Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/dCIsyTLatlV3DeiCGeuLCZJKAg0.roa
File: dCIsyTLatlV3DeiCGeuLCZJKAg0.roa (raw, json)
Hash identifier: eUCAp9tOzohzcFM0pWfEPfC4QSxl8QacwGDY3gYUiqk=
Subject key identifier: 74:22:2C:C9:32:DA:B6:55:77:0D:E8:82:19:EB:8B:09:92:4A:02:0D
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3C4B
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/dCIsyTLatlV3DeiCGeuLCZJKAg0.roa
Signing time: Mon 08 Apr 2024 23:22:35 +0000
ROA not before: Mon 08 Apr 2024 23:22:35 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15435 (0x3c4b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 8 23:22:35 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=74222CC932DAB655770DE88219EB8B09924A020D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:2c:5c:fd:ba:07:ca:95:47:32:cc:e6:d1:c6:
92:75:be:8e:f0:1c:55:4f:c0:2a:16:a3:ed:08:61:
86:cf:1a:a7:f8:40:5e:15:50:65:1e:c2:80:ad:51:
1f:4d:68:c2:66:35:48:04:a8:02:99:ca:cd:75:9e:
77:20:d1:79:dd:1d:a9:75:93:64:88:89:49:ce:62:
d1:fa:90:6e:ec:79:13:0e:f3:9d:dc:01:de:a8:1a:
51:c3:f7:97:61:ed:9f:97:f3:c9:84:1e:f7:dd:a4:
f9:f4:da:ae:2c:35:f1:56:53:4b:50:73:cf:db:72:
42:4e:3d:09:41:f7:8b:cb:dd:b0:1b:ab:cd:2b:b7:
d7:fc:60:47:4a:76:89:d1:0a:77:12:eb:96:f0:a8:
09:34:83:5f:91:1e:be:c3:69:6f:88:99:de:29:38:
4c:bf:bb:82:88:5b:ac:e7:d9:03:83:da:f5:25:cc:
97:cd:69:49:a9:11:2e:33:48:1d:83:4c:ca:ec:8f:
4e:b1:e9:2c:e9:da:03:41:c3:f9:0f:2d:a0:55:29:
59:fe:c6:c7:a8:c7:fe:a4:f4:29:a3:16:d5:69:cb:
9c:17:b2:92:81:c7:bf:29:36:e3:b0:70:15:35:fa:
f2:a9:d2:d8:ff:51:18:21:fd:c1:4a:eb:bf:95:12:
7d:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:22:2C:C9:32:DA:B6:55:77:0D:E8:82:19:EB:8B:09:92:4A:02:0D
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/dCIsyTLatlV3DeiCGeuLCZJKAg0.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
82:74:7b:c8:56:de:ed:49:e7:73:76:0f:1b:d0:a4:3b:ee:a1:
0a:56:97:26:46:54:4d:56:20:78:5a:c6:62:76:f2:40:0b:eb:
84:c4:56:19:be:1d:03:14:1d:23:63:b7:55:0d:d1:6e:04:c3:
3c:21:58:2f:d1:75:c1:fd:bf:ba:60:44:5c:ba:3f:bc:38:60:
8d:af:12:7a:d3:8c:f6:b6:18:b2:e1:b6:5e:b6:23:22:af:d2:
41:c1:16:1c:83:eb:d5:a3:c4:12:78:a9:98:86:ec:c7:9f:13:
6a:67:a9:91:d9:55:f1:53:2c:5b:41:0e:4b:e4:e3:3a:ea:53:
7e:bc:a8:0d:fe:ec:fe:36:c2:09:58:0c:fd:1e:8d:1a:5b:60:
75:d0:e0:53:68:52:09:7c:73:27:88:3c:d4:6b:37:2d:c1:4d:
84:ff:86:c1:e1:af:bb:79:a3:47:73:62:51:00:e4:95:68:9e:
6d:b6:f1:72:14:8a:42:ec:57:bd:05:72:57:3c:b1:21:ea:b5:
9f:cd:1f:99:0f:83:8f:61:3a:65:f7:22:4d:79:ee:d3:1e:9f:
98:02:30:d8:a6:c1:37:74:9f:d3:60:d7:34:e6:46:0b:0a:73:
91:37:31:65:c7:a0:2b:ab:35:b9:9a:a1:4e:aa:55:4a:75:0d:
bf:f9:33:47
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICPEswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDgy
MzIyMzVaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDc0MjIyQ0M5MzJEQUI2
NTU3NzBERTg4MjE5RUI4QjA5OTI0QTAyMEQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDYLFz9ugfKlUcyzObRxpJ1vo7wHFVPwCoWo+0IYYbPGqf4QF4V
UGUewoCtUR9NaMJmNUgEqAKZys11nncg0XndHal1k2SIiUnOYtH6kG7seRMO853c
Ad6oGlHD95dh7Z+X88mEHvfdpPn02q4sNfFWU0tQc8/bckJOPQlB94vL3bAbq80r
t9f8YEdKdonRCncS65bwqAk0g1+RHr7DaW+Imd4pOEy/u4KIW6zn2QOD2vUlzJfN
aUmpES4zSB2DTMrsj06x6Szp2gNBw/kPLaBVKVn+xseox/6k9CmjFtVpy5wXspKB
x78pNuOwcBU1+vKp0tj/URgh/cFK67+VEn2HAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUdCIsyTLatlV3DeiCGeuLCZJKAg0wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2RDSXN5VExhdGxWM0Rl
aUNHZXVMQ1pKS0FnMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAIJ0e8hW3u1J53N2DxvQpDvuoQpWlyZG
VE1WIHhaxmJ28kAL64TEVhm+HQMUHSNjt1UN0W4EwzwhWC/RdcH9v7pgRFy6P7w4
YI2vEnrTjPa2GLLhtl62IyKv0kHBFhyD69WjxBJ4qZiG7MefE2pnqZHZVfFTLFtB
Dkvk4zrqU368qA3+7P42wglYDP0ejRpbYHXQ4FNoUgl8cyeIPNRrNy3BTYT/hsHh
r7t5o0dzYlEA5JVonm228XIUikLsV70Fclc8sSHqtZ/NH5kPg49hOmX3Ik157tMe
n5gCMNimwTd0n9Ng1zTmRgsKc5E3MWXHoCurNbmaoU6qVUp1Db/5M0c=
-----END CERTIFICATE-----
Generated at Sat May 17 19:50:11 2025 by rpki-client