Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/eXyfkNHOESKtsWR3Wzg9YBVKKRU.roa
File: eXyfkNHOESKtsWR3Wzg9YBVKKRU.roa (raw, json)
Hash identifier: SS/yuToye/7dNfZ24LozJnGp0kO/gRjN/XBOFipdDzU=
Subject key identifier: 79:7C:9F:90:D1:CE:11:22:AD:B1:64:77:5B:38:3D:60:15:4A:29:15
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4AEB
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/eXyfkNHOESKtsWR3Wzg9YBVKKRU.roa
Signing time: Sun 28 Apr 2024 11:23:30 +0000
ROA not before: Sun 28 Apr 2024 11:23:30 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 19179 (0x4aeb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 28 11:23:30 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=797C9F90D1CE1122ADB164775B383D60154A2915
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:80:31:69:51:41:8d:05:65:ff:eb:ff:5b:fd:
19:00:17:1a:52:5a:bd:b5:44:65:53:a5:8a:79:81:
aa:3c:62:cc:26:ce:a9:27:56:f4:80:f2:8f:bf:0f:
6e:03:46:da:5d:c2:de:9a:8f:b0:04:4f:ba:30:66:
3a:51:dd:aa:e2:bd:e6:1f:3d:04:fc:42:41:cd:4d:
2e:42:ff:d7:0f:2e:85:79:43:46:56:8e:04:84:fa:
d7:b8:ad:e4:e2:4e:88:36:2c:e7:b6:4b:c9:56:7d:
13:f4:ba:45:91:87:81:cf:c1:d6:ce:79:69:ae:ef:
ae:42:6f:37:a3:40:30:22:8a:d5:66:96:9d:ab:bf:
02:7e:b2:ac:0a:17:bc:15:27:36:9c:8d:4d:8c:09:
88:7c:69:31:43:f4:ec:19:64:fe:88:b5:6a:ac:21:
3f:94:bd:b3:00:05:f7:50:50:8c:45:c2:35:ad:6f:
f6:70:c7:5d:2a:e8:6f:d7:46:2e:16:8a:4c:d1:4d:
7a:9d:85:a9:38:24:b5:7a:79:8e:a8:cc:e1:9e:17:
c4:f8:66:04:b2:da:a1:ac:d8:c1:1c:0c:7f:13:16:
ce:2b:a9:b7:d6:4d:b7:a8:76:18:77:0b:c2:23:36:
3d:d9:9a:0f:fa:36:58:54:53:98:72:d9:38:aa:ff:
2a:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:7C:9F:90:D1:CE:11:22:AD:B1:64:77:5B:38:3D:60:15:4A:29:15
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/eXyfkNHOESKtsWR3Wzg9YBVKKRU.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
22:47:9c:75:78:94:d3:3e:3c:18:f5:71:43:de:2a:10:a8:7c:
db:9e:15:1c:91:f9:f3:bb:82:e9:f2:69:c0:77:ac:53:a8:f6:
e9:8e:f7:d8:b4:10:e9:a6:86:df:c7:29:c3:e0:ff:93:5d:fa:
21:7d:68:cc:c6:a8:56:95:26:68:ae:db:b6:cd:18:3a:f3:23:
92:f3:ae:4d:bd:e4:1d:c9:74:8e:30:72:bb:0c:e9:f0:e6:a4:
76:7a:36:b2:f7:5a:76:8d:f0:8d:e9:58:aa:2c:0a:f6:ad:0a:
5c:47:93:fa:fd:c6:6b:fe:5d:af:08:a8:95:ae:c8:cb:05:71:
6c:d8:f0:20:e2:4f:37:9b:74:af:ad:a4:47:14:1a:b1:9a:e4:
e7:97:c1:7b:73:63:31:c8:2c:7a:d4:a4:7d:54:bb:ef:f7:90:
c3:32:da:76:25:86:3b:63:4c:86:0e:04:65:61:ca:3b:04:90:
7b:db:71:0d:a5:73:e7:cb:43:df:a1:14:24:a0:e2:35:8d:10:
fa:79:11:fa:e9:f2:83:57:49:68:b1:5a:d1:59:27:81:49:ef:
39:38:3e:37:1e:18:b4:74:b0:c3:f7:24:00:54:0c:a1:03:5b:
c0:3b:d5:e8:43:ed:dd:7a:71:c2:84:88:be:e8:af:7b:d8:c9:
1c:3e:33:c6
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICSuswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0Mjgx
MTIzMzBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDc5N0M5RjkwRDFDRTEx
MjJBREIxNjQ3NzVCMzgzRDYwMTU0QTI5MTUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDmgDFpUUGNBWX/6/9b/RkAFxpSWr21RGVTpYp5gao8Yswmzqkn
VvSA8o+/D24DRtpdwt6aj7AET7owZjpR3ariveYfPQT8QkHNTS5C/9cPLoV5Q0ZW
jgSE+te4reTiTog2LOe2S8lWfRP0ukWRh4HPwdbOeWmu765CbzejQDAiitVmlp2r
vwJ+sqwKF7wVJzacjU2MCYh8aTFD9OwZZP6ItWqsIT+UvbMABfdQUIxFwjWtb/Zw
x10q6G/XRi4WikzRTXqdhak4JLV6eY6ozOGeF8T4ZgSy2qGs2MEcDH8TFs4rqbfW
Tbeodhh3C8IjNj3Zmg/6NlhUU5hy2Tiq/yqXAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUeXyfkNHOESKtsWR3Wzg9YBVKKRUwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2VYeWZrTkhPRVNLdHNX
UjNXemc5WUJWS0tSVS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBACJHnHV4lNM+PBj1cUPeKhCofNueFRyR
+fO7gunyacB3rFOo9umO99i0EOmmht/HKcPg/5Nd+iF9aMzGqFaVJmiu27bNGDrz
I5Lzrk295B3JdI4wcrsM6fDmpHZ6NrL3WnaN8I3pWKosCvatClxHk/r9xmv+Xa8I
qJWuyMsFcWzY8CDiTzebdK+tpEcUGrGa5OeXwXtzYzHILHrUpH1Uu+/3kMMy2nYl
hjtjTIYOBGVhyjsEkHvbcQ2lc+fLQ9+hFCSg4jWNEPp5Efrp8oNXSWixWtFZJ4FJ
7zk4PjceGLR0sMP3JABUDKEDW8A71ehD7d16ccKEiL7or3vYyRw+M8Y=
-----END CERTIFICATE-----
Generated at Sat May 17 21:28:12 2025 by rpki-client