3ZFbOxGmnwxjza+9mHiZuSYAM9
LQDrGMXWN1q/GQnPreZrV8H3Sg3pg851h9kkaeKGliL0otbn5AISfmg=
-----END CERTIFICATE-----
Generated at Sat May 17 19:48:39 2025 by rpki-client