Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/eCCNXXesrTlUHsthCT8FJN11ylI.roa
File: eCCNXXesrTlUHsthCT8FJN11ylI.roa (raw, json)
Hash identifier: itWxpE6fBdHHnfHMWoffESIutnjL9jwgbKsCqlafgOY=
Subject key identifier: 78:20:8D:5D:77:AC:AD:39:54:1E:CB:61:09:3F:05:24:DD:75:CA:52
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4CEF
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/eCCNXXesrTlUHsthCT8FJN11ylI.roa
Signing time: Wed 01 May 2024 03:53:36 +0000
ROA not before: Wed 01 May 2024 03:53:36 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 19695 (0x4cef)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 1 03:53:36 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=78208D5D77ACAD39541ECB61093F0524DD75CA52
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:13:33:a1:fd:7c:2d:f2:52:38:f9:89:16:d1:
a2:e8:8c:d7:39:62:2b:1f:97:78:e9:06:27:e2:8b:
c2:67:8c:99:12:ac:bc:a1:23:8f:8e:03:b0:a9:fd:
96:f0:08:51:65:5b:12:d3:0c:8e:ba:9c:85:7d:4b:
e5:95:63:7b:14:1c:2c:65:1a:78:19:89:29:5e:2c:
00:b9:32:da:7e:2e:b3:68:64:5e:f4:47:33:3f:44:
fa:62:53:b6:6a:a2:89:86:34:66:e2:1f:c3:16:59:
a0:0b:72:85:c7:6f:05:53:51:3a:9c:76:94:5e:c4:
ba:b4:42:1d:a2:b6:4e:e4:09:1b:b3:cd:d6:0f:26:
82:87:d2:35:28:0d:f3:9d:b7:82:52:b2:4e:3b:98:
09:5c:80:c1:af:10:7f:c7:c7:48:7e:e9:dd:e5:bf:
ba:a4:b0:79:66:89:9c:23:4c:3b:23:f3:f3:1c:1a:
55:63:33:3b:99:91:8d:32:f6:65:bf:8b:d0:94:d9:
64:15:d6:e2:54:1c:9e:dd:2d:d3:f5:7b:5a:27:1c:
88:a2:13:26:ff:c1:9e:46:65:06:af:eb:1d:8a:90:
08:79:8e:e7:18:2a:81:94:83:60:5c:f8:58:88:8f:
19:8e:e9:44:a2:88:7d:dc:a4:6c:0b:30:da:96:c2:
82:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:20:8D:5D:77:AC:AD:39:54:1E:CB:61:09:3F:05:24:DD:75:CA:52
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/eCCNXXesrTlUHsthCT8FJN11ylI.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
5c:2b:f2:fb:c9:4a:b2:41:77:b2:d2:29:36:e3:71:14:0d:24:
62:b6:c0:7b:b8:85:a8:94:f6:a4:64:6b:a0:b1:c0:32:ad:a4:
82:14:ec:32:2e:0a:c1:19:5a:bc:c9:d1:0e:a3:61:dd:a6:a3:
85:d4:39:ad:12:f8:dc:a3:52:ca:d9:d4:19:dd:e0:96:b8:42:
8c:64:d7:f6:ba:95:3f:a0:11:1b:1e:18:45:7e:42:69:86:c8:
65:4e:3f:dd:f8:1c:f1:18:dc:b5:4b:14:38:40:d9:40:c1:77:
a8:f1:81:a3:43:33:4e:d3:48:c9:88:7e:d6:d7:43:6b:65:a2:
2e:29:7c:7f:4a:8b:bb:bc:f8:c4:27:40:2b:36:86:17:e7:dd:
8e:b7:d8:9f:c4:7b:b6:01:76:1f:3e:4c:4c:64:95:97:03:d0:
3b:fa:b6:7a:46:18:bf:b6:d4:ec:5a:93:5e:5e:10:20:a3:2b:
5e:37:a8:c8:20:28:49:7a:84:ca:45:7e:de:21:ae:1a:21:69:
d7:16:dd:e9:7b:a5:64:4c:9c:04:1f:43:f7:47:b2:01:17:7e:
48:02:4f:b5:1c:b6:a9:96:8a:85:5e:86:42:b0:9a:f6:10:43:
d2:6e:e6:3e:2c:7b:39:77:9f:8a:89:de:1d:47:4c:52:e7:2b:
54:9b:19:81
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICTO8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDEw
MzUzMzZaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDc4MjA4RDVENzdBQ0FE
Mzk1NDFFQ0I2MTA5M0YwNTI0REQ3NUNBNTIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC8EzOh/Xwt8lI4+YkW0aLojNc5Yisfl3jpBifii8JnjJkSrLyh
I4+OA7Cp/ZbwCFFlWxLTDI66nIV9S+WVY3sUHCxlGngZiSleLAC5Mtp+LrNoZF70
RzM/RPpiU7ZqoomGNGbiH8MWWaALcoXHbwVTUTqcdpRexLq0Qh2itk7kCRuzzdYP
JoKH0jUoDfOdt4JSsk47mAlcgMGvEH/Hx0h+6d3lv7qksHlmiZwjTDsj8/McGlVj
MzuZkY0y9mW/i9CU2WQV1uJUHJ7dLdP1e1onHIiiEyb/wZ5GZQav6x2KkAh5jucY
KoGUg2Bc+FiIjxmO6USiiH3cpGwLMNqWwoLlAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUeCCNXXesrTlUHsthCT8FJN11ylIwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2VDQ05YWGVzclRsVUhz
dGhDVDhGSk4xMXlsSS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAFwr8vvJSrJBd7LSKTbjcRQNJGK2wHu4
haiU9qRka6CxwDKtpIIU7DIuCsEZWrzJ0Q6jYd2mo4XUOa0S+NyjUsrZ1Bnd4Ja4
Qoxk1/a6lT+gERseGEV+QmmGyGVOP934HPEY3LVLFDhA2UDBd6jxgaNDM07TSMmI
ftbXQ2tloi4pfH9Ki7u8+MQnQCs2hhfn3Y632J/Ee7YBdh8+TExklZcD0Dv6tnpG
GL+21Oxak15eECCjK143qMggKEl6hMpFft4hrhohadcW3el7pWRMnAQfQ/dHsgEX
fkgCT7UctqmWioVehkKwmvYQQ9Ju5j4sezl3n4qJ3h1HTFLnK1SbGYE=
-----END CERTIFICATE-----
Generated at Sun May 18 03:35:43 2025 by rpki-client