Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/fubeAouMh8UBtFg7thbK7Wa5V0U.roa
File: fubeAouMh8UBtFg7thbK7Wa5V0U.roa (raw, json)
Hash identifier: mpHEbyRBjQukAQKNh+IF7NWNWAE1oMuBaHSpn8ebhU8=
Subject key identifier: 7E:E6:DE:02:8B:8C:87:C5:01:B4:58:3B:B6:16:CA:ED:66:B9:57:45
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 5243
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/fubeAouMh8UBtFg7thbK7Wa5V0U.roa
Signing time: Wed 08 May 2024 06:24:20 +0000
ROA not before: Wed 08 May 2024 06:24:20 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21059 (0x5243)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 8 06:24:20 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=7EE6DE028B8C87C501B4583BB616CAED66B95745
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:e0:2f:59:0f:75:4a:c8:55:39:ef:3f:c7:c3:
e6:23:09:8a:64:f0:9a:e9:70:32:1b:00:09:9f:ae:
d8:3a:73:26:b0:33:57:90:82:c4:97:a0:ba:d2:95:
eb:92:ff:bc:08:7a:df:e3:e9:1b:f6:d2:7a:18:44:
f9:cc:90:f6:00:d9:ca:a3:3a:41:86:74:e6:be:63:
78:ad:bf:e9:0a:fd:cb:6a:e9:cb:2b:0b:00:90:bb:
aa:7c:28:a2:54:26:63:21:23:e9:78:bb:7b:6e:92:
5c:49:f7:66:9b:ad:7a:a8:16:30:6d:c1:47:26:ad:
cb:b9:3a:f8:61:64:56:3d:b0:68:3c:72:c1:f6:05:
c3:7f:54:74:53:5a:5b:dc:b2:40:0f:bb:9b:ed:6b:
aa:8f:3b:9c:10:8d:4a:1e:32:05:91:98:46:14:dc:
28:1b:62:ee:17:f6:2d:d7:c4:34:e3:a5:b9:3c:11:
92:9f:f5:2d:3c:6a:d6:89:19:c4:d4:29:fe:0f:e1:
9f:e5:be:22:c8:c1:ef:5b:32:d5:44:40:39:50:20:
40:50:21:c0:05:ce:54:aa:f9:75:0f:66:f8:81:e1:
cf:19:9d:8a:a6:7f:ba:7b:53:80:29:47:3f:9f:c8:
52:63:da:13:1f:c0:1d:ab:b2:68:d5:b5:f5:88:20:
02:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:E6:DE:02:8B:8C:87:C5:01:B4:58:3B:B6:16:CA:ED:66:B9:57:45
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/fubeAouMh8UBtFg7thbK7Wa5V0U.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
54:16:ee:a4:83:03:40:5e:cc:f9:27:92:98:26:e6:0b:ed:51:
44:cb:8d:4f:d9:73:3e:0b:48:d9:73:89:4c:72:c5:a3:05:c6:
78:be:a1:8f:d1:06:3d:96:94:9d:91:c8:03:80:a3:cd:60:3c:
d2:24:58:ac:29:c8:04:2a:b5:e9:b2:87:3e:3e:9e:81:0d:ba:
95:19:ed:ba:d4:6a:a2:5b:01:03:3f:14:f3:b7:03:48:20:06:
8e:ee:bc:5f:c2:2e:45:55:4d:a8:97:a2:5c:8d:3c:36:98:61:
48:4e:0a:12:71:cc:c6:f5:5d:77:fd:10:c6:85:de:ed:ff:41:
b6:e1:92:48:ce:e2:32:e3:31:eb:cb:59:a3:66:93:69:7a:88:
ec:df:15:09:6d:a1:10:f5:9a:7c:d1:7e:f3:91:70:fc:3c:ab:
08:80:05:9d:e8:45:55:4f:cf:52:e2:2f:49:e0:d0:fe:50:3d:
db:03:e8:89:95:46:75:fc:47:ed:1a:e8:05:af:0e:b8:5d:56:
48:60:97:b3:ac:94:17:98:e8:1c:42:91:a1:b8:1c:76:63:86:
05:7f:07:cf:7c:04:68:a3:f5:a7:96:31:f1:e3:8f:cb:cb:38:
db:9c:74:e6:1f:77:54:a1:cc:72:8e:05:0d:02:97:32:39:72:
85:3c:22:47
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICUkMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDgw
NjI0MjBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDdFRTZERTAyOEI4Qzg3
QzUwMUI0NTgzQkI2MTZDQUVENjZCOTU3NDUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDY4C9ZD3VKyFU57z/Hw+YjCYpk8JrpcDIbAAmfrtg6cyawM1eQ
gsSXoLrSleuS/7wIet/j6Rv20noYRPnMkPYA2cqjOkGGdOa+Y3itv+kK/ctq6csr
CwCQu6p8KKJUJmMhI+l4u3tuklxJ92abrXqoFjBtwUcmrcu5OvhhZFY9sGg8csH2
BcN/VHRTWlvcskAPu5vta6qPO5wQjUoeMgWRmEYU3CgbYu4X9i3XxDTjpbk8EZKf
9S08ataJGcTUKf4P4Z/lviLIwe9bMtVEQDlQIEBQIcAFzlSq+XUPZviB4c8ZnYqm
f7p7U4ApRz+fyFJj2hMfwB2rsmjVtfWIIAIxAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUfubeAouMh8UBtFg7thbK7Wa5V0UwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2Z1YmVBb3VNaDhVQnRG
Zzd0aGJLN1dhNVYwVS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAFQW7qSDA0BezPknkpgm5gvtUUTLjU/Z
cz4LSNlziUxyxaMFxni+oY/RBj2WlJ2RyAOAo81gPNIkWKwpyAQqtemyhz4+noEN
upUZ7brUaqJbAQM/FPO3A0ggBo7uvF/CLkVVTaiXolyNPDaYYUhOChJxzMb1XXf9
EMaF3u3/QbbhkkjO4jLjMevLWaNmk2l6iOzfFQltoRD1mnzRfvORcPw8qwiABZ3o
RVVPz1LiL0ng0P5QPdsD6ImVRnX8R+0a6AWvDrhdVkhgl7OslBeY6BxCkaG4HHZj
hgV/B898BGij9aeWMfHjj8vLONucdOYfd1ShzHKOBQ0ClzI5coU8Ikc=
-----END CERTIFICATE-----
Generated at Sat May 17 21:28:08 2025 by rpki-client