Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/_P-31k_JA4EWiU_7ANNNVOcwOsE.roa
File: _P-31k_JA4EWiU_7ANNNVOcwOsE.roa (raw, json)
Hash identifier: DgYkcq5RLsYdksGlPLqVDUZu7jXy1Z+aTmTDxKaezJ0=
Subject key identifier: FC:FF:B7:D6:4F:C9:03:81:16:89:4F:FB:00:D3:4D:54:E7:30:3A:C1
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3E97
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/_P-31k_JA4EWiU_7ANNNVOcwOsE.roa
Signing time: Fri 12 Apr 2024 00:52:48 +0000
ROA not before: Fri 12 Apr 2024 00:52:48 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16023 (0x3e97)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 12 00:52:48 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=FCFFB7D64FC9038116894FFB00D34D54E7303AC1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:49:a8:0c:24:20:2e:74:9e:ee:ba:b5:37:94:
8b:dc:12:42:56:ca:15:f4:17:4f:80:84:fe:34:75:
63:50:ab:b3:cb:c7:52:32:85:33:7c:d2:7f:38:ea:
d6:2a:7f:84:96:9f:4b:3a:8f:b0:69:ff:9f:74:df:
4e:f4:5b:bf:44:1e:06:e1:1a:25:57:19:5f:5e:16:
14:01:e2:3f:8f:f5:2d:5a:fd:e5:9d:e5:9b:35:4f:
62:e0:c9:46:94:50:f5:ba:5f:b5:1a:79:0a:de:12:
86:63:1d:9d:3e:c3:62:f5:b0:9a:89:69:04:66:3f:
a8:a6:95:e3:79:0a:52:b5:7f:32:02:5d:d3:cb:3d:
c3:2d:62:30:6d:0f:c4:e5:c7:8c:07:08:45:f9:a2:
56:b1:67:e2:34:9d:aa:d2:5a:2a:5b:e4:01:43:21:
dd:93:da:ef:39:90:f6:6d:a9:52:2a:7f:ce:2d:2c:
3c:15:95:15:a6:45:47:42:d7:d6:26:6a:d7:97:ed:
91:36:54:52:d1:f3:59:24:21:41:15:d8:17:5d:dd:
75:d6:5f:02:73:8c:39:83:9f:bf:db:0a:02:b2:fb:
1e:e4:54:25:17:a4:27:10:83:e9:97:a7:83:ab:8e:
d4:93:93:4e:94:20:9c:00:9a:60:6a:a6:f0:64:aa:
9f:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:FF:B7:D6:4F:C9:03:81:16:89:4F:FB:00:D3:4D:54:E7:30:3A:C1
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/_P-31k_JA4EWiU_7ANNNVOcwOsE.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
75:f5:da:46:cb:15:f5:34:c1:31:d2:a1:6a:5d:38:62:be:ae:
7e:d0:e8:ea:43:1f:ac:06:26:7e:31:16:ec:9f:7c:60:70:94:
b0:34:f2:96:d1:ac:d2:f9:39:e4:23:3f:fc:a8:a8:e5:83:e9:
03:d2:e1:e3:f4:38:e9:76:be:9c:35:1f:68:4b:3b:31:ea:85:
8a:e1:39:cd:96:9d:ad:0e:17:e7:dd:6e:62:05:d5:40:f1:bc:
b2:12:07:39:06:af:f7:c1:2b:7a:ef:1b:04:64:55:3e:9a:f7:
52:0c:e7:3e:67:53:76:58:14:24:97:7c:e7:7b:d2:74:61:96:
3f:72:d4:d9:0a:ad:ac:36:74:d1:df:a1:68:b5:e6:b3:94:7b:
f7:9f:dc:fd:ed:c2:58:3d:d7:a4:1d:3f:0e:52:01:b6:b7:b6:
08:4a:e5:f6:22:f6:e4:5c:47:9d:b2:a2:0f:30:b6:b1:04:d6:
61:47:be:14:b8:03:19:4a:5d:d1:80:77:5d:b5:29:1e:1b:d0:
4e:f7:26:83:27:39:67:2d:8f:8b:cd:19:36:5c:08:3b:40:97:
65:bf:76:6a:ba:43:f1:24:b6:d6:e0:c0:41:92:da:ca:58:d3:
37:a0:44:f4:65:9d:3d:87:ea:56:92:2e:6f:e3:68:90:6b:1f:
ab:e8:d1:14
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICPpcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTIw
MDUyNDhaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEZDRkZCN0Q2NEZDOTAz
ODExNjg5NEZGQjAwRDM0RDU0RTczMDNBQzEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDUSagMJCAudJ7uurU3lIvcEkJWyhX0F0+AhP40dWNQq7PLx1Iy
hTN80n846tYqf4SWn0s6j7Bp/5903070W79EHgbhGiVXGV9eFhQB4j+P9S1a/eWd
5Zs1T2LgyUaUUPW6X7UaeQreEoZjHZ0+w2L1sJqJaQRmP6imleN5ClK1fzICXdPL
PcMtYjBtD8Tlx4wHCEX5olaxZ+I0narSWipb5AFDId2T2u85kPZtqVIqf84tLDwV
lRWmRUdC19YmateX7ZE2VFLR81kkIUEV2Bdd3XXWXwJzjDmDn7/bCgKy+x7kVCUX
pCcQg+mXp4OrjtSTk06UIJwAmmBqpvBkqp+dAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQU/P+31k/JA4EWiU/7ANNNVOcwOsEwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L19QLTMxa19KQTRFV2lV
XzdBTk5OVk9jd09zRS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAHX12kbLFfU0wTHSoWpdOGK+rn7Q6OpD
H6wGJn4xFuyffGBwlLA08pbRrNL5OeQjP/yoqOWD6QPS4eP0OOl2vpw1H2hLOzHq
hYrhOc2Wna0OF+fdbmIF1UDxvLISBzkGr/fBK3rvGwRkVT6a91IM5z5nU3ZYFCSX
fOd70nRhlj9y1NkKraw2dNHfoWi15rOUe/ef3P3twlg916QdPw5SAba3tghK5fYi
9uRcR52yog8wtrEE1mFHvhS4AxlKXdGAd121KR4b0E73JoMnOWctj4vNGTZcCDtA
l2W/dmq6Q/EkttbgwEGS2spY0zegRPRlnT2H6laSLm/jaJBrH6vo0RQ=
-----END CERTIFICATE-----
Generated at Sat May 17 23:31:02 2025 by rpki-client