Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/dKyL7olal8ZkrdsfdOLzwUdpoGs.roa
File: dKyL7olal8ZkrdsfdOLzwUdpoGs.roa (raw, json)
Hash identifier: qgOTg57XSK+F/ookosX9t6zt2NWJVQiqMw+IqgRhFn8=
Subject key identifier: 74:AC:8B:EE:89:5A:97:C6:64:AD:DB:1F:74:E2:F3:C1:47:69:A0:6B
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3DF3
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/dKyL7olal8ZkrdsfdOLzwUdpoGs.roa
Signing time: Thu 11 Apr 2024 04:22:46 +0000
ROA not before: Thu 11 Apr 2024 04:22:46 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15859 (0x3df3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 11 04:22:46 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=74AC8BEE895A97C664ADDB1F74E2F3C14769A06B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:75:1d:ff:2f:d5:3f:cb:a9:10:ad:dc:2d:04:
84:57:e5:25:4e:c4:8c:03:25:53:93:ba:b0:43:7a:
84:91:48:49:c4:60:25:80:63:a1:21:a5:7d:25:36:
61:b8:a0:c7:96:1b:62:4c:e0:e7:65:45:32:ad:21:
7c:c0:b3:90:19:b8:f3:97:a6:78:11:cb:a9:4a:97:
c9:ed:0b:0d:47:26:ac:23:cb:f5:5a:33:b0:1c:5f:
1e:d7:c2:5d:a4:57:7d:da:f3:56:41:4a:a9:bb:43:
80:a3:66:f5:93:87:fc:36:b1:30:99:ff:83:9a:4e:
5b:81:d3:cb:d3:ab:fb:10:cd:99:22:59:a0:c3:85:
1c:c9:3d:4d:05:cc:f9:d4:30:ba:d9:aa:07:8b:c6:
87:ef:cd:c9:7e:6a:1b:94:b6:b0:c1:65:05:8f:26:
03:80:1f:fc:ef:61:0c:36:2c:fb:5b:f0:ac:ce:11:
33:79:be:b3:16:e8:31:e6:24:1b:9d:12:fd:1a:14:
6a:b6:95:03:14:a3:b3:da:2a:6f:e2:4c:59:c0:5f:
57:b8:85:a8:30:b1:b7:ae:24:99:d2:68:83:d4:38:
b7:c5:6b:3c:18:4b:14:80:f6:19:3f:65:a7:28:a2:
d7:7f:46:03:f5:a0:e7:0e:80:34:e9:96:8d:fb:b1:
75:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:AC:8B:EE:89:5A:97:C6:64:AD:DB:1F:74:E2:F3:C1:47:69:A0:6B
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/dKyL7olal8ZkrdsfdOLzwUdpoGs.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
85:3b:c9:34:c5:e2:5a:b2:9d:17:49:df:a7:16:0b:b4:12:23:
a9:c8:b6:e5:98:30:6e:2b:8c:d8:79:c9:c8:5d:12:92:e5:2e:
75:94:49:22:b8:21:ca:78:ea:7e:0f:21:32:04:e6:b9:6e:61:
43:80:e3:0f:1b:53:7d:7b:44:f8:db:fd:69:ab:97:ac:39:91:
d0:a2:52:a3:07:e3:9e:01:ae:77:bf:39:90:55:42:dd:c6:7c:
53:73:88:b9:b2:c3:fe:3e:b8:87:8d:a5:18:e3:00:c4:2a:a5:
5b:88:ed:39:69:77:29:ae:94:0c:fd:94:1c:5a:ce:0c:26:a2:
b1:0e:5b:5f:45:58:28:9f:f7:49:9c:b9:0d:b5:be:be:31:cc:
84:22:e6:4c:4f:98:9f:cf:90:92:48:15:17:68:b1:16:58:73:
97:df:ac:c8:9e:de:43:11:46:3a:ec:07:1e:83:25:83:8e:73:
47:8a:87:6a:b0:65:94:73:fd:5d:1c:24:31:da:dd:fd:a0:30:
14:d7:2c:8b:27:30:f4:c7:23:51:96:5a:3e:7b:b7:31:a9:45:
96:42:2e:ba:b3:71:9f:2a:42:15:1a:bb:89:fd:18:80:d0:6f:
a2:4d:96:4e:2b:3a:d5:c8:c5:52:59:97:59:de:b6:0d:20:be:
33:03:bd:9f
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICPfMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTEw
NDIyNDZaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDc0QUM4QkVFODk1QTk3
QzY2NEFEREIxRjc0RTJGM0MxNDc2OUEwNkIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCgdR3/L9U/y6kQrdwtBIRX5SVOxIwDJVOTurBDeoSRSEnEYCWA
Y6EhpX0lNmG4oMeWG2JM4OdlRTKtIXzAs5AZuPOXpngRy6lKl8ntCw1HJqwjy/Va
M7AcXx7Xwl2kV33a81ZBSqm7Q4CjZvWTh/w2sTCZ/4OaTluB08vTq/sQzZkiWaDD
hRzJPU0FzPnUMLrZqgeLxofvzcl+ahuUtrDBZQWPJgOAH/zvYQw2LPtb8KzOETN5
vrMW6DHmJBudEv0aFGq2lQMUo7PaKm/iTFnAX1e4hagwsbeuJJnSaIPUOLfFazwY
SxSA9hk/Zacootd/RgP1oOcOgDTplo37sXUtAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUdKyL7olal8ZkrdsfdOLzwUdpoGswHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2RLeUw3b2xhbDhaa3Jk
c2ZkT0x6d1VkcG9Hcy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAIU7yTTF4lqynRdJ36cWC7QSI6nItuWY
MG4rjNh5ychdEpLlLnWUSSK4Icp46n4PITIE5rluYUOA4w8bU317RPjb/Wmrl6w5
kdCiUqMH454Brne/OZBVQt3GfFNziLmyw/4+uIeNpRjjAMQqpVuI7TlpdymulAz9
lBxazgwmorEOW19FWCif90mcuQ21vr4xzIQi5kxPmJ/PkJJIFRdosRZYc5ffrMie
3kMRRjrsBx6DJYOOc0eKh2qwZZRz/V0cJDHa3f2gMBTXLIsnMPTHI1GWWj57tzGp
RZZCLrqzcZ8qQhUau4n9GIDQb6JNlk4rOtXIxVJZl1netg0gvjMDvZ8=
-----END CERTIFICATE-----
Generated at Sat May 17 20:58:24 2025 by rpki-client