Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/W_c_w8JS4gdahECdHdfimcOe6WQ.roa
File: W_c_w8JS4gdahECdHdfimcOe6WQ.roa (raw, json)
Hash identifier: oNvwyf57u2xHIU6PRRy4lfiQcAcHoXLD6DwYJTeHTdU=
Subject key identifier: 5B:F7:3F:C3:C2:52:E2:07:5A:84:40:9D:1D:D7:E2:99:C3:9E:E9:64
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 5047
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/W_c_w8JS4gdahECdHdfimcOe6WQ.roa
Signing time: Sun 05 May 2024 14:54:06 +0000
ROA not before: Sun 05 May 2024 14:54:06 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 20551 (0x5047)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 5 14:54:06 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=5BF73FC3C252E2075A84409D1DD7E299C39EE964
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:2c:f4:90:24:fb:e9:74:0c:ed:97:a3:5c:e0:
e7:09:8f:18:e3:1c:bd:42:58:a2:ca:de:fa:63:d8:
bf:07:05:00:9a:6e:06:9d:02:db:df:ef:10:7f:14:
f3:d7:2c:4d:d9:94:de:2f:58:06:69:9f:0a:a0:a4:
f5:89:a1:dc:54:c3:5d:ff:c3:19:6b:64:e5:6e:48:
ab:2c:b2:dd:77:ed:92:8c:74:be:c0:4d:e3:06:47:
fc:56:8c:6e:09:f6:92:46:ae:4e:7c:b8:c0:79:f2:
c0:64:58:a3:8d:e9:9e:a3:a0:c3:b3:98:e3:c8:41:
4a:a9:db:02:2f:2d:06:f4:0f:86:62:cb:31:25:57:
64:42:20:a6:0b:e5:62:e3:db:f4:b7:f7:fa:5f:fc:
17:31:00:ff:c7:ba:67:c5:0e:02:e9:d1:7c:14:df:
61:32:27:97:bb:28:b1:6d:52:19:8a:20:4a:ab:71:
77:14:5a:c4:64:ef:1c:ac:ea:06:7f:7d:ac:7d:c4:
5b:c5:e6:2e:b1:9c:15:2c:2d:80:5f:44:c2:55:ea:
b0:f9:0b:7c:b8:d6:88:13:6a:6a:b8:92:b2:64:d0:
56:94:e9:07:11:1a:ab:7c:4d:a6:1c:c9:6e:da:54:
ec:7f:34:87:78:b5:df:c4:18:f7:53:b4:9e:06:43:
83:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:F7:3F:C3:C2:52:E2:07:5A:84:40:9D:1D:D7:E2:99:C3:9E:E9:64
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/W_c_w8JS4gdahECdHdfimcOe6WQ.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
b7:8e:13:ea:9d:49:d6:d2:08:8c:e6:b1:72:2e:3d:2f:8e:a8:
32:f1:4e:10:4f:2d:3c:0d:24:0f:ed:60:b0:79:59:97:12:26:
4d:3a:c3:41:3f:84:57:0b:f0:c9:fb:8e:5f:72:fd:9a:e2:50:
06:85:79:83:5d:af:5d:fb:c8:11:a1:b7:fc:71:c9:ff:69:2b:
c8:72:78:25:3e:d9:5a:fd:cf:ee:f3:aa:3a:d5:5c:c4:75:0f:
d2:b3:87:41:67:d5:b7:51:c8:4f:24:79:2d:cd:95:56:6a:35:
30:cc:ce:67:a8:43:96:4e:0f:72:aa:07:a7:f9:ed:e0:0a:cb:
1d:41:85:36:3b:2a:71:e7:f4:fb:61:f4:14:96:77:dd:5c:53:
1c:71:85:3b:b0:4d:dc:b8:b2:b1:0e:e8:ea:bf:c1:eb:83:9c:
b4:a5:8a:a0:66:72:8a:ad:a2:c0:ee:99:f3:31:90:71:ed:3f:
63:85:64:aa:e6:ec:35:a6:d9:8f:65:30:e3:92:6f:a1:68:fa:
d6:8f:de:6d:bc:0b:85:54:91:58:f9:4b:67:a0:04:88:b6:8d:
59:c6:35:42:3e:15:9a:ce:15:4f:72:dc:75:96:ee:a4:61:8f:
c9:45:be:b5:20:f8:05:5a:74:8d:67:d5:fd:9a:4f:96:ec:b3:
36:17:d5:a0
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICUEcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDUx
NDU0MDZaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDVCRjczRkMzQzI1MkUy
MDc1QTg0NDA5RDFERDdFMjk5QzM5RUU5NjQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDDLPSQJPvpdAztl6Nc4OcJjxjjHL1CWKLK3vpj2L8HBQCabgad
Atvf7xB/FPPXLE3ZlN4vWAZpnwqgpPWJodxUw13/wxlrZOVuSKssst137ZKMdL7A
TeMGR/xWjG4J9pJGrk58uMB58sBkWKON6Z6joMOzmOPIQUqp2wIvLQb0D4ZiyzEl
V2RCIKYL5WLj2/S39/pf/BcxAP/HumfFDgLp0XwU32EyJ5e7KLFtUhmKIEqrcXcU
WsRk7xys6gZ/fax9xFvF5i6xnBUsLYBfRMJV6rD5C3y41ogTamq4krJk0FaU6QcR
Gqt8TaYcyW7aVOx/NId4td/EGPdTtJ4GQ4PJAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUW/c/w8JS4gdahECdHdfimcOe6WQwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1dfY193OEpTNGdkYWhF
Q2RIZGZpbWNPZTZXUS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBALeOE+qdSdbSCIzmsXIuPS+OqDLxThBP
LTwNJA/tYLB5WZcSJk06w0E/hFcL8Mn7jl9y/ZriUAaFeYNdr137yBGht/xxyf9p
K8hyeCU+2Vr9z+7zqjrVXMR1D9Kzh0Fn1bdRyE8keS3NlVZqNTDMzmeoQ5ZOD3Kq
B6f57eAKyx1BhTY7KnHn9Pth9BSWd91cUxxxhTuwTdy4srEO6Oq/weuDnLSliqBm
coqtosDumfMxkHHtP2OFZKrm7DWm2Y9lMOOSb6Fo+taP3m28C4VUkVj5S2egBIi2
jVnGNUI+FZrOFU9y3HWW7qRhj8lFvrUg+AVadI1n1f2aT5bsszYX1aA=
-----END CERTIFICATE-----
Generated at Sat May 17 22:49:42 2025 by rpki-client